pdemas2.baiqi.monster Open in urlscan Pro
199.250.212.216 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pdemas2.baiqi.monster/
Submission: On December 23 via api (December 23rd 2023, 2:25:09 pm UTC) from US — Scanned from US

Summary HTTP 23 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 23 HTTP transactions. The main IP is 199.250.212.216, located in United States and belongs to INMOTION, US. The main domain is pdemas2.baiqi.monster.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 23rd 2023. Valid for: 3 months.

This is the only time pdemas2.baiqi.monster was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	199.250.212.216 199.250.212.216	22611 (INMOTION) (INMOTION)
9	52.95.178.8 52.95.178.8	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:806::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
23	6

1 199.250.212.216 (United States)

ASN22611 (INMOTION, US)

pdemas2.baiqi.monster	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.95.178.8 (Jakarta, Indonesia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-3.amazonaws.com

cssstorage.s3.ap-southeast-3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assetsgmbr.s3.ap-southeast-3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:806::2001 (United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	amazonaws.com cssstorage.s3.ap-southeast-3.amazonaws.com assetsgmbr.s3.ap-southeast-3.amazonaws.com	393 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	125 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	230 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	258 B
1	baiqi.monster pdemas2.baiqi.monster	5 KB
23	5

	Domain	Requested by
8	assetsgmbr.s3.ap-southeast-3.amazonaws.com	pdemas2.baiqi.monster
6	cdn.ampproject.org	pdemas2.baiqi.monster cdn.ampproject.org
3	www.googletagmanager.com	pdemas2.baiqi.monster www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	cssstorage.s3.ap-southeast-3.amazonaws.com	pdemas2.baiqi.monster
1	pdemas2.baiqi.monster
23	6

This site contains links to these domains. Also see Links.

Domain
yok.li
api.whatsapp.com

Subject Issuer	Validity	Valid
pdemas2.baiqi.monster cPanel, Inc. Certification Authority	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.s3.ap-southeast-3.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-02-06`	10 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pdemas2.baiqi.monster/
Frame ID: F0708B9F68BA18288E8A11C3BEF3E331
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pandaemas88: Situs Slot Gacor Pandaemas

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Page Statistics

23
Requests

87 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

753 kB
Transfer

1593 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://yok.li/pandaMaster4

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send/?phone=%2B85512388811&text&type=phone_number&app_absent=0
Title: WhatsApp

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pdemas2.baiqi.monster/ 23 KB
5 KB 527ms
100ms Document
text/html 199.250.212.216
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: https://pdemas2.baiqi.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.250.212.216 , United States, ASN22611 (INMOTION, US),
Reverse DNS
Software: Apache /
Resource Hash: c1f4934724f565556ba621d4a2f4db3a7933ae7288b872df80550756b9262d4d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-length: 5066
content-type: text/html; charset=UTF-8
date: Sat, 23 Dec 2023 14:25:02 GMT
server: Apache
vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK csspandaemas1.css
cssstorage.s3.ap-southeast-3.amazonaws.com/ 58 KB
58 KB 946ms
319ms Stylesheet
text/css 52.95.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cssstorage.s3.ap-southeast-3.amazonaws.com/csspandaemas1.css
Requested by: Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.178.8 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: d95d0c256de80f2b20a106c39224e54207f7d0a06c636bad0407ed3f4cc4a52c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:04 GMT
Last-Modified: Wed, 19 Apr 2023 12:01:19 GMT
Server: AmazonS3
x-amz-request-id: YM2395QG42MZMEJC
ETag: "5c54997be1fd2194c03c55d60d8abf00"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 59051
x-amz-id-2: g0aExH25mUyw2jOAVAsXAscRE+OsruV5HOSg3r4n48Nuxmo+ijRYpZz9W4rEgAaC1QuMCSg9xFU=

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
73 KB 230ms
79ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 14:25:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73141
x-xss-protection: 0
server: sffe
etag: "20620290c9309704"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Dec 2023 14:25:02 GMT

GET
H2 200 amp-bind-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
16 KB 78ms
77ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-bind-0.1.js

