www.b-tu.xyz Open in urlscan Pro
2a06:6440:0:2d86::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://b-tu.xyz/
Effective URL:
https://www.b-tu.xyz/
Submission: On September 07 via api (September 7th 2019, 8:35:06 pm UTC) from DE

Summary HTTP 168 Redirects Links 87 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 18 domains to perform 168 HTTP transactions. The main IP is 2a06:6440:0:2d86::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is www.b-tu.xyz.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 5th 2019. Valid for: 3 months.

This is the only time www.b-tu.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26 75	2a06:6440:0:2... 2a06:6440:0:2d86::1	200000 (UKRAINE-AS) (UKRAINE-AS)
2	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	176.9.157.8 176.9.157.8	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	185.67.0.53 185.67.0.53	50673 (SERVERIUS-AS) (SERVERIUS-AS)
7	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	82.192.95.98 82.192.95.98	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2 5	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:2800:233... 2606:2800:233:553:dea:996:18f7:b71	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	91.198.36.16 91.198.36.16	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	213.227.149.183 213.227.149.183	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
66	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 3	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER - Twitter Inc.)
7	82.192.95.133 82.192.95.133	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
168	23

75 2a06:6440:0:2d86::1 (Ukraine) 26 redirects

ASN200000 (UKRAINE-AS, UA)

b-tu.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.b-tu.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.157.8 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.8.157.9.176.clients.your-server.de

cdn.sendpulse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cse.google.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.67.0.53 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: server33.anril.dp.ua

btu.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.192.95.98 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

cdn.braun634.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:553:dea:996:18f7:b71 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

www.wtatennis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: r.i.ua

r.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.227.149.183 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.braun634.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 82.192.95.133 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

n3.cdn.braun634.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	b-tu.xyz 26 redirects b-tu.xyz www.b-tu.xyz	3 MB
66	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com ton.twimg.com	3 MB
12	braun634.com cdn.braun634.com z.cdn.braun634.com n3.cdn.braun634.com	419 KB
10	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	109 KB
6	facebook.com www.facebook.com staticxx.facebook.com	417 B
6	facebook.net connect.facebook.net	261 KB
5	google-analytics.com 2 redirects www.google-analytics.com	18 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	285 B
3	google.com 1 redirects www.google.com adservice.google.com	1 KB
2	google.de adservice.google.de www.google.de	585 B
2	google.com.ua 1 redirects www.google.com.ua cse.google.com.ua	2 KB
2	googlesyndication.com pagead2.googlesyndication.com	117 KB
2	googletagmanager.com www.googletagmanager.com	52 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	i.ua r.i.ua	985 B
1	wtatennis.com www.wtatennis.com	56 KB
1	btu.org.ua btu.org.ua	16 KB
1	sendpulse.com cdn.sendpulse.com	15 KB
168	18

	Domain	Requested by
50	www.b-tu.xyz	1 redirects www.b-tu.xyz
48	pbs.twimg.com	www.b-tu.xyz platform.twitter.com
25	b-tu.xyz	25 redirects
15	abs.twimg.com	www.b-tu.xyz platform.twitter.com
7	n3.cdn.braun634.com	www.b-tu.xyz z.cdn.braun634.com
7	platform.twitter.com	www.b-tu.xyz platform.twitter.com
6	connect.facebook.net	www.b-tu.xyz connect.facebook.net
5	www.google-analytics.com	2 redirects www.googletagmanager.com www.b-tu.xyz
5	www.facebook.com	www.b-tu.xyz connect.facebook.net
4	z.cdn.braun634.com	cdn.braun634.com www.b-tu.xyz
3	syndication.twitter.com	1 redirects www.b-tu.xyz
2	ton.twimg.com	platform.twitter.com
2	stats.g.doubleclick.net	1 redirects www.b-tu.xyz
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google.com	1 redirects www.b-tu.xyz
2	pagead2.googlesyndication.com	www.b-tu.xyz pagead2.googlesyndication.com
2	www.googletagmanager.com	www.b-tu.xyz
1	staticxx.facebook.com	connect.facebook.net
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	www.google.de	www.b-tu.xyz
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	r.i.ua	www.b-tu.xyz
1	www.wtatennis.com	www.b-tu.xyz
1	cdn.braun634.com	www.b-tu.xyz
1	btu.org.ua	www.b-tu.xyz
1	cse.google.com.ua	www.b-tu.xyz
1	www.google.com.ua	1 redirects
1	cdn.sendpulse.com	www.b-tu.xyz
168	30

This site contains links to these domains. Also see Links.

Domain
www.b-tu.xyzindex.php
www.facebook.com
accounts.google.com
t.me
invite.viber.com
instagram.com
twitter.com
vk.com
btu.org.ua
b-tu.xyz
refpasrasw.world
www.atpworldtour.com
www.wtatennis.com
privatbank.ua
z.cdn.braun634.com
www.livescore.in
anril.dp.ua
www.i.ua

Subject Issuer	Validity	Valid
www.b-tu.xyz Let's Encrypt Authority X3	`2019-09-05` - `2019-12-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
cdn.sendpulse.com Let's Encrypt Authority X3	`2019-09-02` - `2019-12-01`	3 months	crt.sh
*.google.com.ua GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
btu.org.ua Let's Encrypt Authority X3	`2019-07-03` - `2019-10-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
braun634.com Let's Encrypt Authority X3	`2019-08-20` - `2019-11-18`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
www.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
snic852gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-09-08` - `2020-09-11`	2 years	crt.sh
i.ua Let's Encrypt Authority X3	`2019-07-26` - `2019-10-24`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.b-tu.xyz/
Frame ID: CB8A6DC7C1A250829836E87E1C1C6AF2
Requests: 90 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Ftennis.ua&width=300&height=235&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true
Frame ID: C2CE3C38CD29DE01D9FDFB258BD0D981
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190903/r20190131/zrt_lookup.html
Frame ID: AAA8132D0A46FDA141739C5A35870315
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.097c1f5038f9e8a0d62a39a892838d66.html?origin=https%3A%2F%2Fwww.b-tu.xyz
Frame ID: AFD6C7FA168E89AD0849A34F913F684C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7576974274272433&output=html&adk=1812271804&adf=3025194257&lmt=1567888490&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.b-tu.xyz%2F&ea=0&flash=0&pra=5&wgl=1&dt=1567888489887&bpp=6&bdt=250&fdt=194&idt=195&shv=r20190903&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8549674651082&frm=20&pv=2&ga_vid=271514826.1567888490&ga_sid=1567888490&ga_hid=632031650&ga_fc=0&iag=0&icsg=68493118719&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21064534%2C21061795&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=1715350203&ifi=0&uci=a!0&fsb=1&dtd=217
Frame ID: 1907068E204F61E63BE68478AD346781
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: C799807BC4668E5E19B40D2EE35E5A63
Requests: 1 HTTP requests in this frame

Frame: https://n3.cdn.braun634.com/uploads/media/3/4/15943/v2/100x90_TotalAfconChallenge_EN_index.html?clickTag=https://z.cdn.braun634.com/go?z=1431435426&m=1149604737&c=1271236793&p0=1433570700&p1=1862672427&p2=1379430099&u=8e592bbc74efbe2b&t=1567888490&n=364711104337100471&h=1901004461
Frame ID: CB8363D798D1690B6EFCEDF7EE92A654
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: A6A811728FDE4764B3F5B07CAE96EDC4
Requests: 6 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f3d6.png
Frame ID: 8AD3347EF3AFE0620339298879821D68
Requests: 71 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8823E1ACCDE155D525653CF9EC8A2E3B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7279EF99EAA92D302D2190BE77CB12E5
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 9FAAAF0B13228A96F97D501BED3AF853
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://b-tu.xyz/ HTTP 301
http://www.b-tu.xyz/ HTTP 301
https://www.b-tu.xyz/ Page URL

Detected technologies

DataLife Engine (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /DataLife Engine/i

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

script /\/tiny_?mce(?:\.min)?\.js/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /DataLife Engine/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

meta generator /DataLife Engine/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

168
Requests

100 %
HTTPS

70 %
IPv6

18
Domains

30
Subdomains

23
IPs

6
Countries

7032 kB
Transfer

9079 kB
Size

12
Cookies

87 Outgoing links

These are links going to different origins than the main page.

URL: https://www.b-tu.xyzindex.php/?do=register
Title: Регистрация

Search URL Search Domain Scan URL

URL: https://www.b-tu.xyzindex.php/?do=lostpassword
Title: Восстановить пароль

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/oauth?client_id=887727868043013&redirect_uri=https%3A%2F%2Fwww.b-tu.xyz%2Findex.php%3Fdo%3Dauth-social%26provider%3Dfc&scope=public_profile%2Cemail&display=popup&state=bf131a4c723f2c73c64a87bb371a97a1&response_type=code

Search URL Search Domain Scan URL

URL: https://accounts.google.com/o/oauth2/auth?client_id=609508577613-s0l7mqi0m7vfpq5arnuurffog4gvrlah.apps.googleusercontent.com&redirect_uri=https%3A%2F%2Fwww.b-tu.xyz%2Findex.php%3Fdo%3Dauth-social%26provider%3Dgoogle&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&state=bf131a4c723f2c73c64a87bb371a97a1&response_type=code

Search URL Search Domain Scan URL

URL: https://t.me/TennisUa

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQBud5WKoR2Xv0igUw0U2rGjj%2FGbSR7r6zEhA05vQl5saRWvRcMmBflALq%2BNluw%2F

Search URL Search Domain Scan URL

URL: https://instagram.com/tennis_ukraine

Search URL Search Domain Scan URL

URL: https://twitter.com/UkrainianTennis

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tennis.ua

Search URL Search Domain Scan URL

URL: https://vk.com/tennis_ua

Search URL Search Domain Scan URL

URL: https://btu.org.ua/

Search URL Search Domain Scan URL

URL: https://b-tu.xyz/tour/wta/

Search URL Search Domain Scan URL

URL: https://b-tu.xyz/tour/atp/

Search URL Search Domain Scan URL

URL: https://refpasrasw.world/L?tag=d_293701m_16121c_&site=293701&ad=16121&r=line/Tennis/78875-US-Open/
Title:

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/sergiy-stakhovsky/sc77/overview
Title: Sergiy Stakhovsky

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/illya-marchenko/me89/overview
Title: Illya Marchenko

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/vladyslav-orlov/o659/overview
Title: Vladyslav Orlov

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/danylo-kalenichenko/ke05/overview
Title: Danylo Kalenichenko

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/vladyslav-manafov/mm54/overview
Title: Vladyslav Manafov

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/nikita-mashtakov/mw62/overview
Title: Nikita Mashtakov

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/artem-smirnov/sh77/overview
Title: Artem Smirnov

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/eric-vanshelboim/v0d4/overview
Title: Eric Vanshelboim

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/oleg-prihodko/pl64/overview
Title: Oleg Prihodko

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/oleksii-krutykh/k0dp/overview
Title: Oleksii Krutykh

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/denys-molchanov/mf71/overview
Title: Denys Molchanov

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/volodoymyr-uzhylovskyi/u107/overview
Title: Volodoymyr Uzhylovskyi

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/marat-deviatiarov/db64/overview
Title: Marat Deviatiarov

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/316738
Title: Elina Svitolina

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/324261
Title: Dayana Yastremska

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/315295
Title: Lesia Tsurenko

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/316739
Title: Kateryna Kozlova

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/324584
Title: Katarina Zavatska

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/320567
Title: Anhelina Kalinina

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/326482
Title: Marta Kostyuk

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/328592
Title: Daria Lopatetska

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/319133
Title: Valeriya Strakhova

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/320768
Title: Anastasiya Shoshyna

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/314701
Title: Lyudmyla Kichenok

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/314704
Title: Nadiia Kichenok

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/317711
Title: Ganna Poznikhirenko

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/novak-djokovic/d643/overview
Title: Novak Djokovic

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/rafael-nadal/n409/overview
Title: Rafael Nadal

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/roger-federer/f324/overview
Title: Roger Federer

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/dominic-thiem/tb69/overview
Title: Dominic Thiem

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/daniil-medvedev/mm58/overview
Title: Daniil Medvedev

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/alexander-zverev/z355/overview
Title: Alexander Zverev

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/kei-nishikori/n552/overview
Title: Kei Nishikori

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/stefanos-tsitsipas/te51/overview
Title: Stefanos Tsitsipas

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/karen-khachanov/ke29/overview
Title: Karen Khachanov

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/roberto-bautista-agut/bd06/overview
Title: Roberto Bautista Agut

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/juan-sebastian-cabal/c834/overview
Title: Juan Sebastian Cabal

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/robert-farah/f525/overview
Title: Robert Farah

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/mike-bryan/b589/overview
Title: Mike Bryan

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/lukasz-kubot/k540/overview
Title: Lukasz Kubot

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/marcelo-melo/m919/overview
Title: Marcelo Melo

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/nicolas-mahut/m873/overview
Title: Nicolas Mahut

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/horacio-zeballos/z184/overview
Title: Horacio Zeballos

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/raven-klaasen/k609/overview
Title: Raven Klaasen

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/michael-venus/v576/overview
Title: Michael Venus

Search URL Search Domain Scan URL

URL: http://www.atpworldtour.com/en/players/jack-sock/sm25/overview
Title: Jack Sock

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/319998
Title: Naomi Osaka

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/318033
Title: Ashleigh Barty

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/313974
Title: Karolina Pliskova

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/314320
Title: Simona Halep

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/314206
Title: Petra Kvitova

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/314584
Title: Kiki Bertens

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/230234
Title: Serena Williams

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/316959
Title: Madison Keys

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/315683
Title: Sloane Stephens

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/190879
Title: Barbora Strycova

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/315616
Title: Kristina Mladenovic

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/317070
Title: Timea Babos

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/320301
Title: Katerina Siniakova

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/310053
Title: Su-Wei Hsieh

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/318314
Title: Barbora Krejcikova

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/317964
Title: Elise Mertens

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/317462
Title: Demi Schuurs

Search URL Search Domain Scan URL

URL: http://www.wtatennis.com/player-profile/311779
Title: Shuai Zhang

Search URL Search Domain Scan URL

URL: https://privatbank.ua/ru/sendmoney?payment=9379b079679b49835c425aa9ceaeed6d60ac77ac
Title: Помочь

Search URL Search Domain Scan URL

URL: https://b-tu.xyz/tour/atp/15606-kalendar-turnirov-ukrainskih-tennisistov-atp-itf.html

Search URL Search Domain Scan URL

URL: https://b-tu.xyz/tour/wta/15595-kalendar-turnirov-ukrainskih-tennisistok-wta-itf.html

Search URL Search Domain Scan URL

URL: https://z.cdn.braun634.com/go?z=1879601170&m=1387593090&c=1271236793&p0=1255856004&p1=1862672427&p2=1379430099&u=8e592bbc74efbe2b&t=1567888490&n=6812590628841112837&h=3018889074

Search URL Search Domain Scan URL

URL: http://www.livescore.in/ru/

Search URL Search Domain Scan URL

URL: https://btu.org.ua/ispolzovanie-materialov-sayta.html
Title: Подробно

Search URL Search Domain Scan URL

URL: https://anril.dp.ua/%D0%BF%D1%80%D0%BE%D0%B4%D0%B2%D0%B8%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5-%D1%81%D0%B0%D0%B9%D1%82%D0%B0/
Title: Продвижение сайта

Search URL Search Domain Scan URL

URL: https://www.i.ua/
Title:

Search URL Search Domain Scan URL

URL: https://z.cdn.braun634.com/go?z=1431435426&m=1149604737&c=1271236793&p0=1433570700&p1=1862672427&p2=1379430099&u=8e592bbc74efbe2b&t=1567888490&n=364711104337100471&h=1901004461

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://b-tu.xyz/ HTTP 301
http://www.b-tu.xyz/ HTTP 301
https://www.b-tu.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.google.com.ua/coop/cse/brand?form=cse-search-box&lang=ru HTTP 302
https://cse.google.com.ua/coop/cse/brand?form=cse-search-box&lang=ru

Request Chain 13

https://b-tu.xyz/uploads/knopka_wta2.png HTTP 301
https://www.b-tu.xyz/uploads/knopka_wta2.png

Request Chain 14

https://b-tu.xyz/uploads/knopka_atp2.png HTTP 301
https://www.b-tu.xyz/uploads/knopka_atp2.png

Request Chain 15

https://b-tu.xyz/uploads/bet-banner1.jpg HTTP 301
https://www.b-tu.xyz/uploads/bet-banner1.jpg

