urlscan.io logo urlscan.io
SecurityTrails logo

invest.beroi-bali.xyz Open in urlscan Pro
51.250.38.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://invest.beroi-bali.xyz/
Effective URL: https://invest.beroi-bali.xyz/
Submission: On December 07 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 6 countries across 16 domains to perform 47 HTTP transactions. The main IP is 51.250.38.59, located in Russian Federation and belongs to YANDEXCLOUD, RU. The main domain is invest.beroi-bali.xyz.
TLS certificate: Issued by R3 on December 6th 2023. Valid for: 3 months.
This is the only time invest.beroi-bali.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    51.250.38.59 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
invest.beroi-bali.xyz
13    212.193.152.63 (Russian Federation)

ASN204878 (CCT-M9P1, RU)
PTR: cdn.ngenix.net
cdn.mrqz.me
2    54.73.53.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-53-134.eu-west-1.compute.amazonaws.com
marquiz-backend.herokuapp.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a02:26f0:480:9ae::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
hgwipn3sa-res.cloudinary.com
3    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
6    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
www.google.nl
8    2a02:6b8::1:119 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    80.239.201.82 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
mc.webvisor.org
Apex Domain
Subdomains		 Transfer
13 mrqz.me
cdn.mrqz.me — Cisco Umbrella Rank: 952864
763 KB
8 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4182
5 KB
7 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
918 B
3 gstatic.com
fonts.gstatic.com
30 KB
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 26422
859 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 google.nl
www.google.nl — Cisco Umbrella Rank: 9642
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
409 B
2 cloudinary.com
hgwipn3sa-res.cloudinary.com — Cisco Umbrella Rank: 446608
248 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
163 KB
2 herokuapp.com
marquiz-backend.herokuapp.com — Cisco Umbrella Rank: 446742
1 KB
2 beroi-bali.xyz
invest.beroi-bali.xyz
14 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
87 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
852 B
47 16
Domain Requested by
13 cdn.mrqz.me invest.beroi-bali.xyz
cdn.mrqz.me
8 mc.yandex.ru 3 redirects invest.beroi-bali.xyz
cdn.mrqz.me
6 region1.analytics.google.com www.googletagmanager.com
3 fonts.gstatic.com fonts.googleapis.com
2 mc.webvisor.org 1 redirects invest.beroi-bali.xyz
2 www.google-analytics.com www.googletagmanager.com
cdn.mrqz.me
2 www.google.nl invest.beroi-bali.xyz
2 stats.g.doubleclick.net www.googletagmanager.com
cdn.mrqz.me
2 hgwipn3sa-res.cloudinary.com invest.beroi-bali.xyz
2 connect.facebook.net cdn.mrqz.me
connect.facebook.net
2 www.googletagmanager.com cdn.mrqz.me
www.googletagmanager.com
2 marquiz-backend.herokuapp.com cdn.mrqz.me
2 invest.beroi-bali.xyz 1 redirects
1 www.google.com invest.beroi-bali.xyz
1 www.facebook.com invest.beroi-bali.xyz
1 cdn.jsdelivr.net cdn.mrqz.me
1 fonts.googleapis.com cdn.mrqz.me
47 17

This site contains no links.

Subject Issuer Validity Valid
invest.beroi-bali.xyz
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
*.mrqz.me
GlobalSign GCC R3 DV TLS CA 2020		 2023-10-08 -
2024-11-08		 a year crt.sh
*.herokuapp.com
Amazon RSA 2048 M01		 2023-04-02 -
2024-04-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-15 -
2023-12-14		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2022-12-05 -
2023-12-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://invest.beroi-bali.xyz/
Frame ID: 2E1F77BC1B873D5667382698A71A5E1C
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

We will find you a property in Bali with an income of $61,900 per year

Page URL History Show full URLs

  1. http://invest.beroi-bali.xyz/ HTTP 301
    https://invest.beroi-bali.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 80%
Detected patterns
  • <img[^>]+\.cloudinary\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

47
Requests

94 %
HTTPS

65 %
IPv6

16
Domains

17
Subdomains

17
IPs

6
Countries

1420 kB
Transfer

2743 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://invest.beroi-bali.xyz/ HTTP 301
    https://invest.beroi-bali.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Afp%3A1300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A2%3Adp%3A0%3Als%3A1400515727406%3Ahid%3A323483865%3Az%3A60%3Ai%3A20231207161244%3Aet%3A1701961964%3Ac%3A1%3Arn%3A73515102%3Arqn%3A1%3Au%3A1701961964119601457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C117%2C345%2C2%2C362%2C0%2C%2C298%2C0%2C%2C%2C%2C1286%3Aco%3A0%3Acpf%3A1%3Ans%3A1701961962585%3Agi%3AR0ExLjEuMTk2NDI3NjkxNC4xNzAxOTYxOTY0%3Ast%3A1701961964&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Afp%3A1300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A2%3Adp%3A0%3Als%3A1400515727406%3Ahid%3A323483865%3Az%3A60%3Ai%3A20231207161244%3Aet%3A1701961964%3Ac%3A1%3Arn%3A73515102%3Arqn%3A1%3Au%3A1701961964119601457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C117%2C345%2C2%2C362%2C0%2C%2C298%2C0%2C%2C%2C%2C1286%3Aco%3A0%3Acpf%3A1%3Ans%3A1701961962585%3Agi%3AR0ExLjEuMTk2NDI3NjkxNC4xNzAxOTYxOTY0%3Ast%3A1701961964&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
Request Chain 34
  • https://mc.yandex.ru/watch/92298503?wmode=7&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Afp%3A1300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A821984424677%3Ahid%3A323483865%3Az%3A60%3Ai%3A20231207161244%3Aet%3A1701961964%3Ac%3A1%3Arn%3A459921198%3Arqn%3A1%3Au%3A1701961964119601457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C117%2C345%2C2%2C362%2C0%2C%2C298%2C0%2C%2C%2C%2C1286%3Aco%3A0%3Acpf%3A1%3Ans%3A1701961962585%3Agi%3AR0ExLjEuMTk2NDI3NjkxNC4xNzAxOTYxOTY0%3Arqnl%3A1%3Ast%3A1701961964%3At%3AWe%20will%20find%20you%20a%20property%20in%20Bali%20with%20an%20income%20of%20%2461%2C900%20per%20year&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/92298503/1?wmode=7&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Afp%3A1300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A821984424677%3Ahid%3A323483865%3Az%3A60%3Ai%3A20231207161244%3Aet%3A1701961964%3Ac%3A1%3Arn%3A459921198%3Arqn%3A1%3Au%3A1701961964119601457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C117%2C345%2C2%2C362%2C0%2C%2C298%2C0%2C%2C%2C%2C1286%3Aco%3A0%3Acpf%3A1%3Ans%3A1701961962585%3Agi%3AR0ExLjEuMTk2NDI3NjkxNC4xNzAxOTYxOTY0%3Arqnl%3A1%3Ast%3A1701961964%3At%3AWe%20will%20find%20you%20a%20property%20in%20Bali%20with%20an%20income%20of%20%2461%2C900%20per%20year&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
Request Chain 43
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10210.CqsVjWyg_BS3XQs9DmLOzo_H2Q9RO_e9mvn-MJ7S4Y7JO_UK0RZCqiJV55iOlXlZ.hBUCHAiz2n2H9h_zJRSen9Qfxcs%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10210.23smyHBjBr6QkrEYB2nmF_WOT_lQ12z2VtDLTAFBs_5z2VQBmFbrGRfCGzzEH13FRzZx22LxqHulP6HejdkNL6k2aOZu2DJrEc6EjptSgwMYQVa46jvyEPRfs_NIstvEiAmQD7SYF1Xpa1kXAQjnRuv8g7GltGcIjAI_glVV3xs0c29vyUVciOZ2eUCqepQdMQb6vDPlT_LhUDr75S8E0kaQifM2dg8hTMWol_8xyXw%2C.eIOBqXlninMi3Psn9pggZ4j_Rbw%2C

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
invest.beroi-bali.xyz/
Redirect Chain
  • http://invest.beroi-bali.xyz/
  • https://invest.beroi-bali.xyz/
13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://invest.beroi-bali.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.250.38.59 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
/ Express
Resource Hash
e0c051f5f26ce1e92a0623ca27b6822355d9c9056f89c0957150541fd27698ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Length
13391
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Dec 2023 15:12:43 GMT
ETag
W/"344f-UOvC9Srn4wfdHFY9lXSxs2nWBJA"
Keep-Alive
timeout=5
X-Powered-By
Express

Redirect headers

Connection
keep-alive
Content-Length
228
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Dec 2023 15:12:42 GMT
Keep-Alive
timeout=5
Location
https://invest.beroi-bali.xyz/
chunk-vendors.5294d489.js
cdn.mrqz.me/js/ 		568 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mrqz.me/js/chunk-vendors.5294d489.js
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.152.63 , Russian Federation, ASN204878 (CCT-M9P1, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
d1caebcec3b5de46d950e17872c9e854840ed8fdcc86ecc3388a2dfcdb639662
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://invest.beroi-bali.xyz/
Origin
https://invest.beroi-bali.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
content-encoding
gzip
via
1.1 ac9271955ce7a946932dde22c6fab610.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
HEL51-P3
age
3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-ngenix-cache
HIT
last-modified
Wed, 15 Nov 2023 05:25:08 GMT
server
nginx
etag
W/"cd81fb10e342a0100afe82d2958fcf76"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
GZ88dYy7S0VbtcGuQgW9fHtUGfogw0M6pPwsxbONu8tgImWbVussUQ==
app.2bd0f4d5.js
cdn.mrqz.me/js/ 		207 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mrqz.me/js/app.2bd0f4d5.js
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.152.63 , Russian Federation, ASN204878 (CCT-M9P1, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
59242034d4f2c03f985b12bd52020fb69a6e6cc67858bc01e137c77d4849cd9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://invest.beroi-bali.xyz/
Origin
https://invest.beroi-bali.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
content-encoding
gzip
via
1.1 972d4acd04a2126f84b4c0b10ef11856.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
HEL51-P3
age
1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-ngenix-cache
HIT
last-modified
Thu, 07 Dec 2023 06:38:10 GMT
server
nginx
etag
W/"83d90a6d0f3f9cd6bc4abb6ea39f56d4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
lkzCnQmDBlOkCJGr6BjKmKuIMsglwYZx44WzkZHeAqona83mMCIM1g==
chunk-vendors.f08415a0.css
cdn.mrqz.me/css/ 		415 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mrqz.me/css/chunk-vendors.f08415a0.css
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.152.63 , Russian Federation, ASN204878 (CCT-M9P1, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
c6fedea5dbebfa6b2b7fcdf660721c4e9303f5aef3d7ba48d5fa0b3817b51a06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
content-encoding
gzip
via
1.1 ec7c49e0bdff8d2da026b54143deeec2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
HEL51-P3
age
3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-ngenix-cache
HIT
last-modified
Tue, 01 Aug 2023 05:36:41 GMT
server
nginx
etag
W/"d80f5fec0e3eec35abbcf57fda05f489"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
iA1wsLlm4OFxhQootb5ylBIbmXVQ2a8CHVd61F7crgrNtUsmmx1idQ==
app.ec1244b4.css
cdn.mrqz.me/css/ 		139 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mrqz.me/css/app.ec1244b4.css
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.152.63 , Russian Federation, ASN204878 (CCT-M9P1, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
0ffc591d672711013fda0d916d6c38606de0b511da584085d956c02bc68d1bd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
content-encoding
gzip
via
1.1 5ddfda8d976a2fe129eb3dd155175cb0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
HEL51-P3
age
2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-ngenix-cache
HIT
last-modified
Fri, 24 Nov 2023 07:30:32 GMT
server
nginx
etag
W/"2aa75157a90235485d1490214c7bd8ab"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
8dUoni3xErkIixPLG-s6BnugLqknfvbfF795Xrgf68uKBid_NsjSeA==
final-page.80e1e048.css
cdn.mrqz.me/css/ 		0
247 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.mrqz.me/css/final-page.80e1e048.css
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.152.63 , Russian Federation, ASN204878 (CCT-M9P1, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
content-encoding
gzip
via
1.1 f7190829a773cc8d45ef80fdd1b99e7e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
HEL51-P3
age
4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-ngenix-cache
HIT
last-modified
Tue, 01 Aug 2023 05:36:41 GMT
server
nginx
etag
W/"e99492a861ceb828029e8782d6189038"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
beSCATJ6_CmYwY1JN4fJOrXNia6LBnatYmwAVsTXvcQ44hO6Bfz6Aw==
final-page.8f0ed344.js
cdn.mrqz.me/js/ 		0
83 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.mrqz.me/js/final-page.8f0ed344.js
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.152.63 , Russian Federation, ASN204878 (CCT-M9P1, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
content-encoding
gzip
via
1.1 9a5691d5f57251013f89f471e99f9b7e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
HEL51-P3
age
3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-ngenix-cache
HIT
last-modified
Thu, 07 Dec 2023 04:02:44 GMT
server
nginx
etag
W/"62177c58179e8c8094cfee4c38e0e0e6"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
fKCSYR0ARfAxEDuS_pF1ID2zsCDuQBAVSXHgthAOrjdbs1pUzLqECQ==
opening
marquiz-backend.herokuapp.com/v1/analytics/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://marquiz-backend.herokuapp.com/v1/analytics/opening?lng=en-US&tz=Europe%2FAmsterdam
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.53.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-53-134.eu-west-1.compute.amazonaws.com
Software
Cowboy / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://invest.beroi-bali.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://invest.beroi-bali.xyz
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Length
0
Date
Thu, 07 Dec 2023 15:12:43 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701961963&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=kYuz7oUNh5NqhTbm%2FV%2FYzV2ggwzQ4v1qwP0JOd3MEcw%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1701961963&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=kYuz7oUNh5NqhTbm%2FV%2FYzV2ggwzQ4v1qwP0JOd3MEcw%3D
Server
Cowboy
Vary
Origin, Access-Control-Request-Headers
Via
1.1 vegur
X-Powered-By
Express
3855.16007dc6.js
cdn.mrqz.me/js/ 		0
36 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.mrqz.me/js/3855.16007dc6.js
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.2bd0f4d5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.152.63 , Russian Federation, ASN204878 (CCT-M9P1, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
content-encoding
gzip
via
1.1 90c49abaac008577a61a97c1f9c36ab2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
HEL51-P3
age
4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-ngenix-cache
HIT
last-modified
Wed, 15 Nov 2023 05:25:08 GMT
server
nginx
etag
W/"dbefd8815660895dde8cd7ceb5f56d21"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
5yhclRyr6qqBJwpP7Z2grbSqvaUkWy8Qj8F6dI7t7PeaDrFvtyAcFw==
landing.fcd80319.js
cdn.mrqz.me/js/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.mrqz.me/js/landing.fcd80319.js
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.2bd0f4d5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.152.63 , Russian Federation, ASN204878 (CCT-M9P1, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
content-encoding
gzip
via
1.1 918e114a1d14f55d896a423c6e63d962.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
HEL51-P3
age
1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-ngenix-cache
HIT
last-modified
Fri, 24 Nov 2023 07:30:33 GMT
server
nginx
etag
W/"de395d36682017bc3be8dca5cfae5717"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
mDMHWdkqPXw5clEamDWQ8ECPy-Si01btub6OY608Yx2pzr1XKTBGDA==
5879.2d827732.js
cdn.mrqz.me/js/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.mrqz.me/js/5879.2d827732.js
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.2bd0f4d5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.152.63 , Russian Federation, ASN204878 (CCT-M9P1, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
content-encoding
gzip
via
1.1 918e114a1d14f55d896a423c6e63d962.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
HEL51-P3
age
3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-ngenix-cache
HIT
last-modified
Wed, 15 Nov 2023 05:25:08 GMT
server
nginx
etag
W/"67aac22cb91f80e8473ea3b25bfdffa0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
wwq_T-LrtjCi_MDxVUIZ95iiEwBjZPwwlbx-d-isQeR19iC9qTvgag==
quiz.a0c88056.js
cdn.mrqz.me/js/ 		0
28 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.mrqz.me/js/quiz.a0c88056.js
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.2bd0f4d5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.152.63 , Russian Federation, ASN204878 (CCT-M9P1, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
content-encoding
gzip
via
1.1 918e114a1d14f55d896a423c6e63d962.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
HEL51-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-ngenix-cache
HIT
last-modified
Thu, 07 Dec 2023 06:38:10 GMT
server
nginx
etag
W/"2945e5216c5ea8b22ff16030611d4aa7"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
R5w7-lw_BlMr42IaL2DZAzXyrtYVedCRo4owK5u64nrMG2O9Lve5rQ==
css
fonts.googleapis.com/ 		2 KB
852 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Tajawal:400,500,600,700
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/chunk-vendors.5294d489.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7178ffb162c24d44f39c7ee2711a98dfc32c9be9a4e4b69b4f5d507f4f08a2ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 15:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 15:12:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 15:12:43 GMT
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		215 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.2bd0f4d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3192358dc61aa0749d2fee19ebfef3185f9596d49b73b029ede69c36cfae2c67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28778
x-jsd-version
1.302.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230083-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"35c30-6wCKsoAZsUB3QGSNsW09xGxxKVY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsMpoeyj9GEv4%2Bj6Na3TMt31GkZxqDTWAiQAFrAaIKX1tRFUsvIQSnc%2FKANrtlrOtbYhJKfZoXlcnEpzfT8Y7l5WzJrY0IseOG9AYEskGHparMefflzXVEJtp3K%2FVLcyXfOSbpgyU%2BYA4ZlEYAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
831db5628e7c5d85-FRA
js
www.googletagmanager.com/gtag/ 		302 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MHJQB8JGTT
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.2bd0f4d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9db707553795d6d448afa224dd8a4279e399fdb7640fbd71b078bd3c45aa2588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97112
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 15:12:43 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.2bd0f4d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Dec 2023 15:12:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
rCP4OQ/TwhDYv2UehH+SLRcPejcz7GPn60uMZA3pGS6y4sMD+HLOFXTI7h1eRoHyRLjojR5K0JygnnRviqXz1w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
opening
marquiz-backend.herokuapp.com/v1/analytics/ 		15 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://marquiz-backend.herokuapp.com/v1/analytics/opening?lng=en-US&tz=Europe%2FAmsterdam
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/chunk-vendors.5294d489.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.53.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-53-134.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://invest.beroi-bali.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains
Date
Thu, 07 Dec 2023 15:12:44 GMT
X-Content-Type-Options
nosniff
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Via
1.1 vegur
Surrogate-Control
no-store
Connection
keep-alive
Content-Length
15
X-Xss-Protection
1; mode=block
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1701961964&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=znvekUTz%2FB6Bl2X%2BDlQ8vB2hDCTHbMTXMUQKnvTZDpM%3D
Pragma
no-cache
Server
Cowboy
Etag
W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
X-Download-Options
noopen
Vary
Origin, Accept-Encoding
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701961964&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=znvekUTz%2FB6Bl2X%2BDlQ8vB2hDCTHbMTXMUQKnvTZDpM%3D"}]}
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://invest.beroi-bali.xyz
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Expires
0
sbsnwggnlbg8satrx6pt.png
hgwipn3sa-res.cloudinary.com/image/upload/w_auto,f_auto,q_auto,g_auto,c_fill,h_37,dpr_1/ 		674 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hgwipn3sa-res.cloudinary.com/image/upload/w_auto,f_auto,q_auto,g_auto,c_fill,h_37,dpr_1/sbsnwggnlbg8satrx6pt.png
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:9ae::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
a4c4a0feb08c9642a7e93ee28c642fb6a66c6b40532757ef3218324054acd6f7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:44 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="sbsnwggnlbg8satrx6pt.webp"
server-timing
cld-akam;dur=215;cpu=41;start=2023-12-07T15:12:43.947Z;desc=miss,rtt;dur=19,content-info;desc="width=95,height=37,owidth=1163,oheight=452,obytes=40688",cloudinary;dur=86;start=2023-12-07T15:12:44.024Z
content-length
674
last-modified
Mon, 20 Mar 2023 08:25:42 GMT
server
Cloudinary
etag
"577093067b53ed5a97c94e89b56645ca"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR,Width,Sec-CH-Width
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=2592000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
marquiz-text-logo.5e6071c1.svg
cdn.mrqz.me/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mrqz.me/img/marquiz-text-logo.5e6071c1.svg
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.152.63 , Russian Federation, ASN204878 (CCT-M9P1, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
5e726c8836effdbd6ac34b649366e8dde4d44ec9f0c7224952470f6755917f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
content-encoding
gzip
via
1.1 0c1168f7b86cbd4c1fa0a6e6e52ab0ce.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
HEL51-P3
age
82
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-ngenix-cache
HIT
last-modified
Fri, 20 Oct 2023 11:30:58 GMT
server
nginx
etag
W/"21aff6c06b5d4ceb53d0c66a28d81391"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
gYF2id2mPUW7NyuKHHOX72wRNrkqlBdL9lsnsn9-hLM12dsOhu6NTg==
kqbgjoidgwzarhcdtrrk.jpg
hgwipn3sa-res.cloudinary.com/image/upload/w_1600,f_auto,q_auto,g_auto,c_fill,dpr_1/ 		246 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hgwipn3sa-res.cloudinary.com/image/upload/w_1600,f_auto,q_auto,g_auto,c_fill,dpr_1/kqbgjoidgwzarhcdtrrk.jpg
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:9ae::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
98daebf5ac388b550051c24e00a32c85a4dc5aa44b29f1e2a51657e6546eb702
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:44 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 10 Apr 2023 08:27:04 GMT
server
Cloudinary
etag
"37a5b661a8c1d5810b8fa4cfb2b9c11e"
vary
Accept,User-Agent,Save-Data
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=2592000
server-timing
cld-akam;dur=256;cpu=35;start=2023-12-07T15:12:43.963Z;desc=miss,rtt;dur=19,content-info;desc="width=1600,height=905,owidth=1917,oheight=1084,obytes=971221",cloudinary;dur=131;start=2023-12-07T15:12:44.041Z
accept-ranges
bytes
timing-allow-origin
*
content-length
251751
loader.f57ac226.svg
cdn.mrqz.me/img/ 		815 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mrqz.me/img/loader.f57ac226.svg
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/css/app.ec1244b4.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.152.63 , Russian Federation, ASN204878 (CCT-M9P1, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
52bf3dc76bce8ad0316d768f848c31357e34cafc0cc412c390661fad9f4a7f4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.mrqz.me/css/app.ec1244b4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:43 GMT
via
1.1 3f1acdac237fc88cc9bbf845607a5bc0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
HEL51-P3
age
3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
815
x-ngenix-cache
HIT
last-modified
Tue, 01 Aug 2023 05:36:41 GMT
server
nginx
etag
"4c98b8f74af51b62c57ed9d900fc54bc"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
ZcIpu8hs19ovmYhTqpjbaXUlMcnkerVyXNIwwtsEEtJFqF85ZsrMQg==
Iura6YBj_oCad4k1nzGBCw.woff2
fonts.gstatic.com/s/tajawal/v9/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tajawal:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invest.beroi-bali.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:22:15 GMT
x-content-type-options
nosniff
age
240629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10256
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 20:22:15 GMT
Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v9/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tajawal:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
9986de5db80ec050300f1cea25d651a5779ae62b91a39b5667ac23d0c7668cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invest.beroi-bali.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 06:28:39 GMT
x-content-type-options
nosniff
age
463445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9900
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 06:28:39 GMT
Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v9/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tajawal:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invest.beroi-bali.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 04:31:39 GMT
x-content-type-options
nosniff
age
470465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9996
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 04:31:39 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113524925-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHJQB8JGTT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
204c7e9c8bea1adae4c282660ea92e141ad2399c7efd209c5d0f08b803988629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68992
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 15:12:44 GMT
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MHJQB8JGTT&gtm=45je3bt0v9122897234&_p=1701961963865&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1964276914.1701961964&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1701961964&sct=1&seg=0&dl=https%3A%2F%2Finvest.beroi-bali.xyz%2F&dt=We%20will%20find%20you%20a%20property%20in%20Bali%20with%20an%20income%20of%20%2461%2C900%20per%20year&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1870
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHJQB8JGTT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MHJQB8JGTT&cid=1964276914.1701961964&gtm=45je3bt0v9122897234&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHJQB8JGTT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MHJQB8JGTT&gtm=45je3bt0v9122897234&_p=1701961963865&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1964276914.1701961964&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1701961964&sct=1&seg=0&dl=https%3A%2F%2Finvest.beroi-bali.xyz%2F&dt=We%20will%20find%20you%20a%20property%20in%20Bali%20with%20an%20income%20of%20%2461%2C900%20per%20year&en=marquiz_result&_c=1&_et=2&tfd=1873
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHJQB8JGTT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MHJQB8JGTT&gtm=45je3bt0v9122897234&_p=1701961963865&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1964276914.1701961964&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=3&sid=1701961964&sct=1&seg=0&dl=https%3A%2F%2Finvest.beroi-bali.xyz%2F&dt=We%20will%20find%20you%20a%20property%20in%20Bali%20with%20an%20income%20of%20%2461%2C900%20per%20year&en=marquiz_start&_c=1&_et=1&tfd=1874
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHJQB8JGTT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MHJQB8JGTT&cid=1964276914.1701961964&gtm=45je3bt0v9122897234&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1582320273
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MHJQB8JGTT&gtm=45je3bt0v9122897234&_p=1701961963865&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1964276914.1701961964&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AkA&_s=4&sid=1701961964&sct=1&seg=0&dl=https%3A%2F%2Finvest.beroi-bali.xyz%2F&dt=We%20will%20find%20you%20a%20property%20in%20Bali%20with%20an%20income%20of%20%2461%2C900%20per%20year&en=scroll&epn.percent_scrolled=90&_et=2&tfd=1883
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHJQB8JGTT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MHJQB8JGTT&gtm=45je3bt0v9122897234&_p=1701961963865&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1964276914.1701961964&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=5&sid=1701961964&sct=1&seg=0&dl=https%3A%2F%2Finvest.beroi-bali.xyz%2F&dt=We%20will%20find%20you%20a%20property%20in%20Bali%20with%20an%20income%20of%20%2461%2C900%20per%20year&en=marquiz_result&_c=1&epn.percent_scrolled=90&_et=2&tfd=1883
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHJQB8JGTT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MHJQB8JGTT&gtm=45je3bt0v9122897234&_p=1701961963865&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1964276914.1701961964&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=6&sid=1701961964&sct=1&seg=0&dl=https%3A%2F%2Finvest.beroi-bali.xyz%2F&dt=We%20will%20find%20you%20a%20property%20in%20Bali%20with%20an%20income%20of%20%2461%2C900%20per%20year&en=marquiz_start&_c=1&epn.percent_scrolled=90&_et=1&tfd=1884
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHJQB8JGTT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Afp%3A1300%3Afu%3A0%3Aen%3Autf-8%3Al...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Afp%3A1300%3Afu%3A0%3Aen%3Autf-8%3A...
264 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Afp%3A1300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A2%3Adp%3A0%3Als%3A1400515727406%3Ahid%3A323483865%3Az%3A60%3Ai%3A20231207161244%3Aet%3A1701961964%3Ac%3A1%3Arn%3A73515102%3Arqn%3A1%3Au%3A1701961964119601457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C117%2C345%2C2%2C362%2C0%2C%2C298%2C0%2C%2C%2C%2C1286%3Aco%3A0%3Acpf%3A1%3Ans%3A1701961962585%3Agi%3AR0ExLjEuMTk2NDI3NjkxNC4xNzAxOTYxOTY0%3Ast%3A1701961964&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
fe9fac5127c7c6496614fbabacf9c8d487a20a0f3c77d146afa756a9e34b82f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 07-Dec-2023 15:12:45 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
264
x-xss-protection
1; mode=block
expires
Thu, 07-Dec-2023 15:12:45 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:44 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 07-Dec-2023 15:12:44 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Afp%3A1300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A2%3Adp%3A0%3Als%3A1400515727406%3Ahid%3A323483865%3Az%3A60%3Ai%3A20231207161244%3Aet%3A1701961964%3Ac%3A1%3Arn%3A73515102%3Arqn%3A1%3Au%3A1701961964119601457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C117%2C345%2C2%2C362%2C0%2C%2C298%2C0%2C%2C%2C%2C1286%3Aco%3A0%3Acpf%3A1%3Ans%3A1701961962585%3Agi%3AR0ExLjEuMTk2NDI3NjkxNC4xNzAxOTYxOTY0%3Ast%3A1701961964&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 07-Dec-2023 15:12:44 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:44 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 04 Dec 2023 12:19:38 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"656dc3da-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 07 Dec 2023 16:12:44 GMT
1
mc.yandex.ru/watch/92298503/
Redirect Chain
  • https://mc.yandex.ru/watch/92298503?wmode=7&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Afp%3A1...
  • https://mc.yandex.ru/watch/92298503/1?wmode=7&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Afp%3...
435 B
599 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/92298503/1?wmode=7&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Afp%3A1300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A821984424677%3Ahid%3A323483865%3Az%3A60%3Ai%3A20231207161244%3Aet%3A1701961964%3Ac%3A1%3Arn%3A459921198%3Arqn%3A1%3Au%3A1701961964119601457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C117%2C345%2C2%2C362%2C0%2C%2C298%2C0%2C%2C%2C%2C1286%3Aco%3A0%3Acpf%3A1%3Ans%3A1701961962585%3Agi%3AR0ExLjEuMTk2NDI3NjkxNC4xNzAxOTYxOTY0%3Arqnl%3A1%3Ast%3A1701961964%3At%3AWe%20will%20find%20you%20a%20property%20in%20Bali%20with%20an%20income%20of%20%2461%2C900%20per%20year&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
2961e1b403e11a0917c1d96caba7cf87ff7b2fd1b531bb2d99cba72ece6cf5fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 07-Dec-2023 15:12:45 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Thu, 07-Dec-2023 15:12:45 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:44 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 07-Dec-2023 15:12:44 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/92298503/1?wmode=7&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Afp%3A1300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A821984424677%3Ahid%3A323483865%3Az%3A60%3Ai%3A20231207161244%3Aet%3A1701961964%3Ac%3A1%3Arn%3A459921198%3Arqn%3A1%3Au%3A1701961964119601457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C117%2C345%2C2%2C362%2C0%2C%2C298%2C0%2C%2C%2C%2C1286%3Aco%3A0%3Acpf%3A1%3Ans%3A1701961962585%3Agi%3AR0ExLjEuMTk2NDI3NjkxNC4xNzAxOTYxOTY0%3Arqnl%3A1%3Ast%3A1701961964%3At%3AWe%20will%20find%20you%20a%20property%20in%20Bali%20with%20an%20income%20of%20%2461%2C900%20per%20year&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 07-Dec-2023 15:12:44 GMT
Medium.0b650b2f.woff2
cdn.mrqz.me/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.mrqz.me/fonts/Medium.0b650b2f.woff2
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/css/app.ec1244b4.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.152.63 , Russian Federation, ASN204878 (CCT-M9P1, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
6589d27de60e678c3e38f593af996efb1b97d76d374c7b6f7b79fae676bb297a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cdn.mrqz.me/css/app.ec1244b4.css
Origin
https://invest.beroi-bali.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:44 GMT
via
1.1 1bc30f616a6ad2ebab98d656f04c65b0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
HEL51-P3
age
3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29296
x-ngenix-cache
HIT
last-modified
Tue, 01 Aug 2023 05:36:41 GMT
server
nginx
etag
"dcc50aca38c591ba7746c9ae90a16b67"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
yO7_RmUrrHC9IzgpUlhc2WWNvN9mcKL9XTSObELQ2aDuWeoiCzQIBg==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113524925-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 07 Dec 2023 13:22:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6612
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 07 Dec 2023 15:22:33 GMT
947947856564285
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/947947856564285?v=2.9.138&r=stable&domain=invest.beroi-bali.xyz
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e017f235c768c07e3b7fcfa60427ef8a9683c0a18e188b1f72ad48aed89f2c4f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Dec 2023 15:12:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
T6kK6K7WeUO3/C6TxmP32xcywZZ9Af1C/pfHeAZQZiJAwPvO6iztvKFryf2nMi4V6AKODmaH8YMCN+ojZ0ZTHw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=116385621&t=pageview&_s=1&dl=https%3A%2F%2Finvest.beroi-bali.xyz%2F&ul=en-us&de=UTF-8&dt=We%20will%20find%20you%20a%20property%20in%20Bali%20with%20an%20income%20of%20%2461%2C900%20per%20year&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAIC~&jid=1191626004&gjid=2091098490&cid=1964276914.1701961964&tid=UA-113524925-1&_gid=1135473663.1701961965&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=719995983
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/chunk-vendors.5294d489.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://invest.beroi-bali.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-113524925-1&cid=1964276914.1701961964&jid=1191626004&gjid=2091098490&_gid=1135473663.1701961965&_u=YADAAUAAAAAAACAAIC~&z=1793609634
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/chunk-vendors.5294d489.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://invest.beroi-bali.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 07 Dec 2023 15:12:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=947947856564285&ev=PageView&dl=https%3A%2F%2Finvest.beroi-bali.xyz%2F&rl=&if=false&ts=1701961965353&sw=1600&sh=1200&ud[external_id]=9336967623044fcb8c7c9f08f5a8f98f80b8d16eecb95e7ccafb501c8eae34cc&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701961965353.1363927111&ler=empty&it=1701961964968&coo=false&rqm=GET
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 07 Dec 2023 15:12:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-113524925-1&cid=1964276914.1701961964&jid=1191626004&_u=YADAAUAAAAAAACAAIC~&z=410239004
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-113524925-1&cid=1964276914.1701961964&jid=1191626004&_u=YADAAUAAAAAAACAAIC~&z=410239004
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10210.CqsVjWyg_BS3XQs9DmLOzo_H2Q9RO_e9mvn-MJ7S4Y7JO_UK0RZCqiJV55iOlXlZ.hBUCHAiz2n2H9h_zJRSen9Qfxcs%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10210.23smyHBjBr6QkrEYB2nmF_WOT_lQ12z2VtDLTAFBs_5z2VQBmFbrGRfCGzzEH13FRzZx22LxqHulP6HejdkNL6k2aOZu2DJrEc6EjptSgwMYQVa46jvyEPRfs_NIstvEiAmQD7SY...
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=10210.23smyHBjBr6QkrEYB2nmF_WOT_lQ12z2VtDLTAFBs_5z2VQBmFbrGRfCGzzEH13FRzZx22LxqHulP6HejdkNL6k2aOZu2DJrEc6EjptSgwMYQVa46jvyEPRfs_NIstvEiAmQD7SYF1Xpa1kXAQjnRuv8g7GltGcIjAI_glVV3xs0c29vyUVciOZ2eUCqepQdMQb6vDPlT_LhUDr75S8E0kaQifM2dg8hTMWol_8xyXw%2C.eIOBqXlninMi3Psn9pggZ4j_Rbw%2C
Requested by
Host: invest.beroi-bali.xyz
URL: https://invest.beroi-bali.xyz/
Protocol
H2
Server
80.239.201.82 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://invest.beroi-bali.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:12:45 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=10210.23smyHBjBr6QkrEYB2nmF_WOT_lQ12z2VtDLTAFBs_5z2VQBmFbrGRfCGzzEH13FRzZx22LxqHulP6HejdkNL6k2aOZu2DJrEc6EjptSgwMYQVa46jvyEPRfs_NIstvEiAmQD7SYF1Xpa1kXAQjnRuv8g7GltGcIjAI_glVV3xs0c29vyUVciOZ2eUCqepQdMQb6vDPlT_LhUDr75S8E0kaQifM2dg8hTMWol_8xyXw%2C.eIOBqXlninMi3Psn9pggZ4j_Rbw%2C
date
Thu, 07 Dec 2023 15:12:45 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
92298503
mc.yandex.ru/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/92298503?wv-part=1&wv-type=7&wmode=0&wv-hit=323483865&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&rn=398173825&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1701961968%3Aw%3A1600x1200%3Av%3A1180%3Az%3A60%3Ai%3A20231207161247%3Au%3A1701961964119601457%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Ast%3A1701961968&t=gdpr(14)ti(1)
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/chunk-vendors.5294d489.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://invest.beroi-bali.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:47 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 07-Dec-2023 15:12:47 GMT
content-type
image/gif
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 07-Dec-2023 15:12:47 GMT
92298503
mc.yandex.ru/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/92298503?wv-part=1&wv-type=7&wmode=0&wv-hit=323483865&page-url=https%3A%2F%2Finvest.beroi-bali.xyz%2F&rn=305831231&browser-info=we%3A1%3Aet%3A1701961968%3Aw%3A1600x1200%3Av%3A1180%3Az%3A60%3Ai%3A20231207161248%3Au%3A1701961964119601457%3Avf%3Atuwae7cfn6xnufspgli8bfj%3Ast%3A1701961968&t=gdpr(14)ti(1)
Requested by
Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/chunk-vendors.5294d489.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://invest.beroi-bali.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 15:12:48 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 07-Dec-2023 15:12:48 GMT
content-type
image/gif
access-control-allow-origin
https://invest.beroi-bali.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 07-Dec-2023 15:12:48 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| quizData string| apiUrl object| webpackChunkmarquiz_quiz object| regeneratorRuntime function| gtag object| dataLayer function| fbq function| _fbq object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| Ya object| yaCounter92298503 string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

24 Cookies

Domain/Path Name / Value
invest.beroi-bali.xyz/ Name: visitor_id
Value: bcb7a216-eb87-4554-b4f5-00de6a55f539
invest.beroi-bali.xyz/ Name: uuid_undefined
Value: 7238cebe-b82e-42b5-a503-11bf8aaef477
invest.beroi-bali.xyz/ Name: marquiz_visitor_id
Value: 1a707237-0e05-4274-be2a-35dd84093ad3
.beroi-bali.xyz/ Name: _ga_MHJQB8JGTT
Value: GS1.1.1701961964.1.0.1701961964.60.0.0
.beroi-bali.xyz/ Name: _ym_uid
Value: 1701961964119601457
.beroi-bali.xyz/ Name: _ym_d
Value: 1701961964
.beroi-bali.xyz/ Name: _ym_isad
Value: 2
.yandex.ru/ Name: ymex
Value: 1733497964.yrts.1701961964#1733497964.yrtsi.1701961964
.yandex.ru/ Name: bh
Value: KgI/MA==
.beroi-bali.xyz/ Name: _ga
Value: GA1.2.1964276914.1701961964
.beroi-bali.xyz/ Name: _gid
Value: GA1.2.1135473663.1701961965
.beroi-bali.xyz/ Name: _gat_gtag_UA_113524925_1
Value: 1
.beroi-bali.xyz/ Name: _fbp
Value: fb.1.1701961965353.1363927111
mc.yandex.ru/ Name: yabs-sid
Value: 392376431701961964
.yandex.ru/ Name: i
Value: +YVwcd32uVhQ9HycyImg4NoMecTfNmQOfhglEJlS2wrSVF5F/JJPWywBD52X/iBVrgD5zKRZ0mL87g+Wj4gjL7qWjec=
.yandex.ru/ Name: yandexuid
Value: 94172871701961964
.yandex.ru/ Name: yuidss
Value: 94172871701961964
.beroi-bali.xyz/ Name: _ym_visorc
Value: w
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 1238990700fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3537984558fake
.webvisor.org/ Name: yandexuid
Value: 94172871701961964
.webvisor.org/ Name: yuidss
Value: 94172871701961964
.webvisor.org/ Name: i
Value: +YVwcd32uVhQ9HycyImg4NoMecTfNmQOfhglEJlS2wrSVF5F/JJPWywBD52X/iBVrgD5zKRZ0mL87g+Wj4gjL7qWjec=
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.mrqz.me
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
hgwipn3sa-res.cloudinary.com
invest.beroi-bali.xyz
marquiz-backend.herokuapp.com
mc.webvisor.org
mc.yandex.ru
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
142.250.185.227
172.217.18.3
2001:4860:4802:34::36
212.193.152.63
2606:4700::6810:5514
2a00:1450:4001:80b::2004
2a00:1450:4001:811::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9c
2a02:26f0:480:9ae::523
2a02:6b8::1:119
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
51.250.38.59
54.73.53.134
80.239.201.82
0ffc591d672711013fda0d916d6c38606de0b511da584085d956c02bc68d1bd2
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
204c7e9c8bea1adae4c282660ea92e141ad2399c7efd209c5d0f08b803988629
2961e1b403e11a0917c1d96caba7cf87ff7b2fd1b531bb2d99cba72ece6cf5fe
3192358dc61aa0749d2fee19ebfef3185f9596d49b73b029ede69c36cfae2c67
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
52bf3dc76bce8ad0316d768f848c31357e34cafc0cc412c390661fad9f4a7f4d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59242034d4f2c03f985b12bd52020fb69a6e6cc67858bc01e137c77d4849cd9d
5e726c8836effdbd6ac34b649366e8dde4d44ec9f0c7224952470f6755917f2a
6589d27de60e678c3e38f593af996efb1b97d76d374c7b6f7b79fae676bb297a
7178ffb162c24d44f39c7ee2711a98dfc32c9be9a4e4b69b4f5d507f4f08a2ad
98daebf5ac388b550051c24e00a32c85a4dc5aa44b29f1e2a51657e6546eb702
9986de5db80ec050300f1cea25d651a5779ae62b91a39b5667ac23d0c7668cbb
9db707553795d6d448afa224dd8a4279e399fdb7640fbd71b078bd3c45aa2588
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4c4a0feb08c9642a7e93ee28c642fb6a66c6b40532757ef3218324054acd6f7
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
c6fedea5dbebfa6b2b7fcdf660721c4e9303f5aef3d7ba48d5fa0b3817b51a06
d1caebcec3b5de46d950e17872c9e854840ed8fdcc86ecc3388a2dfcdb639662
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
e017f235c768c07e3b7fcfa60427ef8a9683c0a18e188b1f72ad48aed89f2c4f
e0c051f5f26ce1e92a0623ca27b6822355d9c9056f89c0957150541fd27698ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe9fac5127c7c6496614fbabacf9c8d487a20a0f3c77d146afa756a9e34b82f1