Requested by

Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4bedabec2adb6bd571b46c49de0885c0f832735209f7c58f6af7c7e3d95fe02

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 14:25:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16384
x-xss-protection: 0
server: sffe
etag: "955c3f88d7ef8ae3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Dec 2023 14:25:03 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 78ms
78ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d85df9e61ec25caa8e6033bbf255be0036e9af0bec9d8f0cde5f8d6629da3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 14:25:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11509
x-xss-protection: 0
server: sffe
etag: "89fd1f55c72a0a94"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Dec 2023 14:25:03 GMT

GET
H3 200 amp-lightbox-0.1.js Show response
cdn.ampproject.org/v0/ 26 KB
8 KB 78ms
78ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-0.1.js

Requested by

Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8f4932f20fa0868dd2caaa4e5bde036d3db73868c2132a5f387d87064f0343b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 14:25:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8507
x-xss-protection: 0
server: sffe
etag: "97039edf12d9673b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Dec 2023 14:25:03 GMT

GET
H3 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
2 KB 78ms
78ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ec9d8d19236a815a5b0473e79b1b6823330026a8a564e4074f3f7595abc4ed1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 14:25:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2473
x-xss-protection: 0
server: sffe
etag: "f9ec7b9cfb04b32c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Dec 2023 14:25:04 GMT

GET amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012303151529000/v0/ 0
0

GET amp-loader-0.1.js
cdn.ampproject.org/rtv/012303151529000/v0/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 223ms
89ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MJGX7XM0HL

Requested by

Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7404c116bd7c95c711038d196fda1063bd6314824c51bd7aa7e88651a913bba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92781
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 14:25:04 GMT

GET
H/1.1 200
OK pandaemas88-logo.png
assetsgmbr.s3.ap-southeast-3.amazonaws.com/ 9 KB
9 KB 936ms
315ms Image
image/png 52.95.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetsgmbr.s3.ap-southeast-3.amazonaws.com/pandaemas88-logo.png
Requested by: Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.178.8 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 550faf4c24aba03be7c8068d8b515eba87bf70ec3fa7fc3ce745be5db5180821

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:04 GMT
Last-Modified: Wed, 19 Apr 2023 10:37:44 GMT
Server: AmazonS3
x-amz-request-id: YM2DK9Z8VEKWCYGH
ETag: "84605797886b07e661aa6f7bb05e766c"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 8738
x-amz-id-2: vT5zjNCncGBb+NRFRy5aGW3+HGgG8URjdBoS64ZJvrq1r5pq0zUg9GG40NQ5ht37l3wlDQAHDlc=

GET
H/1.1 200
OK login-icon.webp
assetsgmbr.s3.ap-southeast-3.amazonaws.com/ 950 B
1 KB 938ms
302ms Image
image/webp 52.95.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetsgmbr.s3.ap-southeast-3.amazonaws.com/login-icon.webp
Requested by: Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.178.8 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 86ecc2b3eb4f29b901c20f4106ec9d2baa1e04901653fbf9813eb5c62064727f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:04 GMT
Last-Modified: Mon, 10 Apr 2023 15:11:27 GMT
Server: AmazonS3
x-amz-request-id: YM25GQGK1PZZ3M6T
ETag: "e130e8a198ef1d8e22eb483bac636e4d"
x-amz-server-side-encryption: AES256
Content-Type: image/webp
Accept-Ranges: bytes
Content-Length: 950
x-amz-id-2: VwZpohWgLHFCvUfAg2+TDlFQLTYK7+wv18OksE0Ux6E+YtFwFIms/3AZNs4qxaAkmSh8YBdY75Y=