Request Chain 16

https://b-tu.xyz/uploads/schedule_atp.png HTTP 301
https://www.b-tu.xyz/uploads/schedule_atp.png

Request Chain 17

https://b-tu.xyz/uploads/schedule_wta.png HTTP 301
https://www.b-tu.xyz/uploads/schedule_wta.png

Request Chain 18

https://b-tu.xyz/uploads/livescorelogo.jpg HTTP 301
https://www.b-tu.xyz/uploads/livescorelogo.jpg

Request Chain 19

https://b-tu.xyz/uploads/fotos/foto_582.jpg HTTP 301
https://www.b-tu.xyz/uploads/fotos/foto_582.jpg

Request Chain 22

https://b-tu.xyz/uploads/fotos/foto_26.jpg HTTP 301
https://www.b-tu.xyz/uploads/fotos/foto_26.jpg

Request Chain 23

https://b-tu.xyz/uploads/posts/2019-08/1566757520_1558.jpg HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-08/1566757520_1558.jpg

Request Chain 24

https://b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png

Request Chain 25

https://b-tu.xyz/uploads/posts/2019-08/1566634532_24-aug-650.png HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-08/1566634532_24-aug-650.png

Request Chain 26

https://b-tu.xyz/uploads/posts/2019-08/1566623836_tsurenko-uso.jpg HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-08/1566623836_tsurenko-uso.jpg

Request Chain 27

https://b-tu.xyz/uploads/posts/2019-08/1566623412_elina_svitolina_-_2019_us_open_-dsc_5347_xgaplus.jpg HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-08/1566623412_elina_svitolina_-_2019_us_open_-dsc_5347_xgaplus.jpg

Request Chain 47

https://b-tu.xyz/uploads/posts/2019-08/1566120941_collage-us-w.png HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-08/1566120941_collage-us-w.png

Request Chain 48

https://b-tu.xyz/uploads/posts/2019-07/1564226269_308866.jpg HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-07/1564226269_308866.jpg

Request Chain 49

https://b-tu.xyz/uploads/posts/2019-07/1563541685_6662.jpg HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-07/1563541685_6662.jpg

Request Chain 50

https://b-tu.xyz/uploads/posts/2019-07/medium/1563220784_bernard-tomic-190702-reacts-g-1050.jpg HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-07/medium/1563220784_bernard-tomic-190702-reacts-g-1050.jpg

Request Chain 51

https://b-tu.xyz/uploads/posts/2019-07/1563176223_1034.jpg HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-07/1563176223_1034.jpg

Request Chain 52

https://b-tu.xyz/uploads/posts/2019-07/medium/1563042467_snigur_wimbledon.jpg HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-07/medium/1563042467_snigur_wimbledon.jpg

Request Chain 54

https://b-tu.xyz/uploads/posts/2019-07/1562519669_2920.jpg HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-07/1562519669_2920.jpg

Request Chain 55

https://b-tu.xyz/uploads/posts/2019-06/1561570531_ua-wim_2.jpg HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-06/1561570531_ua-wim_2.jpg

Request Chain 65

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=632031650&t=pageview&_s=1&dl=https%3A%2F%2Fwww.b-tu.xyz%2F&ul=en-us&de=UTF-8&dt=%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%20%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%20%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1579749154&gjid=1139596400&cid=271514826.1567888490&tid=UA-113125822-1&_gid=1690846023.1567888490&_r=1&gtm=2ou8l2&z=564581813 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-113125822-1&cid=271514826.1567888490&jid=1579749154&_gid=1690846023.1567888490&gjid=1139596400&_v=j79&z=564581813 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113125822-1&cid=271514826.1567888490&jid=1579749154&_v=j79&z=564581813 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113125822-1&cid=271514826.1567888490&jid=1579749154&_v=j79&z=564581813&slf_rd=1&random=3583837072

Request Chain 67

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=632031650&t=pageview&_s=1&dl=https%3A%2F%2Fwww.b-tu.xyz%2F&ul=en-us&de=UTF-8&dt=%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%20%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%20%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEDAAUAB~&jid=1690190256&gjid=559587861&cid=271514826.1567888490&tid=UA-110342360-1&_gid=1690846023.1567888490&_r=1&gtm=2ou8l2&z=1807902522 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110342360-1&cid=271514826.1567888490&jid=1690190256&_gid=1690846023.1567888490&gjid=559587861&_v=j79&z=1807902522

Request Chain 171

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 172

https://b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png

Request Chain 173

https://b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png

Request Chain 174

https://b-tu.xyz/uploads/posts/2019-08/1566634532_24-aug-650.png HTTP 301
https://www.b-tu.xyz/uploads/posts/2019-08/1566634532_24-aug-650.png

168 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.b-tu.xyz/
Redirect Chain

http://b-tu.xyz/
http://www.b-tu.xyz/
https://www.b-tu.xyz/

114 KB
31 KB

819ms
741ms

Document
text/html

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: eeb0425949dcb212ce15f7b541d5dc66547affc934b9da4cdab68d7d9cd554b6

Request headers

:method: GET
:authority: www.b-tu.xyz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
cookie: language=ru
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Sat, 07 Sep 2019 20:34:47 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
set-cookie: language=ru; expires=Sun, 06-Sep-2020 20:34:48 GMT; Max-Age=31536000; path=/; domain=.www.b-tu.xyz; httponly PHPSESSID=9gmthf87e1e1sb1f1jpiotl4j2; path=/; domain=.b-tu.xyz; secure; HttpOnly
x-ray: p700:0.680/wn4901:0.670/wa4901:D=669868

Redirect headers

Server: nginx
Date: Sat, 07 Sep 2019 20:34:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: language=ru; expires=Sun, 06-Sep-2020 20:34:48 GMT; Max-Age=31536000; path=/; domain=.www.b-tu.xyz; httponly PHPSESSID=tsu8fi1psjub9upllrdoo61q45; path=/; domain=.b-tu.xyz; secure; HttpOnly
x-ray: p700:0.040/wn4901:0.030/wa4901:D=32940
Location: https://www.b-tu.xyz/

GET
H2 200 index.php Show response
www.b-tu.xyz/engine/classes/min/ 84 KB
29 KB 72ms
70ms Script
application/x-javascript 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/engine/classes/min/index.php?charset=utf-8&g=general&v=25
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:47 GMT
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 01:43:13 GMT
server: nginx
etag: "pub1567561393;gz"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
status: 200
x-ray: p700:0.011/wn4901:0.020/wa4901:D=12838
cache-control: max-age=31536000
content-length: 29771
expires: Sun, 06 Sep 2020 20:34:49 GMT

GET
H2 200 index.php Show response
www.b-tu.xyz/engine/classes/min/ 470 KB
150 KB 74ms
73ms Script
application/x-javascript 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/engine/classes/min/index.php?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/editor/jscripts/tiny_mce/tinymce.min.js&v=25
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 4fa6682d4d894c97b21d2b7aadec5ee463f8d62eee6212de6211fe583e866011

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:47 GMT
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 01:44:00 GMT
server: nginx
etag: "pub1567561440;gz"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
status: 200
x-ray: p700:0.011/wn4901:0.010/wa4901:D=14721
cache-control: max-age=31536000
content-length: 152948
expires: Sun, 06 Sep 2020 20:34:49 GMT

GET
H2 200 style.css
www.b-tu.xyz/templates/BigCorpBlue/css/ 45 KB
10 KB 40ms
38ms Stylesheet
text/css 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/css/style.css
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 5941717cbdc7026ef429f0e41bfde226c4f31f7d4cbbd7a7449294aeff6afa19

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.001/wn4901:0.000/
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 01:47:11 GMT
server: nginx
etag: W/"5d6f179f-b590"
content-type: text/css
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT

GET
H2 200 engine.css
www.b-tu.xyz/templates/BigCorpBlue/css/ 67 KB
22 KB 36ms
35ms Stylesheet
text/css 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/css/engine.css
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: f92b1d9fd9cbf23d57446b5bdc9417317a4c1ff873ca439c1dc7c8332ba95860

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.001/wn4901:0.000/
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 01:47:10 GMT
server: nginx
etag: W/"5d6f179e-10b05"
content-type: text/css
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT

GET
H2 200 coin-slider.min.js Show response
www.b-tu.xyz/templates/BigCorpBlue/js/ 8 KB
3 KB 38ms
36ms Script
application/javascript 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/js/coin-slider.min.js
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: cf9841e430162d1a9564c690a042b8e61aa8b86cb6de8ee6ff5ff7ea5fa9a48e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 01:47:15 GMT
server: nginx
etag: W/"5d6f17a3-20ff"
content-type: application/javascript
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT

GET
H2 200 rating-tabs.js Show response
www.b-tu.xyz/templates/BigCorpBlue/js/ 3 KB
607 B 70ms
69ms Script
application/javascript 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/js/rating-tabs.js
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 53f7f48275c59b5dde1a20db7b2bba1b875d314173b747aeb997877f7ad73833

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 01:47:15 GMT
server: nginx
etag: W/"5d6f17a3-a69"
content-type: application/javascript
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT

GET
H2 200 coin-slider-styles.css
www.b-tu.xyz/templates/BigCorpBlue/css/ 1 KB
1 KB 38ms
37ms Stylesheet
text/css 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/css/coin-slider-styles.css
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 45c394a85e4f01d414371e2612e0b7108a57bf879597441366fa02a1dac5cb78

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:47:11 GMT
server: nginx
etag: "5d6f179f-4c7"
content-type: text/css
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT
accept-ranges: bytes
content-length: 1223

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 68 KB
26 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113125822-1

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0c654660316cb3fcd28175d70d9b88964d438d9a0f63426d94033fa59e41899

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:49 GMT
content-encoding: br
last-modified: Sat, 07 Sep 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 26610
x-xss-protection: 0
expires: Sat, 07 Sep 2019 20:34:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 95 KB
35 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

f613e56f59adc3fd05ac09036894e153505f7f6c80f497bd6e79caf5376a1e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 35046
x-xss-protection: 0
server: cafe
etag: 16760359740232117885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 07 Sep 2019 20:34:49 GMT

GET
H2 200 f326937353f79be934c5a5f910825a42_1.js Show response
cdn.sendpulse.com/js/push/ 46 KB
15 KB 44ms
11ms Script
application/javascript 176.9.157.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sendpulse.com/js/push/f326937353f79be934c5a5f910825a42_1.js

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

176.9.157.8 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.8.157.9.176.clients.your-server.de

Software

Airee/Cloud /

Resource Hash

699643dda1be89cd7e9a41cf4fe06a5eae4fc2fcaed2a245cec7a5f04629beb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:49 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 08:31:20 GMT
server: Airee/Cloud
etag: "5d6e24d8-3960"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=0
accept-ranges: bytes
content-length: 14688
x-airee-node: 32
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 spacer.gif
www.b-tu.xyz/templates/BigCorpBlue/images/ 43 B
205 B 41ms
37ms Image
image/gif 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/images/spacer.gif
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.011/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:47:13 GMT
server: nginx
etag: "5d6f17a1-2b"
content-type: image/gif
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT
accept-ranges: bytes
content-length: 43

GET
H2

200

brand Show response
cse.google.com.ua/coop/cse/
Redirect Chain

https://www.google.com.ua/coop/cse/brand?form=cse-search-box&lang=ru
https://cse.google.com.ua/coop/cse/brand?form=cse-search-box&lang=ru

3 KB
1 KB

42ms
7ms

Script
text/javascript

2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com.ua/coop/cse/brand?form=cse-search-box&lang=ru

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

pfe /

Resource Hash

0ecb2b8da2eff2a9b5486b7b76e27c90c46c648dca63dfef1a3142e39974034d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: pfe
age: 1190
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1232
x-xss-protection: 0
expires: Sat, 07 Sep 2019 20:44:59 GMT

Redirect headers

date: Sat, 07 Sep 2019 20:34:49 GMT
x-content-type-options: nosniff
server: sffe
status: 302
content-type: text/html; charset=UTF-8
location: https://cse.google.com.ua/coop/cse/brand?form=cse-search-box&lang=ru
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 269
x-xss-protection: 0

GET
H/1.1 200
OK bday-btu11.png
btu.org.ua/uploads/ 16 KB
16 KB 89ms
27ms Image
image/png 185.67.0.53
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://btu.org.ua/uploads/bday-btu11.png

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.67.0.53 , Netherlands, ASN50673 (SERVERIUS-AS, NL),

Reverse DNS

server33.anril.dp.ua

Software

nginx/1.12.2 /

Resource Hash

e986690570a10a0d24e33be9dc3e669f85fed95d9a3c6ae09e54d0602b98788c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:49 GMT
Last-Modified: Sun, 16 Dec 2018 09:19:09 GMT
Server: nginx/1.12.2
ETag: "5c16188d-3e01"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=691200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15873
Expires: Sun, 15 Sep 2019 20:34:49 GMT

GET
H2

200

knopka_wta2.png
www.b-tu.xyz/uploads/
Redirect Chain

https://b-tu.xyz/uploads/knopka_wta2.png
https://www.b-tu.xyz/uploads/knopka_wta2.png

12 KB
13 KB

41ms
40ms

Image
image/png

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/knopka_wta2.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: cb2908c692c11b88da204b5eda844246d80d7e3c2ee030c47834c4bb81b0a9b0

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.002/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:55:45 GMT
server: nginx
etag: "5d6f19a1-3175"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 12661

Redirect headers

status: 301
x-ray: p700:0.004/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:47 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/knopka_wta2.png
content-type: text/html

GET
H2

200

knopka_atp2.png
www.b-tu.xyz/uploads/
Redirect Chain

https://b-tu.xyz/uploads/knopka_atp2.png
https://www.b-tu.xyz/uploads/knopka_atp2.png

12 KB
12 KB

35ms
35ms

Image
image/png

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/knopka_atp2.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d1dc10e3d1751ad287cc2d264add4f1c544be127a7f9c604254349ed9c74fa66

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:55:45 GMT
server: nginx
etag: "5d6f19a1-2ec3"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 11971

Redirect headers

status: 301
x-ray: p700:0.011/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:47 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/knopka_atp2.png
content-type: text/html

GET
H2

200

bet-banner1.jpg
www.b-tu.xyz/uploads/
Redirect Chain

https://b-tu.xyz/uploads/bet-banner1.jpg
https://www.b-tu.xyz/uploads/bet-banner1.jpg

211 KB
211 KB

35ms
35ms

Image
image/jpeg

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/bet-banner1.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a5acb59292b74e729e359edf6ca2492c086656319a5e24903e9ff0a0c5c11ce3

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:55:44 GMT
server: nginx
etag: "5d6f19a0-34a87"
content-type: image/jpeg
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 215687

Redirect headers

status: 301
x-ray: p700:0.011/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:47 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/bet-banner1.jpg
content-type: text/html

GET
H2

200

schedule_atp.png
www.b-tu.xyz/uploads/
Redirect Chain

https://b-tu.xyz/uploads/schedule_atp.png
https://www.b-tu.xyz/uploads/schedule_atp.png

24 KB
24 KB

42ms
40ms

Image
image/png

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/schedule_atp.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8ef2ba7a1cbe8e42608e7cd9ec46d6bc7eab0e9ac2d180d0a129c68a652cad0c

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.002/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:55:47 GMT
server: nginx
etag: "5d6f19a3-5edf"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 24287

Redirect headers

status: 301
x-ray: p700:0.011/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:47 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/schedule_atp.png
content-type: text/html

GET
H2

200

schedule_wta.png
www.b-tu.xyz/uploads/
Redirect Chain

https://b-tu.xyz/uploads/schedule_wta.png
https://www.b-tu.xyz/uploads/schedule_wta.png

23 KB
24 KB

41ms
40ms

Image
image/png

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/schedule_wta.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: f97214e90bdd707950b1cab00c37c0b63b8ac706b33c9267d259748af0d63a7e

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.002/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:55:47 GMT
server: nginx
etag: "5d6f19a3-5d77"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 23927

Redirect headers

status: 301
x-ray: p700:0.014/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:47 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/schedule_wta.png
content-type: text/html

GET
H2

200

livescorelogo.jpg
www.b-tu.xyz/uploads/
Redirect Chain

https://b-tu.xyz/uploads/livescorelogo.jpg
https://www.b-tu.xyz/uploads/livescorelogo.jpg

20 KB
20 KB

41ms
40ms

Image
image/jpeg

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/livescorelogo.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7c0e0b39d9f59c267818e2d917f86c72dd8670a2c32bf746a866075b8e704a47

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.002/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:55:45 GMT
server: nginx
etag: "5d6f19a1-4e4a"
content-type: image/jpeg
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 20042

