www.bduser.tk Open in urlscan Pro
2a00:1450:4001:80f::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bduser.tk/
Submission: On September 30 via automatic, source certstream-suspicious (September 30th 2021, 11:34:11 am UTC) — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2a00:1450:4001:80f::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.bduser.tk.
TLS certificate: Issued by GTS CA 1D4 on August 4th 2021. Valid for: 3 months.

This is the only time www.bduser.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:80f::2013	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
2	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:812::2009	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
20	6

2 2a00:1450:4001:80f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.bduser.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

scretscript.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

mrlaboratory.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ampproject.org cdn.ampproject.org	157 KB
4	blogspot.com 1.bp.blogspot.com	89 KB
3	github.io scretscript.github.io mrlaboratory.github.io	13 KB
2	blogger.com www.blogger.com	206 KB
2	bduser.tk www.bduser.tk	17 KB
20	5

	Domain	Requested by
9	cdn.ampproject.org	www.bduser.tk cdn.ampproject.org
4	1.bp.blogspot.com	www.bduser.tk
2	www.blogger.com	www.bduser.tk
2	mrlaboratory.github.io	www.bduser.tk
2	www.bduser.tk	www.bduser.tk
1	scretscript.github.io	www.bduser.tk
20	6

This site contains no links.

Subject Issuer	Validity	Valid
www.bduser.tk GTS CA 1D4	`2021-08-04` - `2021-11-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
*.blogger.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.bduser.tk/
Frame ID: 49BF757E1E7E93975F32CBC85810D0BC
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

20
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

482 kB
Transfer

1211 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.bduser.tk/ 61 KB
14 KB 285ms
257ms Document
text/html 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1262762ae0dc6e6a4675ae058de590735c65340b4419062f1406b34e033e4ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.bduser.tk
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
expires: Thu, 30 Sep 2021 11:34:05 GMT
date: Thu, 30 Sep 2021 11:34:05 GMT
cache-control: private, max-age=0
last-modified: Sun, 26 Sep 2021 07:04:42 GMT
etag: W/"c7187586766dccdd96be701746339eee46196f2e775b58f1509fea0e8ac122e6"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 14544
server: GSE

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 269 KB
69 KB 72ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86bc8d1fe584528347d3b73ca3c0e242227626b4ada48ef96672291482ede1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70909
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 11:34:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "50deb51849ada1d1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 30 Sep 2021 11:34:06 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 23 KB
9 KB 64ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cae21c7e32dd1b1fdcb752f41c32825b4b4c269d8dca8cdc20a77dc98b598b43

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8390
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 11:34:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "2a5f51cb523bd9b4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 30 Sep 2021 11:34:06 GMT

GET
H2 200 amp-youtube-0.1.js Show response
cdn.ampproject.org/v0/ 33 KB
10 KB 65ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-youtube-0.1.js

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12091889e54c46d59bb204b2d74781eba0a8c21d9012c3be9148d6b634343592

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10274
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 11:34:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "6807ca390d646de9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 30 Sep 2021 11:34:06 GMT

GET
H2 200 amp-lightbox-0.1.js Show response
cdn.ampproject.org/v0/ 22 KB
7 KB 65ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-0.1.js

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2538accff8cd7c1be538a5dc121b02bd808f6ca4268865f68fa8d1f7c27d9f9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7554
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 11:34:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "55c9b9903d5e9cdb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 30 Sep 2021 11:34:06 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 45 KB
14 KB 80ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

768b988ae95809cdf2cbe580bbade500820c3762fd9e648ac91e68e4b3e8e407

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 11:34:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "e375c47812ceaf4b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 30 Sep 2021 11:34:06 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 100 KB
30 KB 71ms
32ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c10e1ad3469f342285d357d287a20e7b8408dfc655dea43c32d0283b0e95201

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30844
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 11:34:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "0cecc15ce27d2068"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 30 Sep 2021 11:34:06 GMT

GET
H2 200 amp-carousel-0.2.js Show response
cdn.ampproject.org/v0/ 30 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.2.js

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

772b81862fc434ee80fdb8444ea30522cfbc562f6304180276cce177d6ab0945

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9063
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 11:34:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "8906230e6fb2826c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 30 Sep 2021 11:34:06 GMT

GET
H2 200 main.min.js Show response
scretscript.github.io/mainfile/ 20 B
439 B 42ms
8ms Script
application/javascript 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scretscript.github.io/mainfile/main.min.js

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

50b3803ebaf7b3c974ec9b69b560b8babfd4d66082e734f8466cb372dc4ed781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 44c177ce3965cac816b5c9fe00c99f4659c2d43b
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "611809e5-14"
age: 24
x-cache: HIT
content-length: 20
x-served-by: cache-fra19172-FRA
last-modified: Sat, 14 Aug 2021 18:22:29 GMT
server: GitHub.com
x-github-request-id: A8C4:A860:CB51F6:D05B2E:61559083
x-timer: S1633001646.106351,VS0,VE1
date: Thu, 30 Sep 2021 11:34:06 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 30 Sep 2021 10:35:07 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 dtemplate.js Show response
mrlaboratory.github.io/blogger/js/ 16 KB
7 KB 41ms
7ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mrlaboratory.github.io/blogger/js/dtemplate.js

