cs-sandbox.berdu.pw Open in urlscan Pro
139.162.19.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://support.berducsproject.xyz/
Effective URL:
https://cs-sandbox.berdu.pw/
Submission: On January 21 via automatic, source certstream-suspicious (January 21st 2022, 7:19:06 am UTC) — Scanned from DE

Summary HTTP 46 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 46 HTTP transactions. The main IP is 139.162.19.59, located in Singapore, Singapore and belongs to LINODE-AP Linode, LLC, US. The main domain is cs-sandbox.berdu.pw.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on June 11th 2020. Valid for: 2 years.

This is the only time cs-sandbox.berdu.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.104.42.93 172.104.42.93	63949 (LINODE-AP...) (LINODE-AP Linode)
1	139.162.19.59 139.162.19.59	63949 (LINODE-AP...) (LINODE-AP Linode)
8	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
10	2.16.186.160 2.16.186.160	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
24	18.139.97.203 18.139.97.203	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3031::ac43:de2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
46	7

1 172.104.42.93 (Singapore, Singapore) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: luwak.berdu.id

support.berducsproject.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.19.59 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: berdu.berdu.pw

cs-sandbox.berdu.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.16.186.160 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-160.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 18.139.97.203 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com

bdsgp.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:de2e (United States)

ASN13335 (CLOUDFLARENET, US)

gif.berduflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	bdsgp.my.id bdsgp.my.id — Cisco Umbrella Rank: 97497	1 MB
10	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1300	159 KB
8	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	465 KB
2	berduflare.com gif.berduflare.com — Cisco Umbrella Rank: 155455	41 KB
1	gstatic.com fonts.gstatic.com	36 KB
1	berdu.pw cs-sandbox.berdu.pw	40 KB
1	berducsproject.xyz 1 redirects support.berducsproject.xyz	371 B
46	7

	Domain	Requested by
24	bdsgp.my.id	cs-sandbox.berdu.pw
10	analytics.tiktok.com	cs-sandbox.berdu.pw analytics.tiktok.com
8	connect.facebook.net	cs-sandbox.berdu.pw connect.facebook.net
2	gif.berduflare.com	cs-sandbox.berdu.pw
1	fonts.gstatic.com	cs-sandbox.berdu.pw
1	cs-sandbox.berdu.pw
1	support.berducsproject.xyz	1 redirects
46	7

This site contains links to these domains. Also see Links.

Domain
wa.me
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
*.berdu.pw AlphaSSL CA - SHA256 - G2	`2020-06-11` - `2022-08-08`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-30` - `2022-01-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
bdsgp.my.id R3	`2021-11-06` - `2022-02-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cs-sandbox.berdu.pw/
Frame ID: C4B46D95935CD32E271510402F90E2E5
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Toko Top Global

Page URL History Show full URLs

https://support.berducsproject.xyz/ HTTP 302
https://cs-sandbox.berdu.pw/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

46
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

1779 kB
Transfer

4809 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/6281253844741?text=
Title: `klik untuk pesan

Search URL Search Domain Scan URL

URL: https://www.facebook.com/berdu.id/

Search URL Search Domain Scan URL

URL: https://twitter.com/berdu_id

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dapurbisnismobilbekas/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://support.berducsproject.xyz/ HTTP 302
https://cs-sandbox.berdu.pw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cs-sandbox.berdu.pw/
Redirect Chain

https://support.berducsproject.xyz/
https://cs-sandbox.berdu.pw/

270 KB
40 KB

687ms
220ms

Document
text/html

139.162.19.59
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.162.19.59 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

berdu.berdu.pw

Software

Resource Hash

7e325fd40ce20b595f13eefb321579e71a0ad09ca16aa2923e763ddf253a88ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 21 Jan 2022 07:18:59 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-language: en-US
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT
cache-control: no-transform
content-encoding: gzip

Redirect headers

date: Fri, 21 Jan 2022 07:18:58 GMT
content-type: text/html; charset=utf-8
content-length: 100
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-language: en-US
location: https://cs-sandbox.berdu.pw/
vary: Accept
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: MISS
cache-control: no-transform

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 213ms
53ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26187
x-xss-protection: 0
pragma: public
x-fb-debug: jnmxgRby33TFqROISKILHUSIEJOzyoCjeVl09KHQ1zDHRKmsROI7GyrNp3OxU6avxv4X3PKRgAi8qDxpHysuyQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 21 Jan 2022 07:18:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 AYCPpXPpYNIIT7h8-QenM0Jt5vM.woff2
fonts.gstatic.com/s/tradewinds/v10/ 36 KB
36 KB 213ms
54ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tradewinds/v10/AYCPpXPpYNIIT7h8-QenM0Jt5vM.woff2