Redirect headers

status: 301
x-ray: p700:0.011/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:47 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/livescorelogo.jpg
content-type: text/html

GET
H2

200

foto_582.jpg
www.b-tu.xyz/uploads/fotos/
Redirect Chain

https://b-tu.xyz/uploads/fotos/foto_582.jpg
https://www.b-tu.xyz/uploads/fotos/foto_582.jpg

2 KB
2 KB

70ms
70ms

Image
image/jpeg

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/fotos/foto_582.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8a5e856e8cc2c794c6e40e43ccde2e516462e9d04922f4ee6c5944a516b4329d

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.011/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:56:01 GMT
server: nginx
etag: "5d6f19b1-604"
content-type: image/jpeg
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 1540

Redirect headers

status: 301
x-ray: p700:0.000/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/fotos/foto_582.jpg
content-type: text/html

GET
H2 200 offline.png
www.b-tu.xyz/templates/BigCorpBlue/images/ 565 B
728 B 40ms
38ms Image
image/png 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/images/offline.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7a960e8b978c38d36a672064518e7d46d7c7e706236c179c6f9e81ca588e7a23

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.011/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:47:12 GMT
server: nginx
etag: "5d6f17a0-235"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT
accept-ranges: bytes
content-length: 565

GET
H2 200 noavatar.png
www.b-tu.xyz/templates/BigCorpBlue/dleimages/ 572 B
735 B 40ms
38ms Image
image/png 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/dleimages/noavatar.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: f99a2c60ac365f5cebd3b520372c07dac909708e0fb5f8848a0a967c7fc0b98e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.011/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:47:17 GMT
server: nginx
etag: "5d6f17a5-23c"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT
accept-ranges: bytes
content-length: 572

GET
H2

200

foto_26.jpg
www.b-tu.xyz/uploads/fotos/
Redirect Chain

https://b-tu.xyz/uploads/fotos/foto_26.jpg
https://www.b-tu.xyz/uploads/fotos/foto_26.jpg

8 KB
9 KB

70ms
70ms

Image
image/jpeg

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/fotos/foto_26.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d865117d3d207f9b5c2a20eef13fe58856e3a87e4e7c0a87dae9ec2162b59631

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.019/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:55:57 GMT
server: nginx
etag: "5d6f19ad-21e6"
content-type: image/jpeg
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 8678

Redirect headers

status: 301
x-ray: p700:0.000/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/fotos/foto_26.jpg
content-type: text/html

GET
H2

200

1566757520_1558.jpg
www.b-tu.xyz/uploads/posts/2019-08/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-08/1566757520_1558.jpg
https://www.b-tu.xyz/uploads/posts/2019-08/1566757520_1558.jpg

61 KB
61 KB

35ms
35ms

Image
image/jpeg

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-08/1566757520_1558.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: dcdcd7e23c4d43ebefc65e9cf474569778be7c0ebf963f82b010b7f04f5e30d7

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:56:28 GMT
server: nginx
etag: "5d6f19cc-f376"
content-type: image/jpeg
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 62326

Redirect headers

status: 301
x-ray: p700:0.000/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-08/1566757520_1558.jpg
content-type: text/html

GET
H2

200

1566718037_beygelzimer-01.png
www.b-tu.xyz/uploads/posts/2019-08/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png
https://www.b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png

279 KB
280 KB

36ms
35ms

Image
image/png

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: f51cf6639457ba2defde24b1754c54a3b5647fdab97e70b4d14eb8e9cd3e7b66

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:56:55 GMT
server: nginx
etag: "5d6f19e7-45dff"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 286207

Redirect headers

status: 301
x-ray: p700:0.000/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png
content-type: text/html

GET
H2

200

1566634532_24-aug-650.png
www.b-tu.xyz/uploads/posts/2019-08/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-08/1566634532_24-aug-650.png
https://www.b-tu.xyz/uploads/posts/2019-08/1566634532_24-aug-650.png

416 KB
416 KB

35ms
35ms

Image
image/png

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-08/1566634532_24-aug-650.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: e2dc70d6d784b09aa838a96613793879ae4e2db6e787812635082b30641b63cd

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:56:14 GMT
server: nginx
etag: "5d6f19be-67e90"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 425616

Redirect headers

status: 301
x-ray: p700:0.000/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-08/1566634532_24-aug-650.png
content-type: text/html

GET
H2

200

1566623836_tsurenko-uso.jpg
www.b-tu.xyz/uploads/posts/2019-08/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-08/1566623836_tsurenko-uso.jpg
https://www.b-tu.xyz/uploads/posts/2019-08/1566623836_tsurenko-uso.jpg

74 KB
74 KB

42ms
42ms

Image
image/jpeg

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-08/1566623836_tsurenko-uso.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a42244d41c20a36f8c5aa8840f3738d2a4b1363221edc125d99bdd6c895c09f2

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.011/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:56:34 GMT
server: nginx
etag: "5d6f19d2-126d7"
content-type: image/jpeg
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 75479

Redirect headers

status: 301
x-ray: p700:0.000/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-08/1566623836_tsurenko-uso.jpg
content-type: text/html

GET
H2

200

1566623412_elina_svitolina_-_2019_us_open_-dsc_5347_xgaplus.jpg
www.b-tu.xyz/uploads/posts/2019-08/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-08/1566623412_elina_svitolina_-_2019_us_open_-dsc_5347_xgaplus.jpg
https://www.b-tu.xyz/uploads/posts/2019-08/1566623412_elina_svitolina_-_2019_us_open_-dsc_5347_xgaplus.jpg

96 KB
96 KB

43ms
43ms

Image
image/jpeg

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-08/1566623412_elina_svitolina_-_2019_us_open_-dsc_5347_xgaplus.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 05f3729f190678b10435d78c45cafa3e6563be499b4939caf329b9bed9b94ea1

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.011/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:56:40 GMT
server: nginx
etag: "5d6f19d8-17e1d"
content-type: image/jpeg
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 97821

Redirect headers

status: 301
x-ray: p700:0.000/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-08/1566623412_elina_svitolina_-_2019_us_open_-dsc_5347_xgaplus.jpg
content-type: text/html

GET
H2 200 lib.js Show response
www.b-tu.xyz/templates/BigCorpBlue/js/ 14 KB
4 KB 35ms
35ms Script
application/javascript 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/js/lib.js
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 512f2fc2840f26f25a6a8cbeeed78810603db942c472675b0bd76f06aa194792

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 01:47:15 GMT
server: nginx
etag: W/"5d6f17a3-3670"
content-type: application/javascript
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 68 KB
26 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-110342360-1

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e2ef1aca8b35a223e79001207edc71b393dcc6af85ae6c0014e4dac27710ac8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:49 GMT
content-encoding: br
last-modified: Sat, 07 Sep 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 26610
x-xss-protection: 0
expires: Sat, 07 Sep 2019 20:34:49 GMT

GET
H2 200 RuBizModal.css
www.b-tu.xyz/templates/BigCorpBlue/css/ 16 KB
4 KB 68ms
68ms Stylesheet
text/css 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/css/RuBizModal.css
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9e2cc4405b733037480226d16b19d28db0891031b6655e552e86929be94c68f8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 01:47:10 GMT
server: nginx
etag: W/"5d6f179e-3e80"
content-type: text/css
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT

GET
H2 200 jquery.simplemodal.js Show response
www.b-tu.xyz/templates/BigCorpBlue/js/ 22 KB
7 KB 40ms
37ms Script
application/javascript 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/js/jquery.simplemodal.js
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 067ef3cc8c7d3e1db6e26f3a0bd4577b0bd62f6f507f4791dee152e243ffad96

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.011/wn4901:0.000/
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 01:47:15 GMT
server: nginx
etag: W/"5d6f17a3-5932"
content-type: application/javascript
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT

GET
H2 200 init.js Show response
www.b-tu.xyz/templates/BigCorpBlue/js/ 642 B
814 B 40ms
37ms Script
application/javascript 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/js/init.js
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 29fdf31b1602f6fb844e684549c427d8a759240fa61cab76f4367cedc84563ff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.011/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:47:15 GMT
server: nginx
etag: "5d6f17a3-282"
content-type: application/javascript
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT
accept-ranges: bytes
content-length: 642

GET
H2 200 appruv.js Show response
www.b-tu.xyz/templates/BigCorpBlue/js/ 1 KB
2 KB 41ms
38ms Script
application/javascript 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/js/appruv.js
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 13baf9f32e4e31bf03f62591ca934ba7ce6d7c47243cb885739e39cddee32fb8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.011/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:47:15 GMT
server: nginx
etag: "5d6f17a3-5e0"
content-type: application/javascript
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT
accept-ranges: bytes
content-length: 1504

GET
H2 200 social-likes.min.js Show response
www.b-tu.xyz/templates/BigCorpBlue/js/ 9 KB
4 KB 39ms
36ms Script
application/javascript 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/js/social-likes.min.js
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 568ade59a9dd53f4c8d9da73c24df3d6a6a8176351a36ab7d763f06fea1757f4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.011/wn4901:0.000/
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 01:47:15 GMT
server: nginx
etag: W/"5d6f17a3-2459"
content-type: application/javascript
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT

GET
H2 200 social-likes_flat.css
www.b-tu.xyz/templates/BigCorpBlue/css/ 12 KB
7 KB 36ms
35ms Stylesheet
text/css 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/css/social-likes_flat.css
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: afdfbb0c2903e3adc7a0af19c4ba030259209099bacd124a18a7f084c986d3be

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 01:47:10 GMT
server: nginx
etag: W/"5d6f179e-2e6e"
content-type: text/css
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
32 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31604
x-xss-protection: 0
pragma: public
x-fb-debug: Dlmjf2+eoJs4IkC7hRkNeq4oAOUGbBkpR3QP7ZTBRWurp6GlXvZcd3UajNEM7IFd0y+XO0DBjufAU+Pey9J/zA==
x-fb-trip-id: 194532234
x-frame-options: DENY
date: Sat, 07 Sep 2019 20:34:49 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK b.js Show response
cdn.braun634.com/libs/ 2 KB
2 KB 95ms
29ms Script
application/javascript 82.192.95.98
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.braun634.com/libs/b.js

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

82.192.95.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

4a96a0ff070232e29998c308c885556bc37ea253127200f34423c5dcd73eb904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block;
Last-Modified: Sat, 31 Aug 2019 07:32:00 GMT
Server: nginx
ETag: W/"5d6a2270-8e7"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Sun, 08 Sep 2019 20:34:49 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

7b9ae0d064f146c79472e80ab29ca5156984a89df65dc02c401257cde5f1a493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Yeu0inBQVUa+849Kqivcyg==
status: 200
content-length: 1780
etag: "021639f3330c0c3db8be39b5494fb175"
x-fb-debug: wuOLKGVqQyuFs9wRjFDNlDfYpERwAmuQKMDct7WVbmzzry0PLjO+MAO2d2gV2TbifLJruIepKsgWKhxnTP5H1g==
x-fb-trip-id: 194532234
x-fb-content-md5: ca4af9c80cc19961475d33d21499237e
x-frame-options: DENY
date: Sat, 07 Sep 2019 20:34:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 07 Sep 2019 20:36:55 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe7e5a90688fbc6e61fbc8b08194ecf3479e0ebf2de96d5b415165c59369ab65

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 social.png
www.b-tu.xyz/templates/BigCorpBlue/images/ 14 KB
14 KB 38ms
38ms Image
image/png 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/images/social.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 4a1122b803b700d1450fbc723db20f82476dfee5830c198fa1fa8ef128f59a03

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/templates/BigCorpBlue/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.003/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:47:14 GMT
server: nginx
etag: "5d6f17a2-3790"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:47 GMT
accept-ranges: bytes
content-length: 14224

GET
H2 200 likebox.php
www.facebook.com/plugins/ Frame C2CE 0
0 155ms
143ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Ftennis.ua&width=300&height=235&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Ftennis.ua&width=300&height=235&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.b-tu.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.b-tu.xyz/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: COYJ3Mp8MPnzJEiJS0dg4kVfcb28W9io0Qfua6tKC1k+zw6tGI8eBVC+8/BgqCi1oUFVFJkaqo+3/6FIYoJ9xg==
date: Sat, 07 Sep 2019 20:34:49 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 26ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/418E) /
Resource Hash: f1106d00331995db22eee14181b1510b7ec3b7e780e0e4fa6827c66aaa2a99b4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Sep 2019 20:15:11 GMT
Server: ECS (fcn/418E)
Etag: "c94e1412de2586837b1f5f0a672cec7e+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28055

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113125822-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 6676
date: Sat, 07 Sep 2019 18:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Sat, 07 Sep 2019 20:43:33 GMT

GET
H2 200 googlelogo_lightgrey_46x16dp.png
www.google.com/cse/static/images/1x/ 551 B
673 B 8ms
5ms Image
image/png 2a00:1450:4001:81c::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/googlelogo_lightgrey_46x16dp.png

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 15:53:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Jan 2017 21:30:00 GMT
server: sffe
age: 448874
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 551
x-xss-protection: 0
expires: Tue, 01 Sep 2020 15:53:35 GMT

GET
H2 200 color.png
www.b-tu.xyz/templates/BigCorpBlue/images/ 177 B
340 B 35ms
35ms Image
image/png 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/images/color.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 3896affce08924c480e78205a3af4cb7d7f1bd1c8f09423397425596ea579d5c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/templates/BigCorpBlue/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:47:13 GMT
server: nginx
etag: "5d6f17a1-b1"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 177

GET
H2 200 sideheader.png
www.b-tu.xyz/templates/BigCorpBlue/images/ 3 KB
3 KB 35ms
35ms Image
image/png 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/images/sideheader.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: bbd09765440bcb8a175bdf9cb88c5d72127f655691e15c12abf912db4f24ba8c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/templates/BigCorpBlue/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:47:14 GMT
server: nginx
etag: "5d6f17a2-c72"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 3186

GET
H2

200

1566120941_collage-us-w.png
www.b-tu.xyz/uploads/posts/2019-08/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-08/1566120941_collage-us-w.png
https://www.b-tu.xyz/uploads/posts/2019-08/1566120941_collage-us-w.png

712 KB
713 KB

58ms
58ms

Image
image/png

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-08/1566120941_collage-us-w.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: f079e3fe34e49e8b07dfd32f7a2247c68682a4941d3dee9fd052535da41dadf9

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.010/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:56:09 GMT
server: nginx
etag: "5d6f19b9-b1fa1"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 728993

Redirect headers

status: 301
x-ray: p700:0.000/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-08/1566120941_collage-us-w.png
content-type: text/html

GET
H2

404

1564226269_308866.jpg
www.b-tu.xyz/uploads/posts/2019-07/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-07/1564226269_308866.jpg
https://www.b-tu.xyz/uploads/posts/2019-07/1564226269_308866.jpg

241 B
241 B

66ms
66ms

Image
text/html

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-07/1564226269_308866.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7c500fb2ba4f624985ca695537404a110a7ad4993747dfb35f8f973f0019fbec

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
x-ray: p700:0.022/wn4901:0.000/wa4901:D=4486
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 241
content-type: text/html; charset=iso-8859-1

Redirect headers

status: 301
x-ray: p700:0.001/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-07/1564226269_308866.jpg
content-type: text/html

GET
H2

404

1563541685_6662.jpg
www.b-tu.xyz/uploads/posts/2019-07/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-07/1563541685_6662.jpg
https://www.b-tu.xyz/uploads/posts/2019-07/1563541685_6662.jpg

239 B
239 B

44ms
44ms

Image
text/html

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-07/1563541685_6662.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 369d83927613482f0695dcc68aa2444f24f0665b0ad617e69890b30a3779f8fd

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
x-ray: p700:0.010/wn4901:0.000/wa4901:D=3941
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 239
content-type: text/html; charset=iso-8859-1

Redirect headers

status: 301
x-ray: p700:0.000/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-07/1563541685_6662.jpg
content-type: text/html

GET
H2

404

1563220784_bernard-tomic-190702-reacts-g-1050.jpg
www.b-tu.xyz/uploads/posts/2019-07/medium/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-07/medium/1563220784_bernard-tomic-190702-reacts-g-1050.jpg
https://www.b-tu.xyz/uploads/posts/2019-07/medium/1563220784_bernard-tomic-190702-reacts-g-1050.jpg

276 B
276 B

42ms
41ms

Image
text/html

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-07/medium/1563220784_bernard-tomic-190702-reacts-g-1050.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2c74281e267b19937acde7a3eee4e99e540008ed1a68398b1b8ff1fde9401dad