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

2ae628051fec7a3d3d8051542991f368039675d82ee18c6d9546dcf9d4bf62d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 81fb1bcac0abf6592ae8274582984f4378b6cf06
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"61512491-3f9f"
age: 24
x-cache: HIT
content-length: 6338
x-served-by: cache-fra19163-FRA
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 01:55:29 GMT
server: GitHub.com
x-github-request-id: E542:7BD1:D121A8:D62F39:61559B47
x-timer: S1633001646.105475,VS0,VE1
date: Thu, 30 Sep 2021 11:34:06 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 30 Sep 2021 11:21:03 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 atoplacebyfeednew.js Show response
mrlaboratory.github.io/blogger/js/ 17 KB
6 KB 41ms
8ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mrlaboratory.github.io/blogger/js/atoplacebyfeednew.js

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

d3a4e3dbb5c73eb5a9782294537a5f0d4467a557bbbd7e73583f958d61eb4b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 427cbea635be5709632cd6b3ec9a8a09f2ee255b
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"61512491-4209"
age: 24
x-cache: HIT
content-length: 5863
x-served-by: cache-fra19163-FRA
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 01:55:29 GMT
server: GitHub.com
x-github-request-id: D320:1046C:22047D:22CC70:61559081
x-timer: S1633001646.105754,VS0,VE1
date: Thu, 30 Sep 2021 11:34:06 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 30 Sep 2021 10:35:05 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 default Show response
www.blogger.com/feeds/583726039139627587/posts/ 327 KB
52 KB 342ms
251ms Script
text/javascript 2a00:1450:4001:812::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/feeds/583726039139627587/posts/default?alt=json-in-script&max-results=13&callback=showurl

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1fdf115d37bbe3d2516756a703aed0092069ebbce9ea070d7e09a774b7b548d7

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 08:40:33 GMT
server: GSE
etag: W/"8c18908616f5a77b1cbcf9ecae9d896da6a44e82c751d19086286a66a0b940c2"
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: private, max-age=0
date: Thu, 30 Sep 2021 11:34:06 GMT
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52742
x-xss-protection: 1; mode=block
expires: Thu, 30 Sep 2021 11:34:06 GMT

GET
H2 200 cookienotice.js Show response
www.bduser.tk/js/ 6 KB
2 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bduser.tk/js/cookienotice.js

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /js/cookienotice.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bduser.tk
referer: https://www.bduser.tk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Sep 2021 10:50:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 07 Oct 2021 11:34:06 GMT

GET
H2 200 663499731-widgets.js Show response
www.blogger.com/static/v1/widgets/ 153 KB
154 KB 100ms
10ms Script
text/javascript 2a00:1450:4001:812::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/663499731-widgets.js

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

022bf46880f1acece5997e76272ec65771e4f4d55d144d78a7615a936b63b1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 02:27:06 GMT
x-content-type-options: nosniff
age: 205620
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157101
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 00:51:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 28 Sep 2022 02:27:06 GMT

GET
H2 200 emailmarketingguide.png
1.bp.blogspot.com/-JG_6u4P0490/Xw5Y2gQoD5I/AAAAAAAAAKw/10rbMw1p3cIcTc0sqZGqS3igwzVFInbiACLcBGAsYHQ/s320/ 25 KB
26 KB 422ms
361ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-JG_6u4P0490/Xw5Y2gQoD5I/AAAAAAAAAKw/10rbMw1p3cIcTc0sqZGqS3igwzVFInbiACLcBGAsYHQ/s320/emailmarketingguide.png

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

19426fe5ae15f8ba36d80547815e494d7a4987c3832e68614c1cffb1db607d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:34:06 GMT
x-content-type-options: nosniff
server: fife
etag: "vad"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="emailmarketingguide.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25898
x-xss-protection: 0
expires: Fri, 01 Oct 2021 11:34:06 GMT

GET
H2 200 adsense-tutorial.png
1.bp.blogspot.com/-vGqLVYwf6bA/Xw5bym2y0DI/AAAAAAAAALA/HIWK3nz81RYyV8t5dRQeYw-XRPAPiz17ACLcBGAsYHQ/s320/ 17 KB
17 KB 536ms
475ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-vGqLVYwf6bA/Xw5bym2y0DI/AAAAAAAAALA/HIWK3nz81RYyV8t5dRQeYw-XRPAPiz17ACLcBGAsYHQ/s320/adsense-tutorial.png

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d2506855d77b3149947a5583c5b32ad5d9eb835b696b796977a8ccd108d4f7a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:34:06 GMT
x-content-type-options: nosniff
server: fife
etag: "vb1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="adsense-tutorial.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17301
x-xss-protection: 0
expires: Fri, 01 Oct 2021 11:34:06 GMT

GET
H2 200 Digital-marketing.jpg
1.bp.blogspot.com/-XAwv91ZFV54/Xw5cQ9l-nZI/AAAAAAAAALI/2OgQEVCurW4yt6gMSs9IWbPOUFEchBwtACLcBGAsYHQ/s320/ 28 KB
28 KB 529ms
468ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-XAwv91ZFV54/Xw5cQ9l-nZI/AAAAAAAAALI/2OgQEVCurW4yt6gMSs9IWbPOUFEchBwtACLcBGAsYHQ/s320/Digital-marketing.jpg