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a370c8d3e25f8744a057683a738007284e1eac3fa22a2e89a2d632f09985765f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cs-sandbox.berdu.pw/
Origin: https://cs-sandbox.berdu.pw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 05:39:26 GMT
x-content-type-options: nosniff
age: 92373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36468
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 04:31:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 20 Jan 2023 05:39:26 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 119 KB
35 KB 269ms
134ms Script
application/javascript 2.16.186.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2UQAP0HEMJSRR75OCUG&lib=ttq
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-160.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 4e1b4ff.219f709
date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-78-78-7.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
upstream-caught: 1642749540094368
x-cache: TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 90,2.16.186.156
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=2, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 2022012107190001011300607106BC0E9D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,104.78.78.7
x-tt-trace-host: 01f4877e0d2c09d01b23a1b10e885118477a4f41931ca7a02107da71db4f5cba8812851283731203e1e4d33d4a7c4b4b55b4ae143f5db66e59ca9bc35fbbb141b631b1f7117ef66d58839be5b77d6bab37bbf28cab1adb4f32155274cea7479dd38f459ed26f50a15fd0ff0852a5b0e6f6
expires: Fri, 21 Jan 2022 07:19:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 119 KB
35 KB 269ms
134ms Script
application/javascript 2.16.186.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C54KMM3G5HFBPDLNI2B0&lib=ttq
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-160.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 6ded57bb.219f70d
date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-78-78-29.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
upstream-caught: 1642749540095499
x-cache: TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 89,2.16.186.156
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=2, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 202201210719000101131351351EC3F215
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,104.78.78.29
x-tt-trace-host: 01f4877e0d2c09d01b23a1b10e885118477a4f41931ca7a02107da71db4f5cba887a9f2db6a0a42482f32bef6716286b7f17cd534b5f70d69d863c725671343c80b2b4a870abd9c66a5495dd908c01d084cd0c564b6a96fd58ec31f261598b35e6dbb45870f9d7a76f9060b562129ee82e
expires: Fri, 21 Jan 2022 07:19:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 119 KB
35 KB 271ms
136ms Script
application/javascript 2.16.186.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C63PISCGJNOBIGP78M00&lib=ttq
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-160.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 2f3c626e.219f712
date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a168-143-243-30.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
upstream-caught: 1642749540097423
x-cache: TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 90,2.16.186.156
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=2, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 2022012107190001011300601122C39BA5
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 3,168.143.243.30
x-tt-trace-host: 01f4877e0d2c09d01b23a1b10e88511847d462e81e6049da2ed3378248d3b5678f0a760d4b12e44ca4d8026b3fd39f0e356546240cd562d1b61a1147f146ceea29899ee771b258e4613ab12389f231e02ba8c458e9ee9d70610ebafee739faf55cef1d73414fdafd257b1a7b10fdd2c961
expires: Fri, 21 Jan 2022 07:19:00 GMT

GET
H2 200 camp.js Show response
bdsgp.my.id/3976/ 823 KB
188 KB 733ms
185ms Script
application/javascript 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdsgp.my.id/3976/camp.js
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6455ec38b15fdc4e3a882ce537b2fb2063223dcf65f2fd21893a8eebbc2918b6

Request headers

Referer: https://cs-sandbox.berdu.pw/
Origin: https://cs-sandbox.berdu.pw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 16:18:32 GMT
server: nginx
etag: "61ddadd8-2ece7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 191719
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0.js Show response
bdsgp.my.id/3976/ 130 KB
22 KB 1094ms
547ms Script
application/javascript 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdsgp.my.id/3976/0.js
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 987eba39aab4ddfb6686754681aad085f8bcf8ce9f9da2925dc409d739f4b468

Request headers

Referer: https://cs-sandbox.berdu.pw/
Origin: https://cs-sandbox.berdu.pw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 16:18:32 GMT
server: nginx
etag: "61ddadd8-57cc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 22476
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 15.js Show response
bdsgp.my.id/3976/ 139 KB
28 KB 1095ms
547ms Script
application/javascript 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdsgp.my.id/3976/15.js
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9373061fd12803e1808db81ac6ca1a3e160c2f87fe7dbcd37c5abb1887533d3b

Request headers

Referer: https://cs-sandbox.berdu.pw/
Origin: https://cs-sandbox.berdu.pw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 16:18:32 GMT
server: nginx
etag: "61ddadd8-6e60"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 28256
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 52.js Show response
bdsgp.my.id/3976/ 45 KB
14 KB 1094ms
547ms Script
application/javascript 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdsgp.my.id/3976/52.js
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: abafef6bda821c8e79c98e902849928d1c445ea3f137d9fa013352e1145363a8

Request headers

Referer: https://cs-sandbox.berdu.pw/
Origin: https://cs-sandbox.berdu.pw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 16:18:32 GMT
server: nginx
etag: "61ddadd8-3816"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 14358
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 17.js Show response
bdsgp.my.id/3976/ 27 KB
7 KB 1095ms
548ms Script
application/javascript 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdsgp.my.id/3976/17.js
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 56906b7bd2d427fb90a7f178c7163b0e1f976e10519b427fcc4d3cf369cff14a