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
x-ray: p700:0.010/wn4901:0.000/wa4901:D=3750
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 276
content-type: text/html; charset=iso-8859-1

Redirect headers

status: 301
x-ray: p700:0.010/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-07/medium/1563220784_bernard-tomic-190702-reacts-g-1050.jpg
content-type: text/html

GET
H2

404

1563176223_1034.jpg
www.b-tu.xyz/uploads/posts/2019-07/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-07/1563176223_1034.jpg
https://www.b-tu.xyz/uploads/posts/2019-07/1563176223_1034.jpg

239 B
239 B

42ms
42ms

Image
text/html

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-07/1563176223_1034.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b3ab3e30a193b49b66f4ef193e9c584e32b0e4ef2ae87c7d10f5fc04d4e2ad67

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
x-ray: p700:0.010/wn4901:0.000/wa4901:D=3462
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 239
content-type: text/html; charset=iso-8859-1

Redirect headers

status: 301
x-ray: p700:0.010/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-07/1563176223_1034.jpg
content-type: text/html

GET
H2

404

1563042467_snigur_wimbledon.jpg
www.b-tu.xyz/uploads/posts/2019-07/medium/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-07/medium/1563042467_snigur_wimbledon.jpg
https://www.b-tu.xyz/uploads/posts/2019-07/medium/1563042467_snigur_wimbledon.jpg

258 B
258 B

45ms
44ms

Image
text/html

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-07/medium/1563042467_snigur_wimbledon.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 6e2d7f5f8838296f7198af77c742f590f1ffc2505ff3f8c30e0f1b296a9c9fe3

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
x-ray: p700:0.010/wn4901:0.000/wa4901:D=3503
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 258
content-type: text/html; charset=iso-8859-1

Redirect headers

status: 301
x-ray: p700:0.010/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-07/medium/1563042467_snigur_wimbledon.jpg
content-type: text/html

GET
H2 200 gettyimages-1161765830.jpg
www.wtatennis.com/sites/default/files/styles/teaser_views_phone_1_77_1_2x/public/field/image/ 56 KB
56 KB 424ms
403ms Image
image/jpeg 2606:2800:233:553:dea:996:18f7:b71
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wtatennis.com/sites/default/files/styles/teaser_views_phone_1_77_1_2x/public/field/image/gettyimages-1161765830.jpg

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:553:dea:996:18f7:b71 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

Apache /

Resource Hash

b5eadf48884a27895a5fb423d07434f36938b6982dfedf3ed45b2016d9cfb2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Jul 2019 16:04:56 GMT
server: Apache
etag: "df0d-58d9230281b61"
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 57101
x-xss-protection: 0
expires: Sat, 21 Sep 2019 20:34:50 GMT

GET
H2

404

1562519669_2920.jpg
www.b-tu.xyz/uploads/posts/2019-07/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-07/1562519669_2920.jpg
https://www.b-tu.xyz/uploads/posts/2019-07/1562519669_2920.jpg

239 B
239 B

44ms
43ms

Image
text/html

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-07/1562519669_2920.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 94e4c225318995022a0b966b70553eb5e9d4fe4e7e412bd77d1c8a69f7932b52

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
x-ray: p700:0.010/wn4901:0.000/wa4901:D=3433
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 239
content-type: text/html; charset=iso-8859-1

Redirect headers

status: 301
x-ray: p700:0.000/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-07/1562519669_2920.jpg
content-type: text/html

GET
H2

404

1561570531_ua-wim_2.jpg
www.b-tu.xyz/uploads/posts/2019-06/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-06/1561570531_ua-wim_2.jpg
https://www.b-tu.xyz/uploads/posts/2019-06/1561570531_ua-wim_2.jpg

243 B
243 B

42ms
41ms

Image
text/html

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-06/1561570531_ua-wim_2.jpg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 71c7af3870c503065835c4df181f7270547b06d76c2529a710cc46758306c8ca

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
x-ray: p700:0.010/wn4901:0.000/wa4901:D=3662
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 243
content-type: text/html; charset=iso-8859-1

Redirect headers

status: 301
x-ray: p700:0.000/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:48 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-06/1561570531_ua-wim_2.jpg
content-type: text/html

GET
H/1.1 200
OK s
r.i.ua/ 753 B
985 B 115ms
37ms Image
image/png 91.198.36.16
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.i.ua/s?u188859&p4&n0.5408609911281286&c1&d24&w1600&h1200&rwww.b-tu.xyz/
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.16 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: r.i.ua
Software: nginx /
Resource Hash: 4152ac073187804a7bc87303a3ba2641672654a56183652d986b792347cb6af9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Sep 2019 20:34:49 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 icon_top.png
www.b-tu.xyz/templates/BigCorpBlue/images/ 3 KB
3 KB 36ms
35ms Image
image/png 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/images/icon_top.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 29a1003fd6817b9b2de5cb047c3753a5277b33f79907c5e2a835efdbf0995302

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/templates/BigCorpBlue/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:47:11 GMT
server: nginx
etag: "5d6f179f-cbf"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 3263

GET
H2 200 1771400703125617 Show response
connect.facebook.net/signals/config/ 307 KB
78 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1771400703125617?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

a1a2bf4b4bdd83b2827d03f84ff322a6d40a3f12fe1e2d9b83136dcdad2fae25

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 79753
x-xss-protection: 0
pragma: public
x-fb-debug: hv6NRQgp540W3oJYDnY7vFM3cE9IlDemDnvmkow8qSIskcu8ZlqaZ7kWSK9etKVtdmT78Uc0kEmxCqwPPwOwfQ==
x-fb-trip-id: 194532234
x-frame-options: DENY
date: Sat, 07 Sep 2019 20:34:49 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
476 B 28ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.b-tu.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Sep 2019 20:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
323 B 18ms
17ms Script
application/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.b-tu.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Sep 2019 20:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190903/r20190131/ 222 KB
82 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190903/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

302017e9d1d7fa45eecf35a4285e568f6a48a99cc10225c21df33e0baab27ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 83749
x-xss-protection: 0
server: cafe
etag: 850274908779307231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Sep 2019 20:34:49 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190903/r20190131/ Frame AAA8 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190903/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190903/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.b-tu.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.b-tu.xyz/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 04 Sep 2019 18:43:31 GMT
expires: Wed, 18 Sep 2019 18:43:31 GMT
content-type: text/html; charset=UTF-8
etag: 147867684170163064
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7266
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 265878
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 sprite.svg Show response
www.b-tu.xyz/templates/BigCorpBlue/images/ 28 KB
8 KB 45ms
44ms XHR
image/svg+xml 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/images/sprite.svg
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/engine/classes/min/index.php?charset=utf-8&g=general&v=25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9591a384a73ae0dc46ab3b77a077995fd976ed355e81b33ee201f2b80f4871fb

Request headers

Accept: */*
Referer: https://www.b-tu.xyz/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-ray: p700:0.000/wn4901:0.000/
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 01:47:14 GMT
server: nginx
etag: W/"5d6f17a2-6e37"
content-type: image/svg+xml
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT

GET
H2 200 sbutton.png
www.b-tu.xyz/templates/BigCorpBlue/images/ 406 B
569 B 39ms
39ms Image
image/png 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/templates/BigCorpBlue/images/sbutton.png
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/engine/classes/min/index.php?charset=utf-8&g=general&v=25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 45e42412ac611770918e7fc323b69cfec20b8e1cd7dd9a023b0ff2c442dd291d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/templates/BigCorpBlue/css/coin-slider-styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:47:12 GMT
server: nginx
etag: "5d6f17a0-196"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:48 GMT
accept-ranges: bytes
content-length: 406

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=632031650&t=pageview&_s=1&dl=https%3A%2F%2Fwww.b-tu.xyz%2F&ul=en-us&de=UTF-8&dt=%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-113125822-1&cid=271514826.1567888490&jid=1579749154&_gid=1690846023.1567888490&gjid=1139596400&_v=j79&z=564581813
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113125822-1&cid=271514826.1567888490&jid=1579749154&_v=j79&z=564581813
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113125822-1&cid=271514826.1567888490&jid=1579749154&_v=j79&z=564581813&slf_rd=1&random=3583837072

42 B
109 B

50ms
50ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113125822-1&cid=271514826.1567888490&jid=1579749154&_v=j79&z=564581813&slf_rd=1&random=3583837072

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113125822-1&cid=271514826.1567888490&jid=1579749154&_v=j79&z=564581813&slf_rd=1&random=3583837072
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 16ms
15ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=632031650&t=pageview&_s=1&dl=https%3A%2F%2Fwww.b-tu.xyz%2F&ul=en-us&de=UTF-8&dt=%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%20%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%20%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEDAAUAB~&jid=1941599964&gjid=1334433535&cid=271514826.1567888490&tid=UA-75768510-1&_gid=1690846023.1567888490&_r=1&z=837013214

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2019 20:34:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=632031650&t=pageview&_s=1&dl=https%3A%2F%2Fwww.b-tu.xyz%2F&ul=en-us&de=UTF-8&dt=%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110342360-1&cid=271514826.1567888490&jid=1690190256&_gid=1690846023.1567888490&gjid=559587861&_v=j79&z=1807902522

35 B
102 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c0c::9d
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110342360-1&cid=271514826.1567888490&jid=1690190256&_gid=1690846023.1567888490&gjid=559587861&_v=j79&z=1807902522

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 07 Sep 2019 20:34:50 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Sep 2019 20:34:49 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110342360-1&cid=271514826.1567888490&jid=1690190256&_gid=1690846023.1567888490&gjid=559587861&_v=j79&z=1807902522
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
6ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=632031650&t=pageview&_s=2&dl=https%3A%2F%2Fwww.b-tu.xyz%2F&ul=en-us&de=UTF-8&dt=%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%20%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%20%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEDAAUAB~&jid=&gjid=&cid=271514826.1567888490&tid=UA-75768510-1&_gid=1690846023.1567888490&z=1106892153

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2019 06:13:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1174857
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 200 KB
60 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=27dd473d0f326d2ebe6103bc9984b69d&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f9579ef86c0b0638f2cd29ba0daf1586324728c9fa16f392d75f2e2a62bf1ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.b-tu.xyz/
Origin: https://www.b-tu.xyz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: RwxoCxOekrMyKuyOSOjbVA==
status: 200
content-length: 60792
etag: "d851eb9006a3213e815553acb4a56267"
x-fb-debug: IAVQBlJgqJKnsNRfbTL1U/NeEul4AJH5ijkRKHqHQTSUSHSKaK0r+Yba+pRM4oCyTTWc/lfW3lb/kG/N55Yb/Q==
x-fb-trip-id: 194532234
x-fb-content-md5: fb5878a617f3f997b0f5769ef6786995
x-frame-options: DENY
date: Sat, 07 Sep 2019 20:34:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sun, 06 Sep 2020 18:54:44 GMT

GET
H/1.1 200
OK widget_iframe.097c1f5038f9e8a0d62a39a892838d66.html
platform.twitter.com/widgets/ Frame AFD6 0
0 9ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.097c1f5038f9e8a0d62a39a892838d66.html?origin=https%3A%2F%2Fwww.b-tu.xyz
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40AD) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.b-tu.xyz/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.b-tu.xyz/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 07 Sep 2019 20:34:49 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Thu, 05 Sep 2019 20:14:23 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40AD)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H/1.1 200
OK moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js Show response
platform.twitter.com/js/ 24 KB
8 KB 14ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AD) /
Resource Hash: 0c7854fe840666d69c1f7f9739c7a203c54b65747f333b438456967fd83aa950

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Sep 2019 20:14:14 GMT
Server: ECS (fcn/41AD)
Etag: "e90583c91f224ab7b61d50e66a40a363+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7917

GET
H/1.1 200
OK timeline.49693ebcd57b08708ebca7502c7c343d.js Show response
platform.twitter.com/js/ 23 KB
7 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.49693ebcd57b08708ebca7502c7c343d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash: 16375db367d03b63d3447ec0a6383c999bfa2a9a2ca934a905feaa8b4efa4357

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Sep 2019 20:14:14 GMT
Server: ECS (fcn/40DE)
Etag: "15af387ddc25a6249fd9c82ff4d8854c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7041

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 35 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 10218
x-xss-protection: 0
pragma: public
x-fb-debug: 6y6flSPHbPJMAKNabviCiwXH1EorczTaHUadu3LoavNMaRNv8DJfSHmwB+Z4NxnEwe+D6wjqiVjtLv0eCd1t4A==
x-fb-trip-id: 194532234
x-frame-options: DENY
date: Sat, 07 Sep 2019 20:34:50 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1907 0
0 45ms
44ms Document
text/html 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7576974274272433&output=html&adk=1812271804&adf=3025194257&lmt=1567888490&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.b-tu.xyz%2F&ea=0&flash=0&pra=5&wgl=1&dt=1567888489887&bpp=6&bdt=250&fdt=194&idt=195&shv=r20190903&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8549674651082&frm=20&pv=2&ga_vid=271514826.1567888490&ga_sid=1567888490&ga_hid=632031650&ga_fc=0&iag=0&icsg=68493118719&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21064534%2C21061795&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=1715350203&ifi=0&uci=a!0&fsb=1&dtd=217

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190903/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7576974274272433&output=html&adk=1812271804&adf=3025194257&lmt=1567888490&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.b-tu.xyz%2F&ea=0&flash=0&pra=5&wgl=1&dt=1567888489887&bpp=6&bdt=250&fdt=194&idt=195&shv=r20190903&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8549674651082&frm=20&pv=2&ga_vid=271514826.1567888490&ga_sid=1567888490&ga_hid=632031650&ga_fc=0&iag=0&icsg=68493118719&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21064534%2C21061795&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=1715350203&ifi=0&uci=a!0&fsb=1&dtd=217
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.b-tu.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.b-tu.xyz/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 07 Sep 2019 20:34:50 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 07-Sep-2019 20:49:50 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Sat, 07 Sep 2019 20:34:50 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 76 KB
28 KB 52ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190903/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7b50f00b4ec8c413fdfcf5ccb596f9ae3f47f776ae7fd913eab6cdda0e1543e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1567595695661868"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28441
x-xss-protection: 0
expires: Sat, 07 Sep 2019 20:34:50 GMT

GET
H/1.1 200
OK load Show response
z.cdn.braun634.com/ 1 KB
1 KB 73ms
14ms Script
application/javascript 213.227.149.183
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.braun634.com/load?z=1879601170&div=dj5s8nyj2eo&sr=1600x1200&df=1&cw=1585&ch=1200&tz=120&bh=2&tl=1544&me=8&hc=16&n=1567888490108&url=www.b-tu.xyz%2F&vc=0&zyx=3722093862
Requested by: Host: cdn.braun634.com
URL: https://cdn.braun634.com/libs/b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: bc2c52a0ab013d82d05cc76ae7cc9cd14752de4cf8873ff8e0a99a517b4483ea

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Sep 2019 20:34:50 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="http://z.cdn.braun634.com/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 895
Expires: -1

GET
H/1.1 200
OK load Show response
z.cdn.braun634.com/ 5 KB
3 KB 32ms
13ms Script
application/javascript 213.227.149.183
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.braun634.com/load?z=1431435426&div=r5xsbalgcsw&sr=1600x1200&df=1&cw=1585&ch=1200&tz=120&bh=2&tl=1544&me=8&hc=16&n=1567888490108&url=www.b-tu.xyz%2F&vc=0&zyx=3722093862
Requested by: Host: cdn.braun634.com
URL: https://cdn.braun634.com/libs/b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 27c2caf5324ffac04ce7b7acaab11fe36421c64e629704beaa3fb2adf8772c29

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Sep 2019 20:34:50 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="http://z.cdn.braun634.com/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 2235
Expires: -1

GET
H/1.1 200
OK load Show response
z.cdn.braun634.com/ 21 KB
7 KB 44ms
14ms Script
application/javascript 213.227.149.183
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.braun634.com/load?z=2074868050&div=owz32kp1lgw&sr=1600x1200&df=1&cw=1585&ch=1200&tz=120&bh=2&tl=1544&me=8&hc=16&n=1567888490108&url=www.b-tu.xyz%2F&vc=0&zyx=3722093862
Requested by: Host: cdn.braun634.com
URL: https://cdn.braun634.com/libs/b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 08e6a3f78fcf4688c7af5f79653f8829b580012e44ecde064f9f8626c41860b9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Sep 2019 20:34:50 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="http://z.cdn.braun634.com/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 6796
Expires: -1