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d480b8cfd03031114cfe2f3f840a4cef385d6ad003d09c79a40c877293895e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:34:06 GMT
x-content-type-options: nosniff
server: fife
etag: "vb3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Digital-marketing.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28670
x-xss-protection: 0
expires: Fri, 01 Oct 2021 11:34:06 GMT

GET
H2 200 Facebook-for-affiliate-marketing-thumb-1280x720.jpg
1.bp.blogspot.com/-XYQ7n2TFctw/Xw5dATeuCXI/AAAAAAAAALU/gpZKVduAMQYOaOyHIh5vSjZviZ_vaPP-QCLcBGAsYHQ/s320/ 18 KB
18 KB 657ms
597ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-XYQ7n2TFctw/Xw5dATeuCXI/AAAAAAAAALU/gpZKVduAMQYOaOyHIh5vSjZviZ_vaPP-QCLcBGAsYHQ/s320/Facebook-for-affiliate-marketing-thumb-1280x720.jpg

Requested by

Host: www.bduser.tk
URL: https://www.bduser.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

14aa6b32d336079df981af3bb277e2b9289ba28e4b27cec219c8e7a4963303e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bduser.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:34:06 GMT
x-content-type-options: nosniff
server: fife
etag: "vb6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Facebook-for-affiliate-marketing-thumb-1280x720.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18471
x-xss-protection: 0
expires: Fri, 01 Oct 2021 11:34:06 GMT

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012109102127000/v0/ 7 KB
4 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

515c4041a2c166130570412211c4c3553d9deec45261d4ecc8835e291e1b4799

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bduser.tk/
Origin: https://www.bduser.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 63013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2908
x-xss-protection: 0
server: sffe
date: Wed, 29 Sep 2021 18:03:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3ddd0fe951ec1a32"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 29 Sep 2022 18:03:53 GMT

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012109102127000/v0/ 15 KB
4 KB 46ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bd98927753905b4335242c20c9883540e9472916b9a2078c071b2958e779d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bduser.tk/
Origin: https://www.bduser.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 330285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3709
x-xss-protection: 0
server: sffe
date: Sun, 26 Sep 2021 15:49:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "36bca69e142132d8"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 26 Sep 2022 15:49:21 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
cdn.ampproject.org
mrlaboratory.github.io
scretscript.github.io
www.bduser.tk
www.blogger.com
2606:50c0:8001::153
2606:50c0:8003::153
2a00:1450:4001:80f::2013
2a00:1450:4001:811::2001
2a00:1450:4001:812::2009
2a00:1450:4001:82b::2001
022bf46880f1acece5997e76272ec65771e4f4d55d144d78a7615a936b63b1e1
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
12091889e54c46d59bb204b2d74781eba0a8c21d9012c3be9148d6b634343592
1262762ae0dc6e6a4675ae058de590735c65340b4419062f1406b34e033e4ca6
14aa6b32d336079df981af3bb277e2b9289ba28e4b27cec219c8e7a4963303e5
19426fe5ae15f8ba36d80547815e494d7a4987c3832e68614c1cffb1db607d9f
1c10e1ad3469f342285d357d287a20e7b8408dfc655dea43c32d0283b0e95201
1fdf115d37bbe3d2516756a703aed0092069ebbce9ea070d7e09a774b7b548d7
2ae628051fec7a3d3d8051542991f368039675d82ee18c6d9546dcf9d4bf62d0
50b3803ebaf7b3c974ec9b69b560b8babfd4d66082e734f8466cb372dc4ed781
515c4041a2c166130570412211c4c3553d9deec45261d4ecc8835e291e1b4799
768b988ae95809cdf2cbe580bbade500820c3762fd9e648ac91e68e4b3e8e407
772b81862fc434ee80fdb8444ea30522cfbc562f6304180276cce177d6ab0945
a1bd98927753905b4335242c20c9883540e9472916b9a2078c071b2958e779d0
a2538accff8cd7c1be538a5dc121b02bd808f6ca4268865f68fa8d1f7c27d9f9
a86bc8d1fe584528347d3b73ca3c0e242227626b4ada48ef96672291482ede1d
cae21c7e32dd1b1fdcb752f41c32825b4b4c269d8dca8cdc20a77dc98b598b43
d2506855d77b3149947a5583c5b32ad5d9eb835b696b796977a8ccd108d4f7a2
d3a4e3dbb5c73eb5a9782294537a5f0d4467a557bbbd7e73583f958d61eb4b7b
d480b8cfd03031114cfe2f3f840a4cef385d6ad003d09c79a40c877293895e3a

www.bduser.tk Open in urlscan Pro 2a00:1450:4001:80f::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

20 Requests

100 %HTTPS

100 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

482 kBTransfer

1211 kBSize

0 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.bduser.tk Open in urlscan Pro
2a00:1450:4001:80f::2013 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

482 kB
Transfer

1211 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions