urlscan.io logo urlscan.io
SecurityTrails logo

csmtravel.co.id Open in urlscan Pro
103.242.181.40  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://csmtravel.co.id/fb/report/
Submission: On May 05 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 28 HTTP transactions. The main IP is 103.242.181.40, located in Indonesia and belongs to IDNIC-ICLOUD-AS-ID PT Indonesian Cloud, ID. The main domain is csmtravel.co.id.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 28th 2022. Valid for: a year.
This is the only time csmtravel.co.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 4 103.242.181.40 38788 (IDNIC-ICL...)
23 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:2880:f11... 32934 (FACEBOOK)
28 4
Apex Domain
Subdomains		 Transfer
23 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 511
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 244
316 KB
4 csmtravel.co.id
csmtravel.co.id
276 KB
1 facebook.com
facebook.com — Cisco Umbrella Rank: 29
2 KB
28 3
Domain Requested by
22 static.xx.fbcdn.net csmtravel.co.id
static.xx.fbcdn.net
4 csmtravel.co.id 1 redirects static.xx.fbcdn.net
1 scontent.xx.fbcdn.net csmtravel.co.id
1 facebook.com csmtravel.co.id
28 4
Subject Issuer Validity Valid
csmtravel.co.id
Go Daddy Secure Certificate Authority - G2		 2022-03-28 -
2023-04-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-11 -
2022-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://csmtravel.co.id/fb/report/
Frame ID: E5FE9F2B813FF3DC15F37F4D7FAB7912
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Facebook - Entrar o registrarse

Page URL History Show full URLs

  1. https://csmtravel.co.id/fb/report HTTP 301
    https://csmtravel.co.id/fb/report/ Page URL