GET
H2 200 486543271739958 Show response
connect.facebook.net/signals/config/ 307 KB
79 KB 129ms
129ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/486543271739958?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fa749c479056cc4848e50c3909c015201efbdc5e1c593a0e5647a6d58978e779

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-xss-protection: 0
pragma: public
x-fb-debug: LmWVEocJYyV0SgKT9V9tnHfn13C2C++Njn3oqztpkg6UJMlD7gKP5ZS5QHRdTuAPBLZar7e2c5RJoqbfvX72/g==
x-fb-trip-id: 194532234
x-frame-options: DENY
date: Sat, 07 Sep 2019 20:34:50 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
318 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1771400703125617&ev=PageView&dl=https%3A%2F%2Fwww.b-tu.xyz%2F&rl=&if=false&ts=1567888490120&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1567888490119.1485138963&it=1567888489879&coo=false&rqm=GET

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sat, 07 Sep 2019 20:34:50 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 173 KB
12 KB 228ms
227ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_UkrainianTennis_old&dnt=false&domain=www.b-tu.xyz&lang=en&screen_name=UkrainianTennis&suppress_response_codes=true&t=1742098&tz=GMT%2B0200&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

tsa_f /

Resource Hash

727e20f15cb36bee770f501fac612c1cde421aaa2c51b075bb4c3c81a9a2e18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
content-length: 12050
x-xss-protection: 0
x-response-time: 203
last-modified: Sat, 07 Sep 2019 20:34:50 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 5ce76b45a587ca98044d78841a771ac4
timing-allow-origin: *
x-transaction: 007662f100bb92bf
expires: Sat, 07 Sep 2019 20:39:50 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
337 B 118ms
117ms Image
image/gif 104.244.42.72
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1567888490167%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Sat, 07 Sep 2019 20:34:50 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 29456eb63ac714b31595af218f6d40c4
x-transaction: 000ce4bb00d9eeaa
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame C799 0
0 6ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=27dd473d0f326d2ebe6103bc9984b69d&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.b-tu.xyz/
accept-encoding: gzip, deflate, br
cookie: fr=0tCtx6ygk7HmvEhe1..BddBRq...1.0.BddBRq.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.b-tu.xyz/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 05 Sep 2020 18:37:37 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: dwXPaCf6hjiisyP+i0n96VBbrmoOPUmnb0j76929xWIaSPWKfbUzzv79K6DHv19SBuYUOTA6hEo0mto3yvVFjA==
content-length: 11694
x-fb-trip-id: 194532234
date: Sat, 07 Sep 2019 20:34:50 GMT

GET
H/1.1 200
OK Barcelona_partnership_300x250.gif
n3.cdn.braun634.com/uploads/media/6/0/19206/v1/ 210 KB
210 KB 129ms
61ms Image
image/gif 82.192.95.133
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://n3.cdn.braun634.com/uploads/media/6/0/19206/v1/Barcelona_partnership_300x250.gif

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

82.192.95.133 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

fde07060fd8b57fcee8b6c2bdfc5909ac131187837e47a8cd1f21b76d73dae33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:50 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 214673
X-XSS-Protection: 1; mode=block;
Last-Modified: Tue, 03 Sep 2019 15:41:05 GMT
Server: nginx
ETag: "5d6e8991-34691"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Sun, 08 Sep 2019 20:34:50 GMT

GET
H/1.1 200
OK 100x90_TotalAfconChallenge_EN_index.html
n3.cdn.braun634.com/uploads/media/3/4/15943/v2/ Frame CB83 0
0 98ms
34ms Document
text/html 82.192.95.133
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://n3.cdn.braun634.com/uploads/media/3/4/15943/v2/100x90_TotalAfconChallenge_EN_index.html?clickTag=https://z.cdn.braun634.com/go?z=1431435426&m=1149604737&c=1271236793&p0=1433570700&p1=1862672427&p2=1379430099&u=8e592bbc74efbe2b&t=1567888490&n=364711104337100471&h=1901004461

Requested by

Host: z.cdn.braun634.com
URL: https://z.cdn.braun634.com/load?z=1431435426&div=r5xsbalgcsw&sr=1600x1200&df=1&cw=1585&ch=1200&tz=120&bh=2&tl=1544&me=8&hc=16&n=1567888490108&url=www.b-tu.xyz%2F&vc=0&zyx=3722093862

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

82.192.95.133 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Host: n3.cdn.braun634.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.b-tu.xyz/
Accept-Encoding: gzip, deflate, br
Cookie: AU=8e592bbc74efbe2b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.b-tu.xyz/

Response headers

Server: nginx
Date: Sat, 07 Sep 2019 20:34:50 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Fri, 12 Jul 2019 13:29:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d288b29-bce"
Expires: Sun, 08 Sep 2019 20:34:50 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Content-Encoding: gzip

GET
H/1.1 200
OK event
z.cdn.braun634.com/ 35 B
175 B 36ms
36ms Image
image/gif 213.227.149.183
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.braun634.com/event?z=1431435426&m=1149604737&n=364711104337100471&t=
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:50 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame A6A8 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 1200x200.png
n3.cdn.braun634.com/uploads/media/1/8/15181/v3/ Frame A6A8 103 KB
103 KB 90ms
59ms Image
image/png 82.192.95.133
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://n3.cdn.braun634.com/uploads/media/1/8/15181/v3/1200x200.png

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

82.192.95.133 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

0cf2c8481afe92133d99091000de67b1040583bf913e0cf9b02cc5f2d6960cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:50 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 104972
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 24 Jun 2019 10:37:05 GMT
Server: nginx
ETag: "5d10a7d1-19a0c"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Sun, 08 Sep 2019 20:34:50 GMT

GET
H/1.1 200
OK right_150.jpg
n3.cdn.braun634.com/uploads/media/1/8/15181/v3/ Frame A6A8 28 KB
28 KB 113ms
54ms Image
image/jpeg 82.192.95.133
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://n3.cdn.braun634.com/uploads/media/1/8/15181/v3/right_150.jpg

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

82.192.95.133 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

813dca7bb6ca7aeb449d6b4b4894cd00da87360058274999e03f529f9e25a976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:50 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 28390
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 24 Jun 2019 10:37:05 GMT
Server: nginx
ETag: "5d10a7d1-6ee6"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Sun, 08 Sep 2019 20:34:50 GMT

GET
H/1.1 200
OK left_150.jpg
n3.cdn.braun634.com/uploads/media/1/8/15181/v3/ Frame A6A8 34 KB
34 KB 126ms
61ms Image
image/jpeg 82.192.95.133
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://n3.cdn.braun634.com/uploads/media/1/8/15181/v3/left_150.jpg

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

82.192.95.133 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

c0a7d966a6e9cae369f2494e253e6ee9a74f999431b0a1ea8552c94e1993be07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:50 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 34368
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 24 Jun 2019 10:37:05 GMT
Server: nginx
ETag: "5d10a7d1-8640"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Sun, 08 Sep 2019 20:34:50 GMT

GET
H/1.1 200
OK left_bg.jpg
n3.cdn.braun634.com/uploads/media/1/8/15181/v3/ Frame A6A8 15 KB
15 KB 128ms
60ms Image
image/jpeg 82.192.95.133
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://n3.cdn.braun634.com/uploads/media/1/8/15181/v3/left_bg.jpg

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

82.192.95.133 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

261608821d3960c3f16033f982c4fa2e0e50f6a844663327f8dc336fb3ea6b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:50 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 14914
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 24 Jun 2019 10:37:05 GMT
Server: nginx
ETag: "5d10a7d1-3a42"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Sun, 08 Sep 2019 20:34:50 GMT

GET
H/1.1 200
OK right_bg.jpg
n3.cdn.braun634.com/uploads/media/1/8/15181/v3/ Frame A6A8 15 KB
15 KB 123ms
32ms Image
image/jpeg 82.192.95.133
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://n3.cdn.braun634.com/uploads/media/1/8/15181/v3/right_bg.jpg

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

82.192.95.133 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

48c7238ef66c76b0aa3ae08ba009af8dd9b543660e9758012dd4e1c12af0d9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:50 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 14914
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 24 Jun 2019 10:37:05 GMT
Server: nginx
ETag: "5d10a7d1-3a42"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Sun, 08 Sep 2019 20:34:50 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=486543271739958&ev=PageView&dl=https%3A%2F%2Fwww.b-tu.xyz%2F&rl=&if=false&ts=1567888490299&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1567888490119.1485138963&it=1567888489879&coo=false&rqm=GET

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sat, 07 Sep 2019 20:34:50 GMT

GET
H2 200 1f3d6.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 1 KB
1 KB 9ms
5ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f3d6.png

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

32f32a2b4d4a97052e8a7d9a7778a7fa40901ef17658a8f8f88cf93fac9423e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1077
x-cache: HIT
status: 200
content-length: 1077
x-response-time: 21
surrogate-key: twitter-assets
last-modified: Thu, 17 May 2018 19:30:32 GMT
server: ECS (fcn/418C)
etag: "cV5FYzdTsjdGgd7NGlpB7g=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 002b2faf00f65887
perf: 6
x-connection-hash: 629dded988f5427bf8a9939ade9044d5
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 1f305.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 888 B
1 KB 11ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f305.png

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A6) /

Resource Hash

e8b023145aafe1f1c703767f898fb05b21f6ced489558eae5fddde159881af75

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 888
x-cache: HIT
status: 200
content-length: 888
x-response-time: 30
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:28 GMT
server: ECS (fcn/41A6)
etag: "MBEwRppEEu6qw4Lsz63biQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: a1e18d8221b41b1c785940b3cdc4fb48
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 1f459.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 851 B
984 B 11ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f459.png

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

ea1e7d4389a3f1b8a5208738663f8d74f0219625847877fa8fb2b1697c9a0fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 851
x-cache: HIT
status: 200
content-length: 851
x-response-time: 24
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:35 GMT
server: ECS (fcn/40AE)
etag: "1lsCIGctBCsjFwldYD8Wcg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: fe715010930d04500823a3dee1e6229e
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 65_xRN3r
pbs.twimg.com/card_img/1170307113400360960/ Frame 8AD3 40 KB
40 KB 11ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1170307113400360960/65_xRN3r?format=jpg&name=600x314

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

038ec0b40fe573013e808a4dad628d985dbead93b12f42af079de6f99383058d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 41194
x-response-time: 147
surrogate-key: card_img card_img/bucket/0 card_img/1170307113400360960
last-modified: Sat, 07 Sep 2019 12:03:33 GMT
server: ECS (fcn/41A4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d2e4ca255a1276dfa8df762facf4c926
accept-ranges: bytes

GET
H2 200 cqS3e_hn
pbs.twimg.com/card_img/1170256747707150341/ Frame 8AD3 46 KB
46 KB 11ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1170256747707150341/cqS3e_hn?format=jpg&name=600x314

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

af241ff71b01c221cd3caca6b7696df7bbdfca92333ba646bd12ae7f2fcb37b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 46839
x-response-time: 233
surrogate-key: card_img card_img/bucket/0 card_img/1170256747707150341
last-modified: Sat, 07 Sep 2019 08:43:25 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f05701eb9b6ddbeab6b909da5eaca838
accept-ranges: bytes

GET
H2 200 QXazqc9y
pbs.twimg.com/card_img/1170241217730437121/ Frame 8AD3 347 KB
347 KB 14ms
10ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1170241217730437121/QXazqc9y?format=png&name=600x314

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4184) /

Resource Hash

4f76674eee627309bc859f9eaae834cf35681b7d3642699f3527f9508335d746

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 355284
x-response-time: 229
surrogate-key: card_img card_img/bucket/8 card_img/1170241217730437121
last-modified: Sat, 07 Sep 2019 07:41:42 GMT
server: ECS (fcn/4184)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a1196e8e797b98b1291a7b3bf79738d0
accept-ranges: bytes

GET
H2 200 1f64f-1f3fb.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 919 B
1 KB 12ms
8ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f64f-1f3fb.png

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4190) /

Resource Hash

fe1c8ef11abd09bb1c3f6edd8143ff76d9fbf4c20b360e6257e30aacee9b6046

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 919
x-cache: HIT
status: 200
content-length: 919
x-response-time: 120
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:31 GMT
server: ECS (fcn/4190)
etag: "wNBosie0QwNXYJyK/SxRbg=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: c75c0af53b6b50a698d8bdde342fc795
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 1f5fd.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 1 KB
1 KB 12ms
8ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f5fd.png

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

0a4c16d8f3ff5770736901fcdef65d44919dd297256f5f425ddf8d00c63cbf55

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1264
x-cache: HIT
status: 200
content-length: 1264
x-response-time: 90
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:28 GMT
server: ECS (fcn/40D1)
etag: "klTWe1BGwsyYQ02RjjlOng=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: baa9f2ecc0e3a04dcaba80f5045afd19
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 1f48c.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 763 B
896 B 12ms
9ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f48c.png

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E1) /

Resource Hash

dc144afbb9318d0b9b67c35769c2358806298368084dfe9e674e4653ef27981f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 763
x-cache: HIT
status: 200
content-length: 763
x-response-time: 27
surrogate-key: twitter-assets
last-modified: Fri, 10 Aug 2018 17:42:14 GMT
server: ECS (fcn/40E1)
etag: "Cm67TJrFN0iaa2Q7bIl6Iw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: ebc2fb78b30762febd4ea0f80cf26019
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 _vGNv5ZG
pbs.twimg.com/card_img/1169941306510106625/ Frame 8AD3 33 KB
33 KB 12ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1169941306510106625/_vGNv5ZG?format=jpg&name=600x314

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

6c55979da8c0759e6a092ee69e3ca61ad058c5617fe9bcf805081e13e22c5ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 33449
x-response-time: 162
surrogate-key: card_img card_img/bucket/0 card_img/1169941306510106625
last-modified: Fri, 06 Sep 2019 11:49:58 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d0267c3dd6010dc011389b2af93815b3
accept-ranges: bytes

GET
H2 200 HVcL_AtD
pbs.twimg.com/card_img/1169581533549793281/ Frame 8AD3 19 KB
19 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1169581533549793281/HVcL_AtD?format=jpg&name=600x314

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

c9dacaa5292f280271e31cb00b9e271c3a15ca8e425bbab9c3d812ff2a0904f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 19446
x-response-time: 143
surrogate-key: card_img card_img/bucket/6 card_img/1169581533549793281
last-modified: Thu, 05 Sep 2019 12:00:22 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5655755dcfba4df3156958e54f146ea6
accept-ranges: bytes

GET
H2 200 dqnJJ6Yy
pbs.twimg.com/card_img/1169574812773244928/ Frame 8AD3 27 KB
27 KB 10ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1169574812773244928/dqnJJ6Yy?format=jpg&name=600x314

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

9080d44ead3093bd6fb939463ea5fae7e395354e32f61e90b22b9dcd9266d43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 27882
x-response-time: 249
surrogate-key: card_img card_img/bucket/0 card_img/1169574812773244928
last-modified: Thu, 05 Sep 2019 11:33:39 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dfe2a1cdcffa92bdec262c607ccf9262
accept-ranges: bytes

GET
H2 200 DR8sgNSX
pbs.twimg.com/card_img/1169574139348344833/ Frame 8AD3 55 KB
55 KB 9ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1169574139348344833/DR8sgNSX?format=jpg&name=600x314

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D2) /

Resource Hash

35411ea7ab934f02f7a346860e01927a3952c8461c3bd22f6066578508ff5bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 56476
x-response-time: 155
surrogate-key: card_img card_img/bucket/8 card_img/1169574139348344833
last-modified: Thu, 05 Sep 2019 11:30:59 GMT
server: ECS (fcn/40D2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 679120b21c2243020c45778ab6b00817
accept-ranges: bytes

GET
H2 200 1f608.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 784 B
941 B 10ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f608.png

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4187) /

Resource Hash

13f3065da3da99b36f3035fa3bd7285197ff0e6d754b099726b94f471ed37c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 784
x-cache: HIT
status: 200
content-length: 784
x-response-time: 34
surrogate-key: twitter-assets
last-modified: Wed, 11 Apr 2018 17:50:10 GMT
server: ECS (fcn/4187)
etag: "Mta9b9b05CG598WG+3PyCw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 7b9e521e5d59e0d5c0aac88800646f8d
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 6AFkaXVT
pbs.twimg.com/card_img/1168962625511837696/ Frame 8AD3 26 KB
26 KB 10ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1168962625511837696/6AFkaXVT?format=jpg&name=600x314

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

279b61f328e715458c8b00201d7e234ac3566a504fcb32c99ca47721e3a3e4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 26604
x-response-time: 143
surrogate-key: card_img card_img/bucket/0 card_img/1168962625511837696
last-modified: Tue, 03 Sep 2019 19:01:02 GMT
server: ECS (fcn/41A8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: db51d77a15080c2272b0146ae689a1fb
accept-ranges: bytes