Request headers

Referer: https://cs-sandbox.berdu.pw/
Origin: https://cs-sandbox.berdu.pw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 16:18:32 GMT
server: nginx
etag: "61ddadd8-19bd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 6589
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 14.js Show response
bdsgp.my.id/3976/ 113 KB
22 KB 1095ms
548ms Script
application/javascript 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdsgp.my.id/3976/14.js
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aba029d2043330796869e1334e8162ae4463e4808bb54231666f811961a6b424

Request headers

Referer: https://cs-sandbox.berdu.pw/
Origin: https://cs-sandbox.berdu.pw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 16:18:32 GMT
server: nginx
etag: "61ddadd8-5575"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 21877
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 29.js Show response
bdsgp.my.id/3976/ 23 KB
6 KB 429ms
428ms Script
application/javascript 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdsgp.my.id/3976/29.js
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2a5e3c0b2e1ac5b71087aff8f60cdbf12a2563c57a5c16d0d82780bc03c7e8f8

Request headers

Referer: https://cs-sandbox.berdu.pw/
Origin: https://cs-sandbox.berdu.pw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 16:18:32 GMT
server: nginx
etag: "61ddadd8-1818"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 6168
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9.js Show response
bdsgp.my.id/3976/ 93 KB
20 KB 429ms
428ms Script
application/javascript 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdsgp.my.id/3976/9.js
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6cee7d54c15edf4c31c645f460f321eb84dba4d4fc412bef55cf50fbc645e47a

Request headers

Referer: https://cs-sandbox.berdu.pw/
Origin: https://cs-sandbox.berdu.pw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 16:18:32 GMT
server: nginx
etag: "61ddadd8-4cee"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 19694
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 31.js Show response
bdsgp.my.id/3976/ 10 KB
3 KB 429ms
428ms Script
application/javascript 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdsgp.my.id/3976/31.js
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: adb5f43dc9088b780c88fbed064e25b86be704927498c9442635ad6c7e9c997f

Request headers

Referer: https://cs-sandbox.berdu.pw/
Origin: https://cs-sandbox.berdu.pw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 16:18:32 GMT
server: nginx
etag: "61ddadd8-ae4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 2788
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20.js Show response
bdsgp.my.id/3976/ 28 KB
8 KB 429ms
428ms Script
application/javascript 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdsgp.my.id/3976/20.js
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 500ca7279ce2836771ad697edeca9eaba426da77f4e5c03a901f328add5be0b8

Request headers

Referer: https://cs-sandbox.berdu.pw/
Origin: https://cs-sandbox.berdu.pw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 16:18:32 GMT
server: nginx
etag: "61ddadd8-2061"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 8289
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8.js Show response
bdsgp.my.id/3976/ 179 KB
32 KB 429ms
428ms Script
application/javascript 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdsgp.my.id/3976/8.js
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3bc9d274a8ca27e42c968b800e9202a1b4460beeb1430cdf88b118374c4ce2b4

Request headers

Referer: https://cs-sandbox.berdu.pw/
Origin: https://cs-sandbox.berdu.pw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 16:18:32 GMT
server: nginx
etag: "61ddadd8-7d1d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 32029
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62c9e1c54f5b800e54ef13c527c2e619c73a9488380c8343da6530a79481a320

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 136 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d05dcd4722e492d4e00aa93a1f6090d15f6ceaa3973d24229e35f0e044a344

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1f60e.svg
bdsgp.my.id/icon/t/ 2 KB
1 KB 1055ms
554ms Image
image/svg+xml 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdsgp.my.id/icon/t/1f60e.svg
Requested by: Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a3634befb2c7e48c6666c2c423ca34f0d14361ed6a378f10335a9a2ae3cf66dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: br
last-modified: Fri, 22 Dec 2017 09:19:05 GMT
server: nginx
etag: "5a3cce09-386"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 902
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fbNaBDxcyfC6fv5fb13ZX88BDE1XxRmiQakBY8C5wQ.webp
bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/ 23 KB
24 KB 1054ms
553ms Image
image/webp 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/fbNaBDxcyfC6fv5fb13ZX88BDE1XxRmiQakBY8C5wQ.webp

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6be198741545a0462cbc0cd558c40669e9aa87d96ef273c4d586c179ad45cbfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 Jan 2022 04:01:27 GMT
server: nginx
etag: "61e63b97-5ddc"
x-frame-options: DENY
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
vary: Accept-Encoding
content-length: 24028
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 faVOzjoY0VgC4xfaywYdTn1VVPUaMRhq5VDXBjAAZkg.webp
bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/ 144 KB
144 KB 1054ms
554ms Image
image/webp 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/faVOzjoY0VgC4xfaywYdTn1VVPUaMRhq5VDXBjAAZkg.webp