Page Statistics

28
Requests

96 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

594 kB
Transfer

1353 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://csmtravel.co.id/fb/report HTTP 301
    https://csmtravel.co.id/fb/report/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
csmtravel.co.id/fb/report/
Redirect Chain
  • https://csmtravel.co.id/fb/report
  • https://csmtravel.co.id/fb/report/
58 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csmtravel.co.id/fb/report/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.242.181.40 , Indonesia, ASN38788 (IDNIC-ICLOUD-AS-ID PT Indonesian Cloud, ID),
Reverse DNS
Software
Apache /
Resource Hash
a24d0f924e8bf0e2fc315117c48fd462c9e6b8acb834a6ddbdf70463da290ef4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
59749
Content-Type
text/html
Date
Thu, 05 May 2022 09:44:46 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Fri, 18 Feb 2022 09:38:52 GMT
Server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
242
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 05 May 2022 09:44:46 GMT
Keep-Alive
timeout=5, max=100
Location
https://csmtravel.co.id/fb/report/
Server
Apache
XmACZ14P8L4.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/XmACZ14P8L4.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1943921effa96b9a7d2cbdaf0ae25298e3f7f0b8ab4e15633f3c233768911afb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cgK+nrDQdCLgxioWuDkZvw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2441
x-fb-rlafr
0
x-fb-debug
IyAqCQabq+D2bT4bqQuyQtS5kr41lfgo1d5EmAYecDxtZHNE1zkjAdY69Io9oi4wRX2WkvXPm8Hc6vJP/0HsFA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1651743888616
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 05 May 2023 09:44:48 GMT
n9g6Q0kZdhT.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/n9g6Q0kZdhT.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66587e63de1690ad25b00f4f3039b862b563318637a031dd1dd34fd66f6753e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ty/mjA597/2KPUkUoqsWMQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
3177
x-fb-rlafr
0
x-fb-debug
HEdcetvF6ixVw1OI1uqGiT2Pj1fdbq79nhFgeRKQfl5YRGEIkJMwO3ZY72Jjh+Tsp2VVCDZyfNPTmLn1mLrYpA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 04 May 2023 17:56:52 GMT
MUjigcY1TAt.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/MUjigcY1TAt.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6cb05c64450db83ba9179ba83d6b0025a8f828b9b324c7e37791ebf45d1aac27
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
2KC0Rej+iVe7hzPTWYnxuQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
8937
x-fb-rlafr
0
x-fb-debug
fMbXwvXoTclviKBWSHUxZ0FixN9otXczv2H/fZDXRumrpYNFLUT5kKxGDxV+4ZMK7RiE9Yl6SdWOhfnC/yUBtw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1651743888591
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 05 May 2023 09:44:48 GMT
YCdyBiK7nPb.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/YCdyBiK7nPb.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
572efecb0adbea3279430fbdf2b699ba68ac22da8a7be2aa7cac8003e9cddbae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kahm2wnh2Z3DpNuDaPxa/A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
8475
x-fb-rlafr
0
x-fb-debug
HkWUlNmXUVwE2d2EX1HmB6M3tYVzo/97g7k2zyuVshTFXIRVsm0ORwfNKHqXwQdCXbYqvmzgH+3kt/d0XQlK6A==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1651743888647
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 05 May 2023 09:44:48 GMT
A3AUGyI9e-_.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ 		249 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/A3AUGyI9e-_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
07afc9be7296481544b2db606aaa38ee853fa567e1214353a0be8f4788f52c09
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FHcFh3T4X0V8WLVkim1aLw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
68474
x-fb-rlafr
0
x-fb-debug
GqeGBWkBLziu3RxF0pyp2F2G5jchBqR10pgtPUYQP+UBAHE5MQ5H7515bSM9gs0MTIP/iolAdZkZRiuCuVaXIA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 04 May 2023 16:03:43 GMT
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/y8/r/dF5SId3UHWd.svg
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csmtravel.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NiMA5zHIsmaYxSYEaw9fHg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1027
x-fb-rlafr
0
x-fb-debug
otRNyc0VMoJ1BY39IU77RDNIbjhuuKFg8zJZnIDhmADuk4hwoGpg412sqCnSZUSuPhBR0yasbDR2k1lMA72XgA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 04 May 2023 16:05:50 GMT
hsts-pixel.gif
facebook.com/security/ 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://facebook.com/security/hsts-pixel.gif
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csmtravel.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
pragma
no-cache
x-fb-debug
DU3/3P1OLh6HoTbaQryynwx5pGGWg/OgvoVzK7A3YpSSwUoGnL6lOFYNVxdLyNusKII4OEw+e3PbxsNNxj44aw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 05 May 2022 09:44:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
image/gif
access-control-allow-origin
*
vary
Origin, Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
7h7eltYM2yJ.js
static.xx.fbcdn.net/rsrc.php/v3iP-r4/yt/l/es_ES/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iP-r4/yt/l/es_ES/7h7eltYM2yJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
33fdb0b94125a9fa6e3a5f368463c76983a6436779460d495d85d554771ea6f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
RMpw6tQGTiyKAXHTyhbm4Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
32774
x-fb-rlafr
0
x-fb-debug
RAGhiJ3ReLRrTpgmbGbNDm78B0DH8R2O9RQK8QdtedVipNrAXE0aHo3PpplpOnMDLAKOogyqpUtXd6w/ZZyHKg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1651743888842
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 05 May 2023 09:44:48 GMT
Acb2WBg1OPJ.js
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/Acb2WBg1OPJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d37c288b8ad664683f47071509aed66ceb08cdeb996a7faf8314979e9b9f474d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
S6alm2Z/wcVXvhT6eMiJOg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
14458
x-fb-rlafr
0
x-fb-debug
e0kmkv3z90aHh2t4FBzjbUxwLdkZB87xLup2SeHUrNSL2NZU0aER5TKZfn+vXeVR05do+xZ536eiOde70F65PQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=2
expires
Thu, 04 May 2023 16:51:06 GMT
gQXCqyYfa9n.js
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ 		92 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/gQXCqyYfa9n.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
616621dfe48f8ac19d1225e818ed96e378bb9c66f1f459dc97f7ee5e5953bab3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mPUJpR0O5p4BMjr5rf8+OA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26917
x-fb-rlafr
0
x-fb-debug
CjKlzOkbRvBaD9t7hIQu6OuhHDd4387H2aKfLVLS8QUk9ApNsjaqMiI1GoSyDIAZSzW63xMpBmdt1V7mHPDC8Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 04 May 2023 18:49:02 GMT
zhzi8IsbkFt.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/zhzi8IsbkFt.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e2d0ceb4846d3238c8530867da6c1df0eeb1e4fe80986776d5d78e424cd5c360
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fAjUCp7JGgIAvrdien/fXA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
9513
x-fb-rlafr
0
x-fb-debug
zwSaezEBT4E+Q4boT7FbaU7s+FCW6+ONGdXlKvnW/kErIEQq6ULS3NffIMT5QYQRZCk0BV1f842sMi6mEyGzzg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=2
expires
Thu, 04 May 2023 07:28:32 GMT
2jr_tFUjDMy.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ 		269 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/2jr_tFUjDMy.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d118e11b85d0aed1070405cca52c62c595c16df35873c2e7f64633e7d81c6e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:48 GMT
x-content-type-options
nosniff
content-md5
iZaw/sAndgHbjeDUfj9gpw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
269
x-fb-rlafr
0
x-fb-debug
vzBLB66RQ5TXI3w5c1jwQ5wJqY7RJyGYpo/gDKstMHN3e+3IuYPFvJ2Jj+gJ5wDVYGnWK2Bj3DY7hQNa0TLn6A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=2
expires
Thu, 04 May 2023 15:46:13 GMT
6GjO9u0EGU3.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/6GjO9u0EGU3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2f120d3b0ce39abb8140acf1691065923123ced3287a58e71e079df72ad0894b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xhJcvQoGdJ1uuTQaPoLEVA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
14021
x-fb-rlafr
0
x-fb-debug
qtoiVnWOmRMgC9vVYqVBBHpu/qc6KSrVC73vNxFcZ1dsAKPRfZk//Fkja7HGm/ks8KTpJXCWvzfjwSlstEvN3A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=2
expires
Thu, 04 May 2023 07:28:32 GMT
dicEiF74s_c.png
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/dicEiF74s_c.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/XmACZ14P8L4.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
037f63da8d93706de2d0070de6b879ba519ac2e94fd24b3e933d4bf04317b193
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/XmACZ14P8L4.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:48 GMT
x-content-type-options
nosniff
content-md5
o93mDqOBOvkY/FdUqytwjQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
14557
x-fb-rlafr
0
x-fb-debug
KcEGTrTr5Nf1SmeKxjVl8uKOLYnvLAqDZqwvowNAjTZvHc//5TKEJgVAvg5EMy/4utufbjH8Skgh0i2f0C8PuA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 23 Apr 2023 17:28:39 GMT
xqgei9BXc0C.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/xqgei9BXc0C.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/A3AUGyI9e-_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a621155d25215a0eea3a4ff1fe1cab915e43ca5821932e456d139e2412c25186
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q7C7V4BPHyOf4jJPNq5fxw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
3964
x-fb-rlafr
0
x-fb-debug
w2vpIuZKVtKgPM7tYBhOg29bxcZFLfbWvuGnFWE+DWPvalpbp0FpCv1Bw1axeDmo0+2lWOWP806o+g4mPcDrOg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sat, 29 Apr 2023 14:53:06 GMT
cvIw21OdGP4.js
static.xx.fbcdn.net/rsrc.php/v3imM34/yM/l/es_ES/ 		118 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3imM34/yM/l/es_ES/cvIw21OdGP4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/A3AUGyI9e-_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f13221364cc767496b8935bdbc6c65be376fffad4276c3449b223c6d9bf7b1b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
gCjPsQVlCcOHdME5kaGcJA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
30981
x-fb-rlafr
0
x-fb-debug
w1FyVx96HcD8wKaM6U63EuPfkSZczLe7Wp9WP83lwdY0t+FAPMH2kullp1vTdbhakyeoE6H+JGG/k4LTw9VujA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1651743889294
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 05 May 2023 09:44:49 GMT
lrqGt4F2Asr.js
static.xx.fbcdn.net/rsrc.php/v3izHE4/yO/l/es_ES/ 		59 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3izHE4/yO/l/es_ES/lrqGt4F2Asr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/A3AUGyI9e-_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2fd60c115d8fe1fc8a84df225760968d2fb22952609dec54a1586cdc7790573e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PrIw9uxg+3KcUEXwmGcdpA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
21465
x-fb-rlafr
0
x-fb-debug
rrtymM0skAMJQWYXmy6z/Eln5wLuU6kymNd7B5DyVDh66n08qP3v9eJ51ya+Mn7ddDVz2KpAIoZirf1RTNNcrA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1651743889241