GET
H/1.1 200
OK daftar-icon.webp
assetsgmbr.s3.ap-southeast-3.amazonaws.com/ 1 KB
1 KB 302ms
302ms Image
image/webp 52.95.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetsgmbr.s3.ap-southeast-3.amazonaws.com/daftar-icon.webp
Requested by: Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.178.8 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: b0fddd82f148fdf466c965c5379f394f252042bb89795604106f2fc7d0138e68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:04 GMT
Last-Modified: Mon, 10 Apr 2023 15:11:27 GMT
Server: AmazonS3
x-amz-request-id: YM22FZ7XEYDRHWKA
ETag: "4b1be7fece82cc7f6c65081a1b0cab12"
x-amz-server-side-encryption: AES256
Content-Type: image/webp
Accept-Ranges: bytes
Content-Length: 1088
x-amz-id-2: JVfXJb9tjF81JVBMBR6XKx31lJvqc75EGBc66im91e1mlYFWQX56Cig9iohXR73bUfbEQUcNXnU=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 133 KB
48 KB 324ms
190ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WN4DH42

Requested by

Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e52b169b3ee9953eb99500e409bfcdbfa3ac98d59b99866339d6730054de32a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49398
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 23 Dec 2023 14:25:04 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a8afec66dd734fa310085592cf68f6a2aac58483cef25343c3610cccc8fcf6d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ee4bdaaaaf1edb8a568034c04bfb120d2e607d1cca0185cc00047851950f1c9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 ww.js Show response
cdn.ampproject.org/rtv/012312012346000/ 51 KB
14 KB 160ms
66ms Fetch
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/ww.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc86fc37ff1669c88ff3e9829a845c62b1e296033836c5d6512c7f7446270914

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://pdemas2.baiqi.monster/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 18:11:42 GMT
age: 332002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14435
x-xss-protection: 0
server: sffe
etag: "e78dfcc7e84f41f3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 18:11:42 GMT

GET
H/1.1 200
OK pandaemas88_bonus-new-member2.webp
assetsgmbr.s3.ap-southeast-3.amazonaws.com/ 20 KB
20 KB 304ms
302ms Image
image/webp 52.95.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetsgmbr.s3.ap-southeast-3.amazonaws.com/pandaemas88_bonus-new-member2.webp
Requested by: Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.178.8 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 658f7b61d7481526ed86c585d58348ed9885450454a0612f95a8de16883e0766

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:05 GMT
Last-Modified: Fri, 07 Jul 2023 12:56:56 GMT
Server: AmazonS3
x-amz-request-id: Y3XX6WABS7VX2KK9
ETag: "3305a4b2f7e257bc0df3ed622c60c6fb"
x-amz-server-side-encryption: AES256
Content-Type: image/webp
Accept-Ranges: bytes
Content-Length: 20326
x-amz-id-2: vS/aj0pljYzLAb/K8Ip02M9TxogpuGE8hNS/zys2TziaXunnsdrgecGunTmA7r5EIGswiuP4jp0=

GET
H/1.1 200
OK indonesia.webp
assetsgmbr.s3.ap-southeast-3.amazonaws.com/ 1 KB
2 KB 315ms
314ms Image
image/webp 52.95.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetsgmbr.s3.ap-southeast-3.amazonaws.com/indonesia.webp
Requested by: Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.178.8 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: ed303ad30d7feeff941e9e4588b69438601a4b96ef1360381f8007217d2935dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:05 GMT
Last-Modified: Mon, 10 Apr 2023 16:10:11 GMT
Server: AmazonS3
x-amz-request-id: Y3XXYN63DKD72BGH
ETag: "5dabd22f8cc64dfb489c5b2293c34122"
x-amz-server-side-encryption: AES256
Content-Type: image/webp
Accept-Ranges: bytes
Content-Length: 1426
x-amz-id-2: wpUTARHHEd2KQZrnnrHAhvKil0Up67UnY8sYdCZkWZH1tiMZuOB1EJfCXO1ow8iXedAk2ztnyBg=

GET
H/1.1 200
OK wa.webp
assetsgmbr.s3.ap-southeast-3.amazonaws.com/ 2 KB
2 KB 300ms
299ms Image
image/webp 52.95.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetsgmbr.s3.ap-southeast-3.amazonaws.com/wa.webp
Requested by: Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.178.8 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 413125d2e5e3fc0fe0fa049a7ed97716bdc22ed7b0d6bbe9c7062ce3c93297ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:05 GMT
Last-Modified: Mon, 10 Apr 2023 16:10:02 GMT
Server: AmazonS3
x-amz-request-id: Y3XX305DGMSCD2E4
ETag: "c983209507e54dcea3653ae87ccf1c9a"
x-amz-server-side-encryption: AES256
Content-Type: image/webp
Accept-Ranges: bytes
Content-Length: 1894
x-amz-id-2: 5yB8YkPqAxUbiu6Nnd0CAdm1nnKllvBHM96RuvQQP/gXLgRT+kstrj82aCsQWs4HEAa8msITynA=

GET
H/1.1 200
OK Daftar-sekarang.webp
assetsgmbr.s3.ap-southeast-3.amazonaws.com/ 7 KB
8 KB 594ms
294ms Image
image/webp 52.95.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetsgmbr.s3.ap-southeast-3.amazonaws.com/Daftar-sekarang.webp
Requested by: Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.178.8 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0d8cecef5d0e2d4420e25463540dd648fe4e09c37e30d802f7f3c29a758f7a8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:05 GMT
Last-Modified: Mon, 10 Apr 2023 16:10:11 GMT
Server: AmazonS3
x-amz-request-id: Y3XWA0P0BEZJ61V6
ETag: "f07048eef310ab941022e76e3896225a"
x-amz-server-side-encryption: AES256
Content-Type: image/webp
Accept-Ranges: bytes
Content-Length: 7462
x-amz-id-2: Os/nX0O4bW/D6NLc9oCoFmXXXiDX9ZDWoXvyBp6Y5k8Yq2CyEZqLiwMo4wBJUsJtfaUW9fyldFE=

GET
H/1.1 200
OK bonus.gif
assetsgmbr.s3.ap-southeast-3.amazonaws.com/ 291 KB
291 KB 610ms
294ms Image
image/gif 52.95.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetsgmbr.s3.ap-southeast-3.amazonaws.com/bonus.gif
Requested by: Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.178.8 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: bc89f85c34c0cf8b388aa16a79b1412bdde9a076cf7b9488cc6cb074116ee38b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:05 GMT
Last-Modified: Mon, 10 Apr 2023 15:11:26 GMT
Server: AmazonS3
x-amz-request-id: Y3XRDHRN34Y0P6NX
ETag: "7fcc6682a33c31024d11bf5b7d3dbf8a"
x-amz-server-side-encryption: AES256
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 297542
x-amz-id-2: 9CPYD1i2njNc1W+7z2rihEcvJYpYkczePoqP0RiGGjgBIDYVBtQemTxqGaySB8w0UxpmOrFqFu8=

GET
BLOB 200
OK f01beffe-6230-42ab-a807-db247edfb8f1
https://pdemas2.baiqi.monster/ 51 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pdemas2.baiqi.monster/f01beffe-6230-42ab-a807-db247edfb8f1
Requested by: Host: pdemas2.baiqi.monster
URL: https://pdemas2.baiqi.monster/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1da870c4db72f786d1d04409b20d4ec7376b352b9bc68327ac5a0c83f17e0553

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 52080
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 92ms
91ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MJGX7XM0HL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WN4DH42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

89c9954cac2bc5b56e5c9be38eb6ccc3bd7884db4518acec01903726302183ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92867
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 14:25:04 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
258 B 130ms
47ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MJGX7XM0HL&gtm=45je3bt0v9133164680&_p=1703341504021&gcd=11l1l1l1l1&dma=0&cid=990087261.1703341504&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703341504&sct=1&seg=0&dl=https%3A%2F%2Fpdemas2.baiqi.monster%2F&dt=Pandaemas88%3A%20Situs%20Slot%20Gacor%20Pandaemas&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2512
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MJGX7XM0HL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdemas2.baiqi.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pdemas2.baiqi.monster
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012303151529000/v0/amp-auto-lightbox-0.1.js

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012303151529000/v0/amp-loader-0.1.js

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.baiqi.monster/	1970-01-21 02:45:01	Name: _ga Value: GA1.1.990087261.1703341504
			.baiqi.monster/	1970-01-21 02:45:01	Name: _ga_MJGX7XM0HL Value: GS1.1.1703341504.1.0.1703341504.0.0.0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://pdemas2.baiqi.monster/ Message: Access to script at 'https://cdn.ampproject.org/rtv/012303151529000/v0/amp-auto-lightbox-0.1.js' from origin 'https://pdemas2.baiqi.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.ampproject.org/rtv/012303151529000/v0/amp-auto-lightbox-0.1.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://pdemas2.baiqi.monster/ Message: Access to script at 'https://cdn.ampproject.org/rtv/012303151529000/v0/amp-loader-0.1.js' from origin 'https://pdemas2.baiqi.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.ampproject.org/rtv/012303151529000/v0/amp-loader-0.1.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assetsgmbr.s3.ap-southeast-3.amazonaws.com
cdn.ampproject.org
cssstorage.s3.ap-southeast-3.amazonaws.com
pdemas2.baiqi.monster
www.google-analytics.com
www.googletagmanager.com
cdn.ampproject.org
199.250.212.216
2001:4860:4802:32::178
2607:f8b0:4006:806::2001
2607:f8b0:4006:80e::2008
52.95.178.8
0a8afec66dd734fa310085592cf68f6a2aac58483cef25343c3610cccc8fcf6d
0d8cecef5d0e2d4420e25463540dd648fe4e09c37e30d802f7f3c29a758f7a8f
1da870c4db72f786d1d04409b20d4ec7376b352b9bc68327ac5a0c83f17e0553
1ee4bdaaaaf1edb8a568034c04bfb120d2e607d1cca0185cc00047851950f1c9
2ec9d8d19236a815a5b0473e79b1b6823330026a8a564e4074f3f7595abc4ed1
413125d2e5e3fc0fe0fa049a7ed97716bdc22ed7b0d6bbe9c7062ce3c93297ff
550faf4c24aba03be7c8068d8b515eba87bf70ec3fa7fc3ce745be5db5180821
658f7b61d7481526ed86c585d58348ed9885450454a0612f95a8de16883e0766
6e52b169b3ee9953eb99500e409bfcdbfa3ac98d59b99866339d6730054de32a
7404c116bd7c95c711038d196fda1063bd6314824c51bd7aa7e88651a913bba1
85d85df9e61ec25caa8e6033bbf255be0036e9af0bec9d8f0cde5f8d6629da3b
86ecc2b3eb4f29b901c20f4106ec9d2baa1e04901653fbf9813eb5c62064727f
89c9954cac2bc5b56e5c9be38eb6ccc3bd7884db4518acec01903726302183ad
b0fddd82f148fdf466c965c5379f394f252042bb89795604106f2fc7d0138e68
b8f4932f20fa0868dd2caaa4e5bde036d3db73868c2132a5f387d87064f0343b
bc89f85c34c0cf8b388aa16a79b1412bdde9a076cf7b9488cc6cb074116ee38b
c1f4934724f565556ba621d4a2f4db3a7933ae7288b872df80550756b9262d4d
d95d0c256de80f2b20a106c39224e54207f7d0a06c636bad0407ed3f4cc4a52c
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed303ad30d7feeff941e9e4588b69438601a4b96ef1360381f8007217d2935dd
f4bedabec2adb6bd571b46c49de0885c0f832735209f7c58f6af7c7e3d95fe02
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457
fc86fc37ff1669c88ff3e9829a845c62b1e296033836c5d6512c7f7446270914

pdemas2.baiqi.monster Open in urlscan Pro 199.250.212.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

23 Requests

87 %HTTPS

60 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

753 kBTransfer

1593 kBSize

2 Cookies

2 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

2 Cookies

4 Console Messages

Indicators

pdemas2.baiqi.monster Open in urlscan Pro
199.250.212.216 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

87 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

753 kB
Transfer

1593 kB
Size

2
Cookies

23 HTTP transactions
3 data transactions