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5b39251be03a50bcf9c0e2c45e5ef40003c18b0689ce55c77bb58ac1109c6d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Dec 2021 12:18:08 GMT
server: nginx
etag: "61c9af00-23ef0"
x-frame-options: DENY
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
vary: Accept-Encoding
content-length: 147184
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fY7V9GMbzGnNHISfYI3YSZMnYsUfbTTmjG5QHFyqKXw.webp
bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/ 19 KB
20 KB 1054ms
554ms Image
image/webp 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/fY7V9GMbzGnNHISfYI3YSZMnYsUfbTTmjG5QHFyqKXw.webp

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

58c29e25454a2c8066db25f09e3e5c8a123b4f77f2ede9f31f89dd2e4153ac6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Dec 2021 07:23:30 GMT
server: nginx
etag: "61a87472-4d4a"
x-frame-options: DENY
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
vary: Accept-Encoding
content-length: 19786
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f5QWzV6sPOjyH8ef5Vi3xUx1WHoMVQnCKapjJUUFL5w.webp
bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/ 184 KB
185 KB 1054ms
553ms Image
image/webp 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/f5QWzV6sPOjyH8ef5Vi3xUx1WHoMVQnCKapjJUUFL5w.webp

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

31b75756b3338e3e6cec6016c8a3e2881be5c9a62def134bbb61fd6a7b9973af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Nov 2021 05:10:20 GMT
server: nginx
etag: "61836b3c-2e059"
x-frame-options: DENY
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
vary: Accept-Encoding
content-length: 188505
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fzfnRlgFFwpY0dQfzhKESzRKYBze9lRUv7uY7c33kwg.webp
bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/ 46 KB
46 KB 689ms
188ms Image
image/webp 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/fzfnRlgFFwpY0dQfzhKESzRKYBze9lRUv7uY7c33kwg.webp

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

00a69678c3e53d7f6faacb69da5e5d021f0d06363a34c5fe4dd96cbee5a1d6bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 07:40:47 GMT
server: nginx
etag: "616e767f-b79c"
x-frame-options: DENY
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
vary: Accept-Encoding
content-length: 47004
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fl15EHdQy6FdC2pfl24sS8LAztkvt8ThWltQqJygHLmA.webp
bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/ 58 KB
59 KB 1055ms
554ms Image
image/webp 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/fl15EHdQy6FdC2pfl24sS8LAztkvt8ThWltQqJygHLmA.webp

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

12e5c359a86c4614d4e73eea6d8dc7a0e6a577653f4b1546688e8d0bfc4dd40a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 02:21:19 GMT
server: nginx
etag: "613eb59f-e89a"
x-frame-options: DENY
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
vary: Accept-Encoding
content-length: 59546
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fP8KlZdAYzoFhnCfPhOcNB1MiMGWxS1u0qAmZ4vCHw.webp
bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/ 46 KB
46 KB 1055ms
554ms Image
image/webp 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/fP8KlZdAYzoFhnCfPhOcNB1MiMGWxS1u0qAmZ4vCHw.webp

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3d2215dd43d3ff6f2efc681d497a49375727762c0b04d18abdc028bac1c9c41f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Aug 2021 04:02:32 GMT
server: nginx
etag: "610cb458-b828"
x-frame-options: DENY
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
vary: Accept-Encoding
content-length: 47144
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fF3doimv4h3BsOLfF4H7AHY6cOSO2QJqkrKQkTMxOOA.webp
bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/ 15 KB
15 KB 1054ms
554ms Image
image/webp 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/fF3doimv4h3BsOLfF4H7AHY6cOSO2QJqkrKQkTMxOOA.webp

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4d7f386114901c3f9a5670a6337b144853f39a469b33e95f358a63490dfa9574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Jul 2021 08:49:19 GMT
server: nginx
etag: "60f53c8f-3c12"
x-frame-options: DENY
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
vary: Accept-Encoding
content-length: 15378
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 186370919489188 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 184ms
184ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/186370919489188?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8321e8986d956d78603a174003dc9d039e13705f354a44fa87cb7891c49a44e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: wh6GykFPQLtxsbW6MBK8BD063xZr3L4QAi2kkniAIOJ0ER+02jQjD7wZ+ekn3qFswm8RHAG/7SYjfyqznW+AHA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 21 Jan 2022 07:19:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fpNrudja8I0DsaQfpNStFN8SBF20k9Tv6tsihbGc2ELQ.webp
bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/ 42 KB
42 KB 896ms
553ms Image
image/webp 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/fpNrudja8I0DsaQfpNStFN8SBF20k9Tv6tsihbGc2ELQ.webp