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 05 May 2023 09:44:49 GMT
YtLImHmxkCV.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/YtLImHmxkCV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/A3AUGyI9e-_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8b3d5c96c2347c6e5c8b532ac9ba0b831b8d525bfa78a1c555881a5b564bc350
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HMTU8ksx8I/bRwQ+jhbG5w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
3076
x-fb-rlafr
0
x-fb-debug
F+M3pVFCI9bRRnIw4jsjj7z53CpcBf0h4oCJ3OR8quRtzY1yHYGzk9eZjn5BkVU7OPo9cxAveb+Qoj1MUIb/qw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1651743889182
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 05 May 2023 09:44:49 GMT
rVXTEXgLOs3.js
static.xx.fbcdn.net/rsrc.php/v3idMY4/yL/l/es_ES/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3idMY4/yL/l/es_ES/rVXTEXgLOs3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/A3AUGyI9e-_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df2054e55bed935b1ec4a52ecedb676f187f2e74791cda120ff3ce911ed095e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yxzO0AO7ODalnKzx38JNow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
10039
x-fb-rlafr
0
x-fb-debug
UHCDt78r/IPap7q/8wlmAv3QWPunU4mirMRrJyGh2Ni4ZzNSPvwj55l6MbeTTde8n2tckgJSYeYmZkQoMMwDqw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1651743889172
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 05 May 2023 09:44:49 GMT
KdvQrt5nygc.js
static.xx.fbcdn.net/rsrc.php/v3ikae4/yq/l/es_ES/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ikae4/yq/l/es_ES/KdvQrt5nygc.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/A3AUGyI9e-_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4f4f6c9555b34e3b3de4d89b4f39345c39b6dae32d74f2b8efab740053c0d783
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NM58/ZrnRIviC4Vm1tlLMg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
10966
x-fb-rlafr
0
x-fb-debug
8p6lUiXvLItOUnz6Qm/Hd3LGJJohrnaP5T5d0Y9QLPUDwhDqnCrMJMxFPVHB5UWUZXYKqPQIliauX4Y/e504lg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1651743889204
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 05 May 2023 09:44:49 GMT
RqpqrWsT0Pv.js
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/RqpqrWsT0Pv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/A3AUGyI9e-_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
26250f2c11d299d10dc3528db0903570bd9f0386206c32613bc63e0228545214
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cXEBWYg4yMMweKdEe5X6pg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
11429
x-fb-rlafr
0
x-fb-debug
ETxqdVRkQLLp32nxOT4WfeIkughSt0gEFXAq7gigK8i3XGIN3+bvFkM/fWQkbbzXPqE6cmLDeRSpJIKxfed9Yg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1651743889316
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 05 May 2023 09:44:49 GMT
31Z8YEN6kEd.js
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/31Z8YEN6kEd.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/A3AUGyI9e-_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
da68c8a45abc4e6266112dd365d522670edd33736c43ca4be105fa2bec756473
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wzGzfz3hpD2u7IYGilePfQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
21588
x-fb-rlafr
0
x-fb-debug
4SNqiCingZMFs+Eggbs6efdpiGlkS1sjEpwOgRkjMFl2Fjg2oUtzuvACN+0GThkrXpE/rYFeJLhnjkkc2l3afA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 04 May 2023 18:49:03 GMT
cN-N4Eu_deZ.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/cN-N4Eu_deZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/A3AUGyI9e-_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
93bd68287ab276e8c4f241960f448b703832a9533a3d4d81a0bac1142daba1ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://csmtravel.co.id/
Origin
https://csmtravel.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lWqYm13zmMTuxwgQjw9aLA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2291
x-fb-rlafr
0
x-fb-debug
w7QU6km75v6yT73XzAge5UFzyhT/fYAWf+/FV4jBhtdw2i2Y/X8B0yw4pLYQJRB3nFjIu16mJuzxjboyxOBOCQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 04 May 2023 15:45:02 GMT
/
csmtravel.co.id/data/manifest/ 		108 KB
109 KB 		Manifest
General
Check archive.org
Download Go to
Full URL
https://csmtravel.co.id/data/manifest/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3imM34/yM/l/es_ES/cvIw21OdGP4.js?_nc_x=Ij3Wp8lg5Kz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.242.181.40 , Indonesia, ASN38788 (IDNIC-ICLOUD-AS-ID PT Indonesian Cloud, ID),
Reverse DNS
Software
Apache /
Resource Hash
0141de6b377465a3ce04d01c66f8571b5ec09dedd67816efcb7dc974fb6fe54c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csmtravel.co.id/fb/report/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 09:44:47 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://csmtravel.co.id/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=98
Expires
Wed, 11 Jan 1984 05:00:00 GMT
bz
csmtravel.co.id/a/ 		108 KB
109 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://csmtravel.co.id/a/bz?fb_dtsg=AQHB7_l9zjnEWCs%3A0%3A0&jazoest=21487&lsd=AVoGZFLgC8M&__dyn=1KidAGm1gwHwh8-t0BBBg9odE4a2i5U4e0C86u7E39x64o1j8hwem0iy1gCwjE1xo33w2sbzo1MU88C0j61HwdK0D86i0h-0zE1bE881eEdEG0hi0Lo&__csr=&__req=1&__a=AYkq2_2Yk-btjfNr8VGImEP2OZJcegTMYLYDDQA_s9wmNvdFX-J68uli-3zv9a4z2cwZosTSWW3DTuSoyDlAZa08zeNKh-N2BSH7NiTCbs_BEQ&__user=0
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/gQXCqyYfa9n.js?_nc_x=Ij3Wp8lg5Kz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.242.181.40 , Indonesia, ASN38788 (IDNIC-ICLOUD-AS-ID PT Indonesian Cloud, ID),
Reverse DNS
Software
Apache /
Resource Hash
09e623bf9cebfbf67f5bd057f48920821b4069263d6a49f13631b9c21d098b08

Request headers

X_FB_BACKGROUND_STATE
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
X-Response-Format
JSONStream
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarylIQj1yQowTBu9dU5
X-FB-LSD
AVoGZFLgC8M
Referer
https://csmtravel.co.id/fb/report/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9

Response headers

Date
Thu, 05 May 2022 09:44:48 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://csmtravel.co.id/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
Expires
Wed, 11 Jan 1984 05:00:00 GMT
1487645_6012475414660_1439393861_n.png
scontent.xx.fbcdn.net/hads-ak-prn2/ 		79 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
Requested by
Host: csmtravel.co.id
URL: https://csmtravel.co.id/fb/report/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csmtravel.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:44:49 GMT
x-fb-trip-id
917726464
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/png
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
79
expires
Thu, 05 May 2022 09:44:49 GMT
bz
csmtravel.co.id/a/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csmtravel.co.id
URL
https://csmtravel.co.id/a/bz?fb_dtsg=AQHB7_l9zjnEWCs%3A0%3A0&jazoest=21487&lsd=AVoGZFLgC8M&__dyn=1KidAGm1gwHwh8-t0BBBg9odE4a2i5U4e0C86u7E39x64o1j8hwem0iy1gCwjE1xo33w2sbzo1MU88C0j61HwdK0D86i0h-0zE1bE881eEdEG0hi0Lo&__csr=&__req=2&__a=AYkq2_2Yk-btjfNr8VGImEP2OZJcegTMYLYDDQA_s9wmNvdFX-J68uli-3zv9a4z2cwZosTSWW3DTuSoyDlAZa08zeNKh-N2BSH7NiTCbs_BEQ&__user=0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| envFlush object| Env number| __DEV__ function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| CavalryLogger function| __updateOrientation object| TimeSlice number| __bigPipeFactory function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe string| _script_path function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame object| MAjaxify

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://csmtravel.co.id/data/manifest/
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://csmtravel.co.id/a/bz?fb_dtsg=AQHB7_l9zjnEWCs%3A0%3A0&jazoest=21487&lsd=AVoGZFLgC8M&__dyn=1KidAGm1gwHwh8-t0BBBg9odE4a2i5U4e0C86u7E39x64o1j8hwem0iy1gCwjE1xo33w2sbzo1MU88C0j61HwdK0D86i0h-0zE1bE881eEdEG0hi0Lo&__csr=&__req=1&__a=AYkq2_2Yk-btjfNr8VGImEP2OZJcegTMYLYDDQA_s9wmNvdFX-J68uli-3zv9a4z2cwZosTSWW3DTuSoyDlAZa08zeNKh-N2BSH7NiTCbs_BEQ&__user=0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other error URL: https://csmtravel.co.id/data/manifest/
Message:
Manifest: Line: 1, column: 1, Syntax error.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csmtravel.co.id
facebook.com
scontent.xx.fbcdn.net
static.xx.fbcdn.net
csmtravel.co.id
103.242.181.40
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0141de6b377465a3ce04d01c66f8571b5ec09dedd67816efcb7dc974fb6fe54c
037f63da8d93706de2d0070de6b879ba519ac2e94fd24b3e933d4bf04317b193
07afc9be7296481544b2db606aaa38ee853fa567e1214353a0be8f4788f52c09
09e623bf9cebfbf67f5bd057f48920821b4069263d6a49f13631b9c21d098b08
1943921effa96b9a7d2cbdaf0ae25298e3f7f0b8ab4e15633f3c233768911afb
26250f2c11d299d10dc3528db0903570bd9f0386206c32613bc63e0228545214
2d118e11b85d0aed1070405cca52c62c595c16df35873c2e7f64633e7d81c6e0
2f120d3b0ce39abb8140acf1691065923123ced3287a58e71e079df72ad0894b
2fd60c115d8fe1fc8a84df225760968d2fb22952609dec54a1586cdc7790573e
33fdb0b94125a9fa6e3a5f368463c76983a6436779460d495d85d554771ea6f4
4f4f6c9555b34e3b3de4d89b4f39345c39b6dae32d74f2b8efab740053c0d783
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
572efecb0adbea3279430fbdf2b699ba68ac22da8a7be2aa7cac8003e9cddbae
616621dfe48f8ac19d1225e818ed96e378bb9c66f1f459dc97f7ee5e5953bab3
66587e63de1690ad25b00f4f3039b862b563318637a031dd1dd34fd66f6753e4
6cb05c64450db83ba9179ba83d6b0025a8f828b9b324c7e37791ebf45d1aac27
8b3d5c96c2347c6e5c8b532ac9ba0b831b8d525bfa78a1c555881a5b564bc350
93bd68287ab276e8c4f241960f448b703832a9533a3d4d81a0bac1142daba1ac
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
a24d0f924e8bf0e2fc315117c48fd462c9e6b8acb834a6ddbdf70463da290ef4
a621155d25215a0eea3a4ff1fe1cab915e43ca5821932e456d139e2412c25186
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604
d37c288b8ad664683f47071509aed66ceb08cdeb996a7faf8314979e9b9f474d
da68c8a45abc4e6266112dd365d522670edd33736c43ca4be105fa2bec756473
df2054e55bed935b1ec4a52ecedb676f187f2e74791cda120ff3ce911ed095e4
e2d0ceb4846d3238c8530867da6c1df0eeb1e4fe80986776d5d78e424cd5c360
f13221364cc767496b8935bdbc6c65be376fffad4276c3449b223c6d9bf7b1b5