GET
H2 200 1f44f.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 1 KB
1 KB 15ms
13ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f44f.png

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4187) /

Resource Hash

876e139116fc16aa3c4d125fc455be61e9c68bf474539ca822a2d2edee6a7459

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1072
x-cache: HIT
status: 200
content-length: 1072
x-response-time: 8
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:35 GMT
server: ECS (fcn/4187)
etag: "HwgzY5zG+7n9Q99ZvoJHLw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: febc23207ef34612cf1d9b19a25bb1ef
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 JrA2Okvw
pbs.twimg.com/card_img/1168945428714467333/ Frame 8AD3 39 KB
40 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1168945428714467333/JrA2Okvw?format=jpg&name=600x314

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

82465e4813f84ef566a081bbf32519a613ad6242b8d714a5a38f7f88eadfb062

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 40442
x-response-time: 166
surrogate-key: card_img card_img/bucket/0 card_img/1168945428714467333
last-modified: Tue, 03 Sep 2019 17:52:42 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 98455efa86f8e97da6819aa694ec9b12
accept-ranges: bytes

GET
H2 200 FUhV4FZr
pbs.twimg.com/card_img/1168852379082661888/ Frame 8AD3 38 KB
38 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1168852379082661888/FUhV4FZr?format=jpg&name=600x314

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FC) /

Resource Hash

ab6d9b609bee3d796c83ddd5c2e7343899f29096afcf7dfc41d56ff9da7a6dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 38810
x-response-time: 150
surrogate-key: card_img card_img/bucket/1 card_img/1168852379082661888
last-modified: Tue, 03 Sep 2019 11:42:58 GMT
server: ECS (fcn/40FC)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 735b8350e2e315bea55ecabae3a70251
accept-ranges: bytes

GET
H2 200 tHQZhwTs
pbs.twimg.com/card_img/1168808371643932673/ Frame 8AD3 25 KB
25 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1168808371643932673/tHQZhwTs?format=jpg&name=600x314

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

ea348772a020aa1df4d94ed30e42072f0e0e507ebc7ab16c3df8ed7d3b2753c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 25759
x-response-time: 147
surrogate-key: card_img card_img/bucket/8 card_img/1168808371643932673
last-modified: Tue, 03 Sep 2019 08:48:05 GMT
server: ECS (fcn/40F7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e134727ddfc6038688636f299082f044
accept-ranges: bytes

GET
H2 200 MndPI38u
pbs.twimg.com/card_img/1168802381057933314/ Frame 8AD3 27 KB
27 KB 8ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1168802381057933314/MndPI38u?format=jpg&name=600x314

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E9) /

Resource Hash

32b52afce1f36c53c0e0d1f0b8f7e863906a11127eb1dec55cc9cad483ab8156

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 27351
x-response-time: 147
surrogate-key: card_img card_img/bucket/3 card_img/1168802381057933314
last-modified: Tue, 03 Sep 2019 08:24:17 GMT
server: ECS (fcn/40E9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 738ff5df1264cc9da9217b370789e95b
accept-ranges: bytes

GET
H2 200 EjvNZBh9
pbs.twimg.com/card_img/1168795378285785088/ Frame 8AD3 343 KB
343 KB 8ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1168795378285785088/EjvNZBh9?format=png&name=600x314

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AF) /

Resource Hash

c103dfa7a0c9414be2c605da556c6c36f7f40819ebd7657fb1bfe1a722b8708a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 351030
x-response-time: 186
surrogate-key: card_img card_img/bucket/8 card_img/1168795378285785088
last-modified: Tue, 03 Sep 2019 07:56:28 GMT
server: ECS (fcn/41AF)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 61ff454d5f8efa00633600a188e0b1aa
accept-ranges: bytes

GET
H/1.1 200
OK timeline.9bf5093a19cec463852b31b784bf047a.light.ltr.css
platform.twitter.com/css/ Frame 8AD3 53 KB
12 KB 7ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.9bf5093a19cec463852b31b784bf047a.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A0) /
Resource Hash: e3ceb417f143f3da5e489b62778609a256365a98f483bed272d97e4891fdb36b

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Sep 2019 20:14:10 GMT
Server: ECS (fcn/41A0)
Etag: "07ca66dad14d0d26b03a02f7f31a1d7b+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12281

GET
H/1.1 200
OK timeline.9bf5093a19cec463852b31b784bf047a.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 8ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.9bf5093a19cec463852b31b784bf047a.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A0) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Sep 2019 20:34:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Sep 2019 20:14:10 GMT
Server: ECS (fcn/41A0)
Etag: "07ca66dad14d0d26b03a02f7f31a1d7b+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12281

GET
H2 200 1f3d6.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 1 KB
1 KB 11ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f3d6.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

32f32a2b4d4a97052e8a7d9a7778a7fa40901ef17658a8f8f88cf93fac9423e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1077
x-cache: HIT
status: 200
content-length: 1077
x-response-time: 21
surrogate-key: twitter-assets
last-modified: Thu, 17 May 2018 19:30:32 GMT
server: ECS (fcn/418C)
etag: "cV5FYzdTsjdGgd7NGlpB7g=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 002b2faf00f65887
perf: 6
x-connection-hash: 629dded988f5427bf8a9939ade9044d5
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 1f305.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 888 B
1 KB 11ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f305.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A6) /

Resource Hash

e8b023145aafe1f1c703767f898fb05b21f6ced489558eae5fddde159881af75

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 888
x-cache: HIT
status: 200
content-length: 888
x-response-time: 30
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:28 GMT
server: ECS (fcn/41A6)
etag: "MBEwRppEEu6qw4Lsz63biQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: a1e18d8221b41b1c785940b3cdc4fb48
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 1f459.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 851 B
966 B 11ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f459.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

ea1e7d4389a3f1b8a5208738663f8d74f0219625847877fa8fb2b1697c9a0fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 851
x-cache: HIT
status: 200
content-length: 851
x-response-time: 24
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:35 GMT
server: ECS (fcn/40AE)
etag: "1lsCIGctBCsjFwldYD8Wcg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: fe715010930d04500823a3dee1e6229e
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 65_xRN3r
pbs.twimg.com/card_img/1170307113400360960/ Frame 8AD3 40 KB
40 KB 13ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1170307113400360960/65_xRN3r?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

038ec0b40fe573013e808a4dad628d985dbead93b12f42af079de6f99383058d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 41194
x-response-time: 147
surrogate-key: card_img card_img/bucket/0 card_img/1170307113400360960
last-modified: Sat, 07 Sep 2019 12:03:33 GMT
server: ECS (fcn/41A4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d2e4ca255a1276dfa8df762facf4c926
accept-ranges: bytes

GET
H2 200 cqS3e_hn
pbs.twimg.com/card_img/1170256747707150341/ Frame 8AD3 46 KB
46 KB 14ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1170256747707150341/cqS3e_hn?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

af241ff71b01c221cd3caca6b7696df7bbdfca92333ba646bd12ae7f2fcb37b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 46839
x-response-time: 233
surrogate-key: card_img card_img/bucket/0 card_img/1170256747707150341
last-modified: Sat, 07 Sep 2019 08:43:25 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f05701eb9b6ddbeab6b909da5eaca838
accept-ranges: bytes

GET
H2 200 1f64f-1f3fb.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 919 B
1 KB 15ms
11ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f64f-1f3fb.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4190) /

Resource Hash

fe1c8ef11abd09bb1c3f6edd8143ff76d9fbf4c20b360e6257e30aacee9b6046

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 919
x-cache: HIT
status: 200
content-length: 919
x-response-time: 120
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:31 GMT
server: ECS (fcn/4190)
etag: "wNBosie0QwNXYJyK/SxRbg=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: c75c0af53b6b50a698d8bdde342fc795
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 1f5fd.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 1 KB
1 KB 15ms
11ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f5fd.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

0a4c16d8f3ff5770736901fcdef65d44919dd297256f5f425ddf8d00c63cbf55

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1264
x-cache: HIT
status: 200
content-length: 1264
x-response-time: 90
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:28 GMT
server: ECS (fcn/40D1)
etag: "klTWe1BGwsyYQ02RjjlOng=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: baa9f2ecc0e3a04dcaba80f5045afd19
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 1f48c.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 763 B
912 B 15ms
11ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f48c.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E1) /

Resource Hash

dc144afbb9318d0b9b67c35769c2358806298368084dfe9e674e4653ef27981f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 763
x-cache: HIT
status: 200
content-length: 763
x-response-time: 27
surrogate-key: twitter-assets
last-modified: Fri, 10 Aug 2018 17:42:14 GMT
server: ECS (fcn/40E1)
etag: "Cm67TJrFN0iaa2Q7bIl6Iw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: ebc2fb78b30762febd4ea0f80cf26019
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 _vGNv5ZG
pbs.twimg.com/card_img/1169941306510106625/ Frame 8AD3 33 KB
33 KB 15ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1169941306510106625/_vGNv5ZG?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

6c55979da8c0759e6a092ee69e3ca61ad058c5617fe9bcf805081e13e22c5ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 33449
x-response-time: 162
surrogate-key: card_img card_img/bucket/0 card_img/1169941306510106625
last-modified: Fri, 06 Sep 2019 11:49:58 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d0267c3dd6010dc011389b2af93815b3
accept-ranges: bytes

GET
H2 200 HVcL_AtD
pbs.twimg.com/card_img/1169581533549793281/ Frame 8AD3 19 KB
19 KB 12ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1169581533549793281/HVcL_AtD?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

c9dacaa5292f280271e31cb00b9e271c3a15ca8e425bbab9c3d812ff2a0904f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 19446
x-response-time: 143
surrogate-key: card_img card_img/bucket/6 card_img/1169581533549793281
last-modified: Thu, 05 Sep 2019 12:00:22 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5655755dcfba4df3156958e54f146ea6
accept-ranges: bytes

GET
H2 200 dqnJJ6Yy
pbs.twimg.com/card_img/1169574812773244928/ Frame 8AD3 27 KB
27 KB 13ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1169574812773244928/dqnJJ6Yy?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

9080d44ead3093bd6fb939463ea5fae7e395354e32f61e90b22b9dcd9266d43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 27882
x-response-time: 249
surrogate-key: card_img card_img/bucket/0 card_img/1169574812773244928
last-modified: Thu, 05 Sep 2019 11:33:39 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dfe2a1cdcffa92bdec262c607ccf9262
accept-ranges: bytes

GET
H2 200 DR8sgNSX
pbs.twimg.com/card_img/1169574139348344833/ Frame 8AD3 55 KB
55 KB 13ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1169574139348344833/DR8sgNSX?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D2) /

Resource Hash

35411ea7ab934f02f7a346860e01927a3952c8461c3bd22f6066578508ff5bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 56476
x-response-time: 155
surrogate-key: card_img card_img/bucket/8 card_img/1169574139348344833
last-modified: Thu, 05 Sep 2019 11:30:59 GMT
server: ECS (fcn/40D2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 679120b21c2243020c45778ab6b00817
accept-ranges: bytes

GET
H2 200 1f608.png
abs.twimg.com/emoji/v2/72x72/ Frame 8AD3 784 B
938 B 13ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f608.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4187) /

Resource Hash

13f3065da3da99b36f3035fa3bd7285197ff0e6d754b099726b94f471ed37c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-ton-expected-size: 784
x-cache: HIT
status: 200
content-length: 784
x-response-time: 34
surrogate-key: twitter-assets
last-modified: Wed, 11 Apr 2018 17:50:10 GMT
server: ECS (fcn/4187)
etag: "Mta9b9b05CG598WG+3PyCw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 7b9e521e5d59e0d5c0aac88800646f8d
accept-ranges: bytes
expires: Sun, 06 Sep 2020 20:34:50 GMT

GET
H2 200 6AFkaXVT
pbs.twimg.com/card_img/1168962625511837696/ Frame 8AD3 26 KB
26 KB 12ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1168962625511837696/6AFkaXVT?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.059acc8fc49c0c7de73607b3bbd326e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

279b61f328e715458c8b00201d7e234ac3566a504fcb32c99ca47721e3a3e4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 26604
x-response-time: 143
surrogate-key: card_img card_img/bucket/0 card_img/1168962625511837696
last-modified: Tue, 03 Sep 2019 19:01:02 GMT
server: ECS (fcn/41A8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: db51d77a15080c2272b0146ae689a1fb
accept-ranges: bytes

GET
H2 200 onvWO-MO_normal.jpg
pbs.twimg.com/profile_images/823108069047537666/ Frame 8AD3 2 KB
2 KB 11ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/823108069047537666/onvWO-MO_normal.jpg

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A9) /

Resource Hash

ffa2eee9904513a379af19ad3b2f973a24295834a62e33b6d4f6bf171ad92166

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2263
x-response-time: 139
surrogate-key: profile_images profile_images/bucket/9 profile_images/823108069047537666
last-modified: Sun, 22 Jan 2017 09:58:30 GMT
server: ECS (fcn/41A9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 22c074fbb7750dcccb380ff34f22090e
accept-ranges: bytes

GET
H2 200 7tXAfCGl_normal.jpg
pbs.twimg.com/profile_images/1153700063560032256/ Frame 8AD3 2 KB
2 KB 10ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1153700063560032256/7tXAfCGl_normal.jpg

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AB) /

Resource Hash

90f612eec6ce7898bdf3ccc036e4d8d168601b80fcdffc354973836c0004c334

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2263
x-response-time: 129
surrogate-key: profile_images profile_images/bucket/7 profile_images/1153700063560032256
last-modified: Tue, 23 Jul 2019 16:13:04 GMT
server: ECS (fcn/41AB)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4c1d710f899da022e65226ad54b15d5d
accept-ranges: bytes

GET
H2 200 k2oG0DGk_normal.jpg
pbs.twimg.com/profile_images/1083146478502195201/ Frame 8AD3 2 KB
2 KB 10ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1083146478502195201/k2oG0DGk_normal.jpg

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

6473ebe4e7bf7e98940db2f5fd9596f693b7a0e99dcde281173fbf98672792ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 1883
x-response-time: 129
surrogate-key: profile_images profile_images/bucket/3 profile_images/1083146478502195201
last-modified: Wed, 09 Jan 2019 23:38:19 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f098dc5a720510ba5314d9acb12772ae
accept-ranges: bytes

GET
H2 200 JhQSFV0Q_normal.jpg
pbs.twimg.com/profile_images/1014784243459817473/ Frame 8AD3 2 KB
2 KB 10ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1014784243459817473/JhQSFV0Q_normal.jpg

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E1) /

Resource Hash

07c708a6a16959122c6dc8e1d57e1ac272a25675088e7a0114344a2763070dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2187
x-response-time: 182
surrogate-key: profile_images profile_images/bucket/4 profile_images/1014784243459817473
last-modified: Thu, 05 Jul 2018 08:11:12 GMT
server: ECS (fcn/40E1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 903513d72000df49660fa08a04dfa1d4
accept-ranges: bytes

GET
H2 200 rzVeLoHb_normal.jpg
pbs.twimg.com/profile_images/1061131358129582080/ Frame 8AD3 2 KB
2 KB 8ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1061131358129582080/rzVeLoHb_normal.jpg

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

77c21c3eac834bc8c850fc62cebb4a18cba1449b44f06c1f3520942be2aa955c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 119
surrogate-key: profile_images profile_images/bucket/4 profile_images/1061131358129582080
last-modified: Sat, 10 Nov 2018 05:38:05 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4f2fed73a9816ed708570d394dfd8c7d
accept-ranges: bytes

GET
H2 200 oMkltmDh_normal.jpg
pbs.twimg.com/profile_images/1162324730805923841/ Frame 8AD3 2 KB
2 KB 9ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1162324730805923841/oMkltmDh_normal.jpg

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418F) /

Resource Hash

c57bccbff3cf1fd8edfcf71bcd9b864c8c347012b4f2ab921fd2a7a4d06f274e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 136
surrogate-key: profile_images profile_images/bucket/1 profile_images/1162324730805923841
last-modified: Fri, 16 Aug 2019 11:24:25 GMT
server: ECS (fcn/418F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f079ab85400eee2956a2ec178c16b212
accept-ranges: bytes

GET
H2 200 JzkSwQS6_normal.png
pbs.twimg.com/profile_images/1143197817684602880/ Frame 8AD3 3 KB
3 KB 10ms
8ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1143197817684602880/JzkSwQS6_normal.png

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FD) /

Resource Hash

e97396af14ad72c64ec3c143ed16941ab05d28f3c80230d7aeab4b5d2462f410

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2567
x-response-time: 122
surrogate-key: profile_images profile_images/bucket/4 profile_images/1143197817684602880
last-modified: Mon, 24 Jun 2019 16:40:53 GMT
server: ECS (fcn/40FD)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 09a94e32c997db3d2c614e0e42d45e2c
accept-ranges: bytes

GET
H2 200 ED4Sa7QXUAAx93i
pbs.twimg.com/media/ Frame 8AD3 15 KB
15 KB 65ms
63ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ED4Sa7QXUAAx93i?format=jpg&name=360x360

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D9) /

Resource Hash

34b5fe14be1cedb6a7e5013ff30512bd90428c7727fc6f7dcb12019bcf2fe7ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 15145
x-response-time: 143
surrogate-key: media media/bucket/7 media/1170393206955134976
last-modified: Sat, 07 Sep 2019 17:45:40 GMT
server: ECS (fcn/40D9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fadc9860b6a4eca920c7d5880cf248e6
accept-ranges: bytes

GET
H2 200 ED2-N7LXoAA5eSz
pbs.twimg.com/media/ Frame 8AD3 40 KB
40 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ED2-N7LXoAA5eSz?format=jpg&name=small

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

e93be2c053ce67a6391cb4a7f21df5d3b1155d96460a34626682f444af3a90ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 41227
x-response-time: 111
surrogate-key: media media/bucket/4 media/1170300624619151360
last-modified: Sat, 07 Sep 2019 11:37:46 GMT
server: ECS (fcn/4188)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 878e71a758681549d022b150a5848a90
accept-ranges: bytes

GET
H2 200 EDyTJVfW4AgUIHb
pbs.twimg.com/media/ Frame 8AD3 61 KB
61 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EDyTJVfW4AgUIHb?format=jpg&name=small

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B2) /

Resource Hash

c7328584f160f89ebeafea9ec909a1d2daaee794b5319470a2144cca7df13b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 62743
x-response-time: 129
surrogate-key: media media/bucket/3 media/1169971791806259208
last-modified: Fri, 06 Sep 2019 13:51:06 GMT
server: ECS (fcn/40B2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 63141aebf127bbf7c015405f87a80d31
accept-ranges: bytes

GET
H2 200 EDoNdCWXUAA6ixH
pbs.twimg.com/media/ Frame 8AD3 70 KB
70 KB 9ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EDoNdCWXUAA6ixH?format=jpg&name=small

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4198) /

Resource Hash

75da0ea4812b6f4d36d7d041e7d7aff04bf2eea23c8a43d3170947dafcfe294d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 71515
x-response-time: 121
surrogate-key: media media/bucket/2 media/1169261845754105856
last-modified: Wed, 04 Sep 2019 14:50:02 GMT
server: ECS (fcn/4198)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cfb69903d204446e9d54116a414b79c0
accept-ranges: bytes

GET
H2 200 EDjrFnZXkAIl1Lp
pbs.twimg.com/media/ Frame 8AD3 12 KB
12 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EDjrFnZXkAIl1Lp?format=jpg&name=360x360

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4184) /

Resource Hash

49a80f903ac4bdf488167d0f3bc00b7c1b4c56fb592e7fa40a5cdf1fc710e2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 12340
x-response-time: 337
surrogate-key: media media/bucket/2 media/1168942585009901570
last-modified: Tue, 03 Sep 2019 17:41:24 GMT
server: ECS (fcn/4184)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f40b4c933ff834e23fcd88d57c12122a
accept-ranges: bytes

GET
H2 200 EDyBgDRWkAEkCHT
pbs.twimg.com/media/ Frame 8AD3 10 KB
10 KB 10ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EDyBgDRWkAEkCHT?format=jpg&name=240x240

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

6c970737aee41eb813934137c1e6d1e814c894143a401a10e879052a000fa858

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 9835
x-response-time: 139
surrogate-key: media media/bucket/9 media/1169952390843371521
last-modified: Fri, 06 Sep 2019 12:34:01 GMT
server: ECS (fcn/4188)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f07b91dd8e3e269eaebb5bbc17363868
accept-ranges: bytes

GET
H2 200 EDyBgDOXkAEozga
pbs.twimg.com/media/ Frame 8AD3 6 KB
6 KB 9ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EDyBgDOXkAEozga?format=jpg&name=240x240

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

0e03b350884c5858a1b38a559c96439f7167da78b27a2928c35f8a27a80ee5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 6193
x-response-time: 169
surrogate-key: media media/bucket/1 media/1169952390830854145
last-modified: Fri, 06 Sep 2019 12:34:01 GMT
server: ECS (fcn/40DD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: abcb96080c0159a37f8a8920ba30e8ac
accept-ranges: bytes

GET
H2 200 EDyBgDgXsAEU0Gw
pbs.twimg.com/media/ Frame 8AD3 7 KB
7 KB 8ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EDyBgDgXsAEU0Gw?format=jpg&name=240x240

Requested by

Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41D8) /

Resource Hash

2db4bed5a3dc78d477c7d434bcbd7d7fb2e08d5e237233cce210ea81c72699b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 7192
x-response-time: 147
surrogate-key: media media/bucket/0 media/1169952390906359809
last-modified: Fri, 06 Sep 2019 12:34:01 GMT
server: ECS (fcn/41D8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a5e1d37b6cdacec9c1ecb920bca2b028
accept-ranges: bytes

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 8AD3 44 KB
7 KB 13ms
9ms Stylesheet
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
vary: Accept-Encoding
content-length: 6839
x-response-time: 42
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 7e334880a01ad62bb47e1c2e999a7afa
accept-ranges: bytes
expires: Sat, 14 Sep 2019 20:34:50 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 12ms
9ms Image
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
vary: Accept-Encoding
content-length: 6839
x-response-time: 42
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 7e334880a01ad62bb47e1c2e999a7afa
accept-ranges: bytes
expires: Sat, 14 Sep 2019 20:34:50 GMT

GET
DATA 200
OK truncated
/ Frame 8AD3 707 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8AD3 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8AD3 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8AD3 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8AD3 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8AD3 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H2 200 /
www.facebook.com/tr/ Frame 8823 0
0 6ms
6ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 5542
pragma: no-cache
cache-control: no-cache
origin: https://www.b-tu.xyz
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.b-tu.xyz/
accept-encoding: gzip, deflate, br
cookie: fr=0tCtx6ygk7HmvEhe1..BddBRq...1.0.BddBRq.
Origin: https://www.b-tu.xyz
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.b-tu.xyz/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://www.b-tu.xyz
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
date: Sat, 07 Sep 2019 20:34:50 GMT

GET
H2 200 65_xRN3r
pbs.twimg.com/card_img/1170307113400360960/ Frame 8AD3 40 KB
40 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1170307113400360960/65_xRN3r?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

038ec0b40fe573013e808a4dad628d985dbead93b12f42af079de6f99383058d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 41194
x-response-time: 147
surrogate-key: card_img card_img/bucket/0 card_img/1170307113400360960
last-modified: Sat, 07 Sep 2019 12:03:33 GMT
server: ECS (fcn/41A4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d2e4ca255a1276dfa8df762facf4c926
accept-ranges: bytes

GET
H2 200 cqS3e_hn
pbs.twimg.com/card_img/1170256747707150341/ Frame 8AD3 46 KB
46 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1170256747707150341/cqS3e_hn?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

af241ff71b01c221cd3caca6b7696df7bbdfca92333ba646bd12ae7f2fcb37b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 46839
x-response-time: 233
surrogate-key: card_img card_img/bucket/0 card_img/1170256747707150341
last-modified: Sat, 07 Sep 2019 08:43:25 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f05701eb9b6ddbeab6b909da5eaca838
accept-ranges: bytes

GET
H2 200 QXazqc9y
pbs.twimg.com/card_img/1170241217730437121/ Frame 8AD3 347 KB
347 KB 8ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1170241217730437121/QXazqc9y?format=png&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4184) /

Resource Hash

4f76674eee627309bc859f9eaae834cf35681b7d3642699f3527f9508335d746

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 355284
x-response-time: 229
surrogate-key: card_img card_img/bucket/8 card_img/1170241217730437121
last-modified: Sat, 07 Sep 2019 07:41:42 GMT
server: ECS (fcn/4184)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a1196e8e797b98b1291a7b3bf79738d0
accept-ranges: bytes

GET
H2 200 _vGNv5ZG
pbs.twimg.com/card_img/1169941306510106625/ Frame 8AD3 33 KB
33 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1169941306510106625/_vGNv5ZG?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

6c55979da8c0759e6a092ee69e3ca61ad058c5617fe9bcf805081e13e22c5ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 33449
x-response-time: 162
surrogate-key: card_img card_img/bucket/0 card_img/1169941306510106625
last-modified: Fri, 06 Sep 2019 11:49:58 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d0267c3dd6010dc011389b2af93815b3
accept-ranges: bytes

GET
H2 200 HVcL_AtD
pbs.twimg.com/card_img/1169581533549793281/ Frame 8AD3 19 KB
19 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1169581533549793281/HVcL_AtD?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

c9dacaa5292f280271e31cb00b9e271c3a15ca8e425bbab9c3d812ff2a0904f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 19446
x-response-time: 143
surrogate-key: card_img card_img/bucket/6 card_img/1169581533549793281
last-modified: Thu, 05 Sep 2019 12:00:22 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5655755dcfba4df3156958e54f146ea6
accept-ranges: bytes

GET
H2 200 dqnJJ6Yy
pbs.twimg.com/card_img/1169574812773244928/ Frame 8AD3 27 KB
27 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1169574812773244928/dqnJJ6Yy?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

9080d44ead3093bd6fb939463ea5fae7e395354e32f61e90b22b9dcd9266d43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 27882
x-response-time: 249
surrogate-key: card_img card_img/bucket/0 card_img/1169574812773244928
last-modified: Thu, 05 Sep 2019 11:33:39 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dfe2a1cdcffa92bdec262c607ccf9262
accept-ranges: bytes

GET
H2 200 DR8sgNSX
pbs.twimg.com/card_img/1169574139348344833/ Frame 8AD3 55 KB
55 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1169574139348344833/DR8sgNSX?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D2) /

Resource Hash

35411ea7ab934f02f7a346860e01927a3952c8461c3bd22f6066578508ff5bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 56476
x-response-time: 155
surrogate-key: card_img card_img/bucket/8 card_img/1169574139348344833
last-modified: Thu, 05 Sep 2019 11:30:59 GMT
server: ECS (fcn/40D2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 679120b21c2243020c45778ab6b00817
accept-ranges: bytes

GET
H2 200 6AFkaXVT
pbs.twimg.com/card_img/1168962625511837696/ Frame 8AD3 26 KB
26 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1168962625511837696/6AFkaXVT?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

279b61f328e715458c8b00201d7e234ac3566a504fcb32c99ca47721e3a3e4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 26604
x-response-time: 143
surrogate-key: card_img card_img/bucket/0 card_img/1168962625511837696
last-modified: Tue, 03 Sep 2019 19:01:02 GMT
server: ECS (fcn/41A8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: db51d77a15080c2272b0146ae689a1fb
accept-ranges: bytes

GET
H2 200 JrA2Okvw
pbs.twimg.com/card_img/1168945428714467333/ Frame 8AD3 39 KB
40 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1168945428714467333/JrA2Okvw?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

82465e4813f84ef566a081bbf32519a613ad6242b8d714a5a38f7f88eadfb062

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 40442
x-response-time: 166
surrogate-key: card_img card_img/bucket/0 card_img/1168945428714467333
last-modified: Tue, 03 Sep 2019 17:52:42 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 98455efa86f8e97da6819aa694ec9b12
accept-ranges: bytes

GET
H2 200 FUhV4FZr
pbs.twimg.com/card_img/1168852379082661888/ Frame 8AD3 38 KB
38 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1168852379082661888/FUhV4FZr?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FC) /

Resource Hash

ab6d9b609bee3d796c83ddd5c2e7343899f29096afcf7dfc41d56ff9da7a6dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 38810
x-response-time: 150
surrogate-key: card_img card_img/bucket/1 card_img/1168852379082661888
last-modified: Tue, 03 Sep 2019 11:42:58 GMT
server: ECS (fcn/40FC)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 735b8350e2e315bea55ecabae3a70251
accept-ranges: bytes

GET
H2 200 tHQZhwTs
pbs.twimg.com/card_img/1168808371643932673/ Frame 8AD3 25 KB
25 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1168808371643932673/tHQZhwTs?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

ea348772a020aa1df4d94ed30e42072f0e0e507ebc7ab16c3df8ed7d3b2753c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 25759
x-response-time: 147
surrogate-key: card_img card_img/bucket/8 card_img/1168808371643932673
last-modified: Tue, 03 Sep 2019 08:48:05 GMT
server: ECS (fcn/40F7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e134727ddfc6038688636f299082f044
accept-ranges: bytes

POST
H2 200 /
www.facebook.com/tr/ Frame 7279 0
0 6ms
6ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 5541
pragma: no-cache
cache-control: no-cache
origin: https://www.b-tu.xyz
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.b-tu.xyz/
accept-encoding: gzip, deflate, br
cookie: fr=0tCtx6ygk7HmvEhe1..BddBRq...1.0.BddBRq.
Origin: https://www.b-tu.xyz
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.b-tu.xyz/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://www.b-tu.xyz
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
date: Sat, 07 Sep 2019 20:34:50 GMT

GET
H2 200 MndPI38u
pbs.twimg.com/card_img/1168802381057933314/ Frame 8AD3 27 KB
27 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1168802381057933314/MndPI38u?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E9) /

Resource Hash

32b52afce1f36c53c0e0d1f0b8f7e863906a11127eb1dec55cc9cad483ab8156

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 27351
x-response-time: 147
surrogate-key: card_img card_img/bucket/3 card_img/1168802381057933314
last-modified: Tue, 03 Sep 2019 08:24:17 GMT
server: ECS (fcn/40E9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 738ff5df1264cc9da9217b370789e95b
accept-ranges: bytes

GET
H2 200 EjvNZBh9
pbs.twimg.com/card_img/1168795378285785088/ Frame 8AD3 343 KB
343 KB 7ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1168795378285785088/EjvNZBh9?format=png&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AF) /

Resource Hash

c103dfa7a0c9414be2c605da556c6c36f7f40819ebd7657fb1bfe1a722b8708a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:50 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 351030
x-response-time: 186
surrogate-key: card_img card_img/bucket/8 card_img/1168795378285785088
last-modified: Tue, 03 Sep 2019 07:56:28 GMT
server: ECS (fcn/41AF)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 61ff454d5f8efa00633600a188e0b1aa
accept-ranges: bytes

POST
H2 200 controller.php Show response
www.b-tu.xyz/engine/ajax/ 2 B
350 B 81ms
80ms XHR
text/html 2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.b-tu.xyz/engine/ajax/controller.php?mod=adminfunction
Requested by: Host: www.b-tu.xyz
URL: https://www.b-tu.xyz/engine/classes/min/index.php?charset=utf-8&g=general&v=25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://www.b-tu.xyz/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 07 Sep 2019 20:34:49 GMT
content-encoding: gzip
server: nginx
content-type: text/html; charset=utf-8
status: 200
x-ray: p700:0.040/wn4901:0.050/wa4901:D=44207
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
170 B 126ms
125ms Image
image/gif 104.244.42.72
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.b-tu.xyz%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22profile%3AUkrainianTennis%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1567888491414%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22e943e56%3A1566338429673%22%2C%22format_version%22%3A%22e943e56%3A1566338429673%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22element%22%3A%22notice%22%2C%22section%22%3A%22header%22%2C%22action%22%3A%22seen%22%7D%7D&notice_seen=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Sep 2019 20:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Sat, 07 Sep 2019 20:34:51 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 29456eb63ac714b31595af218f6d40c4
x-transaction: 007fec0d00ed4684
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 9FAA
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4198) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 07 Sep 2019 20:34:51 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 05 Sep 2019 20:15:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4198)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Sat, 07 Sep 2019 20:34:51 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Sat, 07 Sep 2019 20:34:51 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 29456eb63ac714b31595af218f6d40c4
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 113
x-transaction: 009ff14e001a52f5
x-tsa-request-body-time: 5
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2

200

1566718037_beygelzimer-01.png
www.b-tu.xyz/uploads/posts/2019-08/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png
https://www.b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png

279 KB
280 KB

35ms
35ms

Image
image/png

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: f51cf6639457ba2defde24b1754c54a3b5647fdab97e70b4d14eb8e9cd3e7b66

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:56:55 GMT
server: nginx
etag: "5d6f19e7-45dff"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:52 GMT
accept-ranges: bytes
content-length: 286207

Redirect headers

status: 301
x-ray: p700:0.000/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:52 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png
content-type: text/html

GET
H2

200

1566718037_beygelzimer-01.png
www.b-tu.xyz/uploads/posts/2019-08/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png
https://www.b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png

279 KB
280 KB

57ms
55ms

Image
image/png

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: f51cf6639457ba2defde24b1754c54a3b5647fdab97e70b4d14eb8e9cd3e7b66

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:56:55 GMT
server: nginx
etag: "5d6f19e7-45dff"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:56 GMT
accept-ranges: bytes
content-length: 286207

Redirect headers

status: 301
x-ray: p700:0.001/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:56 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-08/1566718037_beygelzimer-01.png
content-type: text/html

GET
H2

200

1566634532_24-aug-650.png
www.b-tu.xyz/uploads/posts/2019-08/
Redirect Chain

https://b-tu.xyz/uploads/posts/2019-08/1566634532_24-aug-650.png
https://www.b-tu.xyz/uploads/posts/2019-08/1566634532_24-aug-650.png

416 KB
416 KB

151ms
150ms

Image
image/png

2a06:6440:0:2d86::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.b-tu.xyz/uploads/posts/2019-08/1566634532_24-aug-650.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d86::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: e2dc70d6d784b09aa838a96613793879ae4e2db6e787812635082b30641b63cd

Request headers

Referer: https://www.b-tu.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray: p700:0.000/wn4901:0.000/
last-modified: Wed, 04 Sep 2019 01:56:14 GMT
server: nginx
etag: "5d6f19be-67e90"
content-type: image/png
status: 200
date: Sat, 07 Sep 2019 20:34:56 GMT
accept-ranges: bytes
content-length: 425616

Redirect headers

status: 301
x-ray: p700:0.000/wn4901:0.000/
server: nginx
date: Sat, 07 Sep 2019 20:34:56 GMT
content-length: 162
location: https://www.b-tu.xyz/uploads/posts/2019-08/1566634532_24-aug-650.png
content-type: text/html

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.b-tu.xyz/	1970-01-19 03:31:28	Name: _gat_gtag_UA_113125822_1 Value: 1
.doubleclick.net/	1970-01-19 03:31:29	Name: test_cookie Value: CheckForPermission
.b-tu.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9gmthf87e1e1sb1f1jpiotl4j2
.facebook.com/	1970-01-19 05:41:04	Name: fr Value: 0tCtx6ygk7HmvEhe1..BddBRq...1.0.BddBRq.
.b-tu.xyz/	1970-01-19 05:41:04	Name: _fbp Value: fb.1.1567888490119.1485138963
.cdn.braun634.com/	1970-01-22 19:10:22	Name: AU Value: 8e592bbc74efbe2b
.b-tu.xyz/	1970-01-19 03:31:28	Name: _gat Value: 1
.b-tu.xyz/	1970-01-19 03:32:54	Name: _gid Value: GA1.2.1690846023.1567888490
.b-tu.xyz/	1970-01-19 21:02:40	Name: _ga Value: GA1.2.271514826.1567888490
.www.b-tu.xyz/	1970-01-19 12:17:04	Name: language Value: ru
.b-tu.xyz/	1970-01-19 03:31:28	Name: _gat_gtag_UA_110342360_1 Value: 1
www.b-tu.xyz/	1969-12-31 23:59:59	Name: b Value: b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://platform.twitter.com/widgets.js(Line 1) Message: You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
adservice.google.com
adservice.google.de
b-tu.xyz
btu.org.ua
cdn.braun634.com
cdn.sendpulse.com
cdn.syndication.twimg.com
connect.facebook.net
cse.google.com.ua
googleads.g.doubleclick.net
n3.cdn.braun634.com
pagead2.googlesyndication.com
pbs.twimg.com
platform.twitter.com
r.i.ua
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
ton.twimg.com
www.b-tu.xyz
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.ua
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.wtatennis.com
z.cdn.braun634.com
104.244.42.72
176.9.157.8
185.67.0.53
213.227.149.183
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:553:dea:996:18f7:b71
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:819::2008
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81f::200e
2a00:1450:4001:825::200e
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:6440:0:2d86::1
82.192.95.133
82.192.95.98
91.198.36.16
038ec0b40fe573013e808a4dad628d985dbead93b12f42af079de6f99383058d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05f3729f190678b10435d78c45cafa3e6563be499b4939caf329b9bed9b94ea1
067ef3cc8c7d3e1db6e26f3a0bd4577b0bd62f6f507f4791dee152e243ffad96
07c708a6a16959122c6dc8e1d57e1ac272a25675088e7a0114344a2763070dea
08e6a3f78fcf4688c7af5f79653f8829b580012e44ecde064f9f8626c41860b9
0a4c16d8f3ff5770736901fcdef65d44919dd297256f5f425ddf8d00c63cbf55
0c7854fe840666d69c1f7f9739c7a203c54b65747f333b438456967fd83aa950
0cf2c8481afe92133d99091000de67b1040583bf913e0cf9b02cc5f2d6960cc2
0e03b350884c5858a1b38a559c96439f7167da78b27a2928c35f8a27a80ee5d8
0e2ef1aca8b35a223e79001207edc71b393dcc6af85ae6c0014e4dac27710ac8
0ecb2b8da2eff2a9b5486b7b76e27c90c46c648dca63dfef1a3142e39974034d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13baf9f32e4e31bf03f62591ca934ba7ce6d7c47243cb885739e39cddee32fb8
13f3065da3da99b36f3035fa3bd7285197ff0e6d754b099726b94f471ed37c51
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
16375db367d03b63d3447ec0a6383c999bfa2a9a2ca934a905feaa8b4efa4357
261608821d3960c3f16033f982c4fa2e0e50f6a844663327f8dc336fb3ea6b2a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
279b61f328e715458c8b00201d7e234ac3566a504fcb32c99ca47721e3a3e4ea
27c2caf5324ffac04ce7b7acaab11fe36421c64e629704beaa3fb2adf8772c29
29a1003fd6817b9b2de5cb047c3753a5277b33f79907c5e2a835efdbf0995302
29fdf31b1602f6fb844e684549c427d8a759240fa61cab76f4367cedc84563ff
2c74281e267b19937acde7a3eee4e99e540008ed1a68398b1b8ff1fde9401dad
2db4bed5a3dc78d477c7d434bcbd7d7fb2e08d5e237233cce210ea81c72699b3
302017e9d1d7fa45eecf35a4285e568f6a48a99cc10225c21df33e0baab27ad3
32b52afce1f36c53c0e0d1f0b8f7e863906a11127eb1dec55cc9cad483ab8156
32f32a2b4d4a97052e8a7d9a7778a7fa40901ef17658a8f8f88cf93fac9423e9
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
34b5fe14be1cedb6a7e5013ff30512bd90428c7727fc6f7dcb12019bcf2fe7ab
35411ea7ab934f02f7a346860e01927a3952c8461c3bd22f6066578508ff5bd1
369d83927613482f0695dcc68aa2444f24f0665b0ad617e69890b30a3779f8fd
3896affce08924c480e78205a3af4cb7d7f1bd1c8f09423397425596ea579d5c
4152ac073187804a7bc87303a3ba2641672654a56183652d986b792347cb6af9
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
45c394a85e4f01d414371e2612e0b7108a57bf879597441366fa02a1dac5cb78
45e42412ac611770918e7fc323b69cfec20b8e1cd7dd9a023b0ff2c442dd291d
48c7238ef66c76b0aa3ae08ba009af8dd9b543660e9758012dd4e1c12af0d9e0
49a80f903ac4bdf488167d0f3bc00b7c1b4c56fb592e7fa40a5cdf1fc710e2fd
4a1122b803b700d1450fbc723db20f82476dfee5830c198fa1fa8ef128f59a03
4a96a0ff070232e29998c308c885556bc37ea253127200f34423c5dcd73eb904
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4f76674eee627309bc859f9eaae834cf35681b7d3642699f3527f9508335d746
4fa6682d4d894c97b21d2b7aadec5ee463f8d62eee6212de6211fe583e866011
512f2fc2840f26f25a6a8cbeeed78810603db942c472675b0bd76f06aa194792
53f7f48275c59b5dde1a20db7b2bba1b875d314173b747aeb997877f7ad73833
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
568ade59a9dd53f4c8d9da73c24df3d6a6a8176351a36ab7d763f06fea1757f4
5941717cbdc7026ef429f0e41bfde226c4f31f7d4cbbd7a7449294aeff6afa19
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6473ebe4e7bf7e98940db2f5fd9596f693b7a0e99dcde281173fbf98672792ff
699643dda1be89cd7e9a41cf4fe06a5eae4fc2fcaed2a245cec7a5f04629beb3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c55979da8c0759e6a092ee69e3ca61ad058c5617fe9bcf805081e13e22c5ee5
6c970737aee41eb813934137c1e6d1e814c894143a401a10e879052a000fa858
6e2d7f5f8838296f7198af77c742f590f1ffc2505ff3f8c30e0f1b296a9c9fe3
71c7af3870c503065835c4df181f7270547b06d76c2529a710cc46758306c8ca
727e20f15cb36bee770f501fac612c1cde421aaa2c51b075bb4c3c81a9a2e18b
75da0ea4812b6f4d36d7d041e7d7aff04bf2eea23c8a43d3170947dafcfe294d
77c21c3eac834bc8c850fc62cebb4a18cba1449b44f06c1f3520942be2aa955c
7a960e8b978c38d36a672064518e7d46d7c7e706236c179c6f9e81ca588e7a23
7b50f00b4ec8c413fdfcf5ccb596f9ae3f47f776ae7fd913eab6cdda0e1543e9
7b9ae0d064f146c79472e80ab29ca5156984a89df65dc02c401257cde5f1a493
7c0e0b39d9f59c267818e2d917f86c72dd8670a2c32bf746a866075b8e704a47
7c500fb2ba4f624985ca695537404a110a7ad4993747dfb35f8f973f0019fbec
813dca7bb6ca7aeb449d6b4b4894cd00da87360058274999e03f529f9e25a976
82465e4813f84ef566a081bbf32519a613ad6242b8d714a5a38f7f88eadfb062
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
876e139116fc16aa3c4d125fc455be61e9c68bf474539ca822a2d2edee6a7459
8a5e856e8cc2c794c6e40e43ccde2e516462e9d04922f4ee6c5944a516b4329d
8ef2ba7a1cbe8e42608e7cd9ec46d6bc7eab0e9ac2d180d0a129c68a652cad0c
9080d44ead3093bd6fb939463ea5fae7e395354e32f61e90b22b9dcd9266d43c
90f612eec6ce7898bdf3ccc036e4d8d168601b80fcdffc354973836c0004c334
94e4c225318995022a0b966b70553eb5e9d4fe4e7e412bd77d1c8a69f7932b52
9591a384a73ae0dc46ab3b77a077995fd976ed355e81b33ee201f2b80f4871fb
9e2cc4405b733037480226d16b19d28db0891031b6655e552e86929be94c68f8
a1a2bf4b4bdd83b2827d03f84ff322a6d40a3f12fe1e2d9b83136dcdad2fae25
a42244d41c20a36f8c5aa8840f3738d2a4b1363221edc125d99bdd6c895c09f2
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a5acb59292b74e729e359edf6ca2492c086656319a5e24903e9ff0a0c5c11ce3
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
ab6d9b609bee3d796c83ddd5c2e7343899f29096afcf7dfc41d56ff9da7a6dfd
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
af241ff71b01c221cd3caca6b7696df7bbdfca92333ba646bd12ae7f2fcb37b0
afdfbb0c2903e3adc7a0af19c4ba030259209099bacd124a18a7f084c986d3be
b3ab3e30a193b49b66f4ef193e9c584e32b0e4ef2ae87c7d10f5fc04d4e2ad67
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b5eadf48884a27895a5fb423d07434f36938b6982dfedf3ed45b2016d9cfb2a7
bbd09765440bcb8a175bdf9cb88c5d72127f655691e15c12abf912db4f24ba8c
bc2c52a0ab013d82d05cc76ae7cc9cd14752de4cf8873ff8e0a99a517b4483ea
c0a7d966a6e9cae369f2494e253e6ee9a74f999431b0a1ea8552c94e1993be07
c103dfa7a0c9414be2c605da556c6c36f7f40819ebd7657fb1bfe1a722b8708a
c57bccbff3cf1fd8edfcf71bcd9b864c8c347012b4f2ab921fd2a7a4d06f274e
c7328584f160f89ebeafea9ec909a1d2daaee794b5319470a2144cca7df13b15
c9dacaa5292f280271e31cb00b9e271c3a15ca8e425bbab9c3d812ff2a0904f2
cb2908c692c11b88da204b5eda844246d80d7e3c2ee030c47834c4bb81b0a9b0
cf9841e430162d1a9564c690a042b8e61aa8b86cb6de8ee6ff5ff7ea5fa9a48e
d1dc10e3d1751ad287cc2d264add4f1c544be127a7f9c604254349ed9c74fa66
d865117d3d207f9b5c2a20eef13fe58856e3a87e4e7c0a87dae9ec2162b59631
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc144afbb9318d0b9b67c35769c2358806298368084dfe9e674e4653ef27981f
dcdcd7e23c4d43ebefc65e9cf474569778be7c0ebf963f82b010b7f04f5e30d7
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
e0c654660316cb3fcd28175d70d9b88964d438d9a0f63426d94033fa59e41899
e2dc70d6d784b09aa838a96613793879ae4e2db6e787812635082b30641b63cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ceb417f143f3da5e489b62778609a256365a98f483bed272d97e4891fdb36b
e8b023145aafe1f1c703767f898fb05b21f6ced489558eae5fddde159881af75
e93be2c053ce67a6391cb4a7f21df5d3b1155d96460a34626682f444af3a90ac
e97396af14ad72c64ec3c143ed16941ab05d28f3c80230d7aeab4b5d2462f410
e986690570a10a0d24e33be9dc3e669f85fed95d9a3c6ae09e54d0602b98788c
ea1e7d4389a3f1b8a5208738663f8d74f0219625847877fa8fb2b1697c9a0fa9
ea348772a020aa1df4d94ed30e42072f0e0e507ebc7ab16c3df8ed7d3b2753c5
eeb0425949dcb212ce15f7b541d5dc66547affc934b9da4cdab68d7d9cd554b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f079e3fe34e49e8b07dfd32f7a2247c68682a4941d3dee9fd052535da41dadf9
f1106d00331995db22eee14181b1510b7ec3b7e780e0e4fa6827c66aaa2a99b4
f51cf6639457ba2defde24b1754c54a3b5647fdab97e70b4d14eb8e9cd3e7b66
f613e56f59adc3fd05ac09036894e153505f7f6c80f497bd6e79caf5376a1e5c
f92b1d9fd9cbf23d57446b5bdc9417317a4c1ff873ca439c1dc7c8332ba95860
f9579ef86c0b0638f2cd29ba0daf1586324728c9fa16f392d75f2e2a62bf1ebd
f97214e90bdd707950b1cab00c37c0b63b8ac706b33c9267d259748af0d63a7e
f99a2c60ac365f5cebd3b520372c07dac909708e0fb5f8848a0a967c7fc0b98e
fa749c479056cc4848e50c3909c015201efbdc5e1c593a0e5647a6d58978e779
fde07060fd8b57fcee8b6c2bdfc5909ac131187837e47a8cd1f21b76d73dae33
fe1c8ef11abd09bb1c3f6edd8143ff76d9fbf4c20b360e6257e30aacee9b6046
fe7e5a90688fbc6e61fbc8b08194ecf3479e0ebf2de96d5b415165c59369ab65
ffa2eee9904513a379af19ad3b2f973a24295834a62e33b6d4f6bf171ad92166

www.b-tu.xyz Open in urlscan Pro 2a06:6440:0:2d86::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

168 Requests

100 %HTTPS

70 %IPv6

18 Domains

30 Subdomains

23 IPs

6 Countries

7032 kBTransfer

9079 kBSize

12 Cookies

87 Outgoing links

Page URL History

Redirected requests

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.b-tu.xyz Open in urlscan Pro
2a06:6440:0:2d86::1 Public Scan

Screenshot
Live screenshot

Full Image

168
Requests

100 %
HTTPS

70 %
IPv6

18
Domains

30
Subdomains

23
IPs

6
Countries

7032 kB
Transfer

9079 kB
Size

12
Cookies

168 HTTP transactions
8 data transactions