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

510e74d4f3f65df3d49f07d6b4f3bd5b84656cf2887c07a49202dd0e7ce3949e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 08:19:29 GMT
server: nginx
etag: "60c07991-a820"
x-frame-options: DENY
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
vary: Accept-Encoding
content-length: 43040
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fNV6XuXVxQbKso1fN1IGLv8b7vwABhTSOQTpFZ4euhBA.gif
gif.berduflare.com/gif/brff50uvbrgyrc27in_1/ 24 KB
24 KB 541ms
312ms Image
image/gif 2606:4700:3031::ac43:de2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gif.berduflare.com/gif/brff50uvbrgyrc27in_1/fNV6XuXVxQbKso1fN1IGLv8b7vwABhTSOQTpFZ4euhBA.gif

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:de2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da6190c76dab625f0062c85cb2dea3489b4b2b428b0e64a6b2e36a879095f2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24247
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Jun 2021 01:43:03 GMT
server: cloudflare
x-frame-options: DENY
etag: "60ce9d27-5eb7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvMZFLYjPl%2BAgyKgeFwrFhcvnirTTAYOf7sD3TD%2B32ZWyxYzARTJwKyimUhj3t7%2Foi5m7mcj583UjdP3949yJLycACzHV0zYHs5sCzIMN592Xtd36%2BahQlXxKdiaNN5VOj0IiAWjsS%2FTkLGn9DGeXuM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6d0ec5932c2a59a7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fy4apZYvq2gF0kWfyBngitEqQnoLNGQaWaaUOZM4SgiA.webp
bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/ 59 KB
59 KB 439ms
438ms Image
image/webp 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/fy4apZYvq2gF0kWfyBngitEqQnoLNGQaWaaUOZM4SgiA.webp

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fd2e174a8901225d5bc2ee53ae71f03f3effcb982ab95aff62a69ace0bcf7bb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 02:00:55 GMT
server: nginx
etag: "60b04ed7-eb11"
x-frame-options: DENY
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
vary: Accept-Encoding
content-length: 60177
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fyuu8wABDSR5s7IfyS0ZoF3gJPf1dTiGSZUcev5DffA.webp
bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/ 38 KB
39 KB 439ms
438ms Image
image/webp 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/fyuu8wABDSR5s7IfyS0ZoF3gJPf1dTiGSZUcev5DffA.webp

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a90a387136497b8faa85001e2ba693b7f88287c316a052fb0699bd7c1d67942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 03:00:38 GMT
server: nginx
etag: "60b05cd6-99d2"
x-frame-options: DENY
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
vary: Accept-Encoding
content-length: 39378
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ftyPqd2dBgrKizDftybF5dbXztF8woQ6XeTDuVv8KkQ.gif
gif.berduflare.com/gif/brff50uvbrgyrc27in_1/ 16 KB
17 KB 422ms
251ms Image
image/gif 2606:4700:3031::ac43:de2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gif.berduflare.com/gif/brff50uvbrgyrc27in_1/ftyPqd2dBgrKizDftybF5dbXztF8woQ6XeTDuVv8KkQ.gif

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:de2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

523b404ea62f6050b308e35326ecbe82f8660534e16b35e153c2716a84cc96d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16476
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Apr 2021 10:59:37 GMT
server: cloudflare
x-frame-options: DENY
etag: "606c3f19-405c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2F%2F57HUrUMvT%2F7bORHa6gQBxED%2FfyG6L%2FyI0uEYxRcCPea2BXu3qbQIMDKkPF9pKBJgWai%2FI4%2BFCr5c9%2BPH7%2FjGYYy%2FhZ8ecHPaenFku28OKz06WH3VlpL8nZNe79WP3wH3y6xMC1luVuE4S2pAirxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6d0ec5932c2c59a7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ftQXPb2UQG90i0sftyVZ4m3Iwu7KxgR0SoJu2BdCSvFw.webp
bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/ 8 KB
9 KB 439ms
439ms Image
image/webp 18.139.97.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdsgp.my.id/img/600/brff50uvbrgyrc27in_1/ftQXPb2UQG90i0sftyVZ4m3Iwu7KxgR0SoJu2BdCSvFw.webp

Requested by

Host: cs-sandbox.berdu.pw
URL: https://cs-sandbox.berdu.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.139.97.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-97-203.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

54d445d936060735c7268339a49fc591978fb86d58a21ce9b3017ca6c55fdb7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:19:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Apr 2021 10:41:04 GMT
server: nginx
etag: "606c3ac0-2192"
x-frame-options: DENY
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8594
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 121356799736488 Show response
connect.facebook.net/signals/config/ 5 KB
2 KB 62ms
62ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/121356799736488?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f7fdc0b24427927da3b7b421dd2f8e8b2799b7a8f690ef913cb1844307c848e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: LzMUWdQBrD9DccF7FEWMOAUFWB0XJu9zSndqUlQk0SOVs/WM5hxFknYjXC93/VPykd33gTzbf8ZB3Q8Co/4wqg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 21 Jan 2022 07:19:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 131ms
131ms Script
application/javascript 2.16.186.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2UQAP0HEMJSRR75OCUG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-160.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 2f3c6fdf.219f87e
date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a168-143-243-30.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
upstream-caught: 1642749540297982
x-cache: TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 91,2.16.186.156
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=3, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 202201210719000101130062210FBA68A4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 3,168.143.243.30
x-tt-trace-host: 01f4877e0d2c09d01b23a1b10e88511847d462e81e6049da2ed3378248d3b5678f0a760d4b12e44ca4d8026b3fd39f0e356546240cd562d1b61a1147f146ceea29a3c302c67cdef6c889d6700c7fa3cc7e922712a93f49aff7089a35c0178ee2caae5b82a3cbbf0f8b19da30eb73154e54
expires: Fri, 21 Jan 2022 07:19:00 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 714 B
1 KB 131ms
130ms Script
application/javascript 2.16.186.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C2UQAP0HEMJSRR75OCUG&hostname=cs-sandbox.berdu.pw
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2UQAP0HEMJSRR75OCUG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-160.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2475d45ef6c70f9a346f28b12fa1615a8cc0279ff4a02a73fda23e45dcb6e859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 7eac39f.219f907
date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-78-78-6.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
upstream-caught: 1642749540361907
x-cache: TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 92,2.16.186.156
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=2, inner; dur=1
content-length: 323
pragma: no-cache
server: nginx
x-tt-logid: 2022012107190001011313512801B82DE7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 3,104.78.78.6
x-tt-trace-host: 01f4877e0d2c09d01b23a1b10e885118477a4f41931ca7a02107da71db4f5cba88026beb60168fb91e2a9a14d8b9ab1ceef0f5d0b0a08f4543b41cb8d8a93242db0f97f84a0991f26c6146a0f74b9e474b5651f693635cb7a4b838e954c0ee1cbb2edf12f80e861ca409d8259eb9b3b1a6
expires: Fri, 21 Jan 2022 07:19:00 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 708 B
1 KB 132ms
131ms Script
application/javascript 2.16.186.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C54KMM3G5HFBPDLNI2B0&hostname=cs-sandbox.berdu.pw
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2UQAP0HEMJSRR75OCUG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-160.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 27a34d3e090da61b73832dc4cfc58015634b63010bea375a0c3fc9c3941d0095

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 2f3c6f4c.219f909
date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a168-143-243-30.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
upstream-caught: 1642749540365178
x-cache: TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 98,2.16.186.156
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=5, inner; dur=1
content-length: 319
pragma: no-cache
server: nginx
x-tt-logid: 2022012107190001011313500900C52605
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,168.143.243.30
x-tt-trace-host: 01f4877e0d2c09d01b23a1b10e88511847d462e81e6049da2ed3378248d3b5678f0a760d4b12e44ca4d8026b3fd39f0e356546240cd562d1b61a1147f146ceea295c30b9c10514fcf76e4d49717b33c7af85d3283a8e55e9f475eda4d89f7f79dd960069b10872bf78a1717b768ba51e9f
expires: Fri, 21 Jan 2022 07:19:00 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 131ms
131ms Script
application/javascript 2.16.186.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C63PISCGJNOBIGP78M00&hostname=cs-sandbox.berdu.pw
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2UQAP0HEMJSRR75OCUG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-160.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5ea8f345fdda855f867fa921553fae566de535bc209b845abf3d6543f4d39c03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 2304209.219f90e
date: Fri, 21 Jan 2022 07:19:00 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a168-143-243-36.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
upstream-caught: 1642749540363685
x-cache: TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 93,2.16.186.156
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=3, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 2022012107190001011313523307CF4140
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 3,168.143.243.36
x-tt-trace-host: 01f4877e0d2c09d01b23a1b10e88511847d462e81e6049da2ed3378248d3b5678f331e9a8b2a79774d8784c8c0d0339b17d915cf6490e73d1cb7b885fcd9d7c91bd30cb6af7b3ec820787506d9b10105535582e420278e2595b3b00d4c5e2f0a0fc133e87c4bd60245fe86d7931c2ddc32
expires: Fri, 21 Jan 2022 07:19:00 GMT

GET
H3 200 121356799736489 Show response
connect.facebook.net/signals/config/ 5 KB
2 KB 65ms
64ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/121356799736489?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d733454dd3d73944b66a58e5ab40d31378012dadb029e22723323da1c329a43f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 8+04e3Y2kUzL6/m1F5YrBfU2qoQkE1BeYIHrUvl6wqu30SxKok3HVMxRu/5s5hmxbRGo4yKIWN+HHDabB3zA8g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 21 Jan 2022 07:19:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 337668897832052 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 106ms
106ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/337668897832052?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d20f26528ce9e5a9be6023dcf6e508f34bb7a220949ab466b93102eed6c72163

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: pyODJnTHhldl2QfZ+UyYkg7v9ZpV2PnT/2l6sqWRapKvj0DYZhLy2aOup/FVDIoushzqnvVb+Z1xJI/xGJajwg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 21 Jan 2022 07:19:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
705 B 214ms
214ms Ping
application/octet-stream 2.16.186.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2UQAP0HEMJSRR75OCUG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-160.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cs-sandbox.berdu.pw/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4e1c929.219fa18
date: Fri, 21 Jan 2022 07:19:00 GMT
x-cache-remote: TCP_MISS from a104-78-78-7.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time: 172,2.16.186.156
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=82, inner; dur=80
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202201210719000101130060110AC2FEB5
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 82,104.78.78.7
x-tt-trace-host: 01f4877e0d2c09d01b23a1b10e885118477a4f41931ca7a02107da71db4f5cba8812851283731203e1e4d33d4a7c4b4b55b1a82a8b92fe8e10915099ab00c77d1f6e47827963dc73adf6b3b7ce923885cdca1dedd4ab65276bf9b157d5b35290d38cb3e4fc50c4956ced10d6b8fd426075
expires: Fri, 21 Jan 2022 07:19:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
709 B 137ms
136ms Ping
application/octet-stream 2.16.186.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2UQAP0HEMJSRR75OCUG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-160.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cs-sandbox.berdu.pw/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2305008.219fa1b
date: Fri, 21 Jan 2022 07:19:00 GMT
x-cache-remote: TCP_MISS from a168-143-243-36.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time: 97,2.16.186.156
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=10, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022012107190001011300613318C1A6C3
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,168.143.243.36
x-tt-trace-host: 01f4877e0d2c09d01b23a1b10e88511847d462e81e6049da2ed3378248d3b5678f331e9a8b2a79774d8784c8c0d0339b17d915cf6490e73d1cb7b885fcd9d7c91bb5227b263f4fd6d21d15502653bde6ff1fbc7cd1d395a77e297f9e6187f77c9f90601d1e263eee088fd0de0f7142db16
expires: Fri, 21 Jan 2022 07:19:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
703 B 141ms
141ms Ping
application/octet-stream 2.16.186.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2UQAP0HEMJSRR75OCUG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-160.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cs-sandbox.berdu.pw/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7900fba1.219fa46
date: Fri, 21 Jan 2022 07:19:00 GMT
x-cache-remote: TCP_MISS from a104-78-78-45.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time: 97,2.16.186.156
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=9, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022012107190001011313512802B81ACE
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,104.78.78.45
x-tt-trace-host: 01f4877e0d2c09d01b23a1b10e885118477a4f41931ca7a02107da71db4f5cba88df7fa637055bf3fad036ece5ee3096d54533246a320d04cc2858bb45a153171ecc4a579a26b2723f193e76b3606ad1325c51412477ea177d735c006c2d481012832b0f04cf58cbc8b363dd17cd3ea81a
expires: Fri, 21 Jan 2022 07:19:00 GMT

GET
H3 200 1758073234394070 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 120ms
120ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1758073234394070?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c15b34bb95401c0c11645e1b3699136f2b45582812929c94057b82540370e37d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 0M/ipJXSI7smC5T1NFiVvdfhkD+RqPDa29DHpdzP2H4i5aeL7JudQffei11TVBusN2vQM9WrbgPoQGEVxRKB9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 21 Jan 2022 07:19:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 686926432281449 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 157ms
157ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/686926432281449?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e83a6a34fe24eecb9f69f02301e49ac5b077f934a02a71f2a58d8113af84f47e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: fYUCWGog9s7xeC10l8O02AqoiRZHg6Vx/j8CwyWmKsOmeSdAdymwr2NtrDOgA3f08pjLhBEQxO1x+MpjKrXAhg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 21 Jan 2022 07:19:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 419048889678709 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 122ms
122ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/419048889678709?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f5947d39d0bfbf7ae6066bc4c7dfb215da4f0efb9b9e222cbfabdc632d765d80

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cs-sandbox.berdu.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 2u6V/v6TBAULsd3Qj6TXMmje+wL9vsBrxR2oEk2YDAtVFKoGSVXSVQ8A5mmczXHXwy0hT/ZMesutjtJVhiIMMg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 21 Jan 2022 07:19:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			support.berducsproject.xyz/	1970-01-25 20:31:23	Name: 1 Value: pLldH2YXLLF7fJ7pXhFpfTQ
			cs-sandbox.berdu.pw/	1970-01-25 20:31:23	Name: 1 Value: frtNXQOG21j9tp9zLPhedYU

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
bdsgp.my.id
connect.facebook.net
cs-sandbox.berdu.pw
fonts.gstatic.com
gif.berduflare.com
support.berducsproject.xyz
139.162.19.59
172.104.42.93
18.139.97.203
2.16.186.160
2606:4700:3031::ac43:de2e
2a00:1450:4001:803::2003
2a03:2880:f02d:100:face:b00c:0:3
00a69678c3e53d7f6faacb69da5e5d021f0d06363a34c5fe4dd96cbee5a1d6bb
12e5c359a86c4614d4e73eea6d8dc7a0e6a577653f4b1546688e8d0bfc4dd40a
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
1f7fdc0b24427927da3b7b421dd2f8e8b2799b7a8f690ef913cb1844307c848e
2475d45ef6c70f9a346f28b12fa1615a8cc0279ff4a02a73fda23e45dcb6e859
27a34d3e090da61b73832dc4cfc58015634b63010bea375a0c3fc9c3941d0095
2a5e3c0b2e1ac5b71087aff8f60cdbf12a2563c57a5c16d0d82780bc03c7e8f8
31b75756b3338e3e6cec6016c8a3e2881be5c9a62def134bbb61fd6a7b9973af
3bc9d274a8ca27e42c968b800e9202a1b4460beeb1430cdf88b118374c4ce2b4
3d2215dd43d3ff6f2efc681d497a49375727762c0b04d18abdc028bac1c9c41f
4d7f386114901c3f9a5670a6337b144853f39a469b33e95f358a63490dfa9574
500ca7279ce2836771ad697edeca9eaba426da77f4e5c03a901f328add5be0b8
510e74d4f3f65df3d49f07d6b4f3bd5b84656cf2887c07a49202dd0e7ce3949e
523b404ea62f6050b308e35326ecbe82f8660534e16b35e153c2716a84cc96d9
54d445d936060735c7268339a49fc591978fb86d58a21ce9b3017ca6c55fdb7c
56906b7bd2d427fb90a7f178c7163b0e1f976e10519b427fcc4d3cf369cff14a
58c29e25454a2c8066db25f09e3e5c8a123b4f77f2ede9f31f89dd2e4153ac6b
5b39251be03a50bcf9c0e2c45e5ef40003c18b0689ce55c77bb58ac1109c6d98
5ea8f345fdda855f867fa921553fae566de535bc209b845abf3d6543f4d39c03
62c9e1c54f5b800e54ef13c527c2e619c73a9488380c8343da6530a79481a320
6455ec38b15fdc4e3a882ce537b2fb2063223dcf65f2fd21893a8eebbc2918b6
6be198741545a0462cbc0cd558c40669e9aa87d96ef273c4d586c179ad45cbfe
6cee7d54c15edf4c31c645f460f321eb84dba4d4fc412bef55cf50fbc645e47a
7e325fd40ce20b595f13eefb321579e71a0ad09ca16aa2923e763ddf253a88ce
80d05dcd4722e492d4e00aa93a1f6090d15f6ceaa3973d24229e35f0e044a344
8da6190c76dab625f0062c85cb2dea3489b4b2b428b0e64a6b2e36a879095f2e
9373061fd12803e1808db81ac6ca1a3e160c2f87fe7dbcd37c5abb1887533d3b
987eba39aab4ddfb6686754681aad085f8bcf8ce9f9da2925dc409d739f4b468
a3634befb2c7e48c6666c2c423ca34f0d14361ed6a378f10335a9a2ae3cf66dc
a370c8d3e25f8744a057683a738007284e1eac3fa22a2e89a2d632f09985765f
a90a387136497b8faa85001e2ba693b7f88287c316a052fb0699bd7c1d67942d
aba029d2043330796869e1334e8162ae4463e4808bb54231666f811961a6b424
abafef6bda821c8e79c98e902849928d1c445ea3f137d9fa013352e1145363a8
adb5f43dc9088b780c88fbed064e25b86be704927498c9442635ad6c7e9c997f
aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
c15b34bb95401c0c11645e1b3699136f2b45582812929c94057b82540370e37d
d20f26528ce9e5a9be6023dcf6e508f34bb7a220949ab466b93102eed6c72163
d733454dd3d73944b66a58e5ab40d31378012dadb029e22723323da1c329a43f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83a6a34fe24eecb9f69f02301e49ac5b077f934a02a71f2a58d8113af84f47e
f5947d39d0bfbf7ae6066bc4c7dfb215da4f0efb9b9e222cbfabdc632d765d80
f8321e8986d956d78603a174003dc9d039e13705f354a44fa87cb7891c49a44e
fd2e174a8901225d5bc2ee53ae71f03f3effcb982ab95aff62a69ace0bcf7bb0

cs-sandbox.berdu.pw Open in urlscan Pro 139.162.19.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

43 %IPv6

7 Domains

7 Subdomains

7 IPs

3 Countries

1779 kBTransfer

4809 kBSize

2 Cookies

4 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cs-sandbox.berdu.pw Open in urlscan Pro
139.162.19.59 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

1779 kB
Transfer

4809 kB
Size

2
Cookies

46 HTTP transactions
2 data transactions