urlscan.io logo urlscan.io
SecurityTrails logo

beritahebat2.blogspot.com Open in urlscan Pro
2607:f8b0:4004:c09::84  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.beritahebat2.blogspot.com/
Effective URL: https://beritahebat2.blogspot.com/
Submission: On December 31 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 19 domains to perform 51 HTTP transactions. The main IP is 2607:f8b0:4004:c09::84, located in Washington, United States and belongs to GOOGLE, US. The main domain is beritahebat2.blogspot.com.
TLS certificate: Issued by WR2 on December 2nd 2024. Valid for: 3 months.
This is the only time beritahebat2.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 104.18.10.207 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
11 142.132.202.70 24940 (HETZNER-A...)
11 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:90c0:999... 199524 (GCORE G-C...)
1 142.251.163.154 15169 (GOOGLE)
1 1 139.45.197.116 9002 (RETN-AS R...)
1 139.45.197.105 9002 (RETN-AS R...)
2 142.251.16.132 15169 (GOOGLE)
1 172.253.115.191 15169 (GOOGLE)
2 172.67.136.238 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 4 104.21.64.1 13335 (CLOUDFLAR...)
1 31.172.81.226 44066 (DE-FIRSTC...)
51 18
3    2607:f8b0:4004:c09::84 (Washington, United States)

ASN15169 (GOOGLE, US)
www.beritahebat2.blogspot.com
beritahebat2.blogspot.com
3    2607:f8b0:4004:c06::bf (Washington, United States)

ASN15169 (GOOGLE, US)
www.blogger.com
1    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
2    2607:f8b0:4004:c17::8b (Washington, United States)

ASN15169 (GOOGLE, US)
apis.google.com
11    142.132.202.70 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.70.202.132.142.clients.your-server.de
st-n.ads3-adnow.com
korfo.org
powered-by-revidy.com
n.ads3-adnow.com
11    2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
lh3.googleusercontent.com
4.bp.blogspot.com
1    2607:f8b0:4004:c0b::84 (Washington, United States)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
1    2a03:90c0:9996::9996 (United States)

ASN199524 (GCORE G-Core Labs S.A., LU)
st-n.ads1-adnow.com
1    142.251.163.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
pagead2.googlesyndication.com
1    139.45.197.116 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
go.padstm.com
1    139.45.197.105 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
go.padsdel.com
2    142.251.16.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f132.1e100.net
themes.googleusercontent.com
blogger.googleusercontent.com
1    172.253.115.191 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f191.1e100.net
www.blogger.com
2    172.67.136.238 (United States)

ASN13335 (CLOUDFLARENET, US)
a11ybar.com
2    2607:f8b0:4004:c0b::77 (Washington, United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)
2.bp.blogspot.com
4    104.21.64.1 (None, )

ASN13335 (CLOUDFLARENET, US)
nethcdn.com
1    31.172.81.226 (Germany)

ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE)
n.ads1-adnow.com
Apex Domain
Subdomains		 Transfer
12 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45 Failed
blogger.googleusercontent.com — Cisco Umbrella Rank: 10221
themes.googleusercontent.com — Cisco Umbrella Rank: 12500
72 KB
6 blogspot.com
www.beritahebat2.blogspot.com
beritahebat2.blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 22106
4.bp.blogspot.com — Cisco Umbrella Rank: 28626
2.bp.blogspot.com — Cisco Umbrella Rank: 27842
101 KB
4 powered-by-revidy.com
powered-by-revidy.com — Cisco Umbrella Rank: 205576
4 korfo.org
korfo.org — Cisco Umbrella Rank: 267834
4 nethcdn.com
nethcdn.com — Cisco Umbrella Rank: 173688
2 KB
4 blogger.com
www.blogger.com — Cisco Umbrella Rank: 12722
8 KB
3 ads3-adnow.com
st-n.ads3-adnow.com
n.ads3-adnow.com
2 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 106
8 KB
2 a11ybar.com
a11ybar.com — Cisco Umbrella Rank: 175859
2 KB
2 ads1-adnow.com
st-n.ads1-adnow.com — Cisco Umbrella Rank: 404561
n.ads1-adnow.com — Cisco Umbrella Rank: 363834
34 KB
2 google.com
apis.google.com — Cisco Umbrella Rank: 121
200 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3540
39 KB
1 padsdel.com
go.padsdel.com
1 padstm.com
go.padstm.com
161 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
67 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
92 KB
0 mobicow.com Failed
cdn.mobicow.com Failed
0 histats.com Failed
s10.histats.com Failed
0 amung.us Failed
widgets.amung.us Failed
51 19
Domain Requested by
10 blogger.googleusercontent.com beritahebat2.blogspot.com
4 powered-by-revidy.com a11ybar.com
4 korfo.org a11ybar.com
4 nethcdn.com 4 redirects
4 www.blogger.com beritahebat2.blogspot.com
apis.google.com
2 n.ads3-adnow.com st-n.ads1-adnow.com
2 i.ytimg.com beritahebat2.blogspot.com
2 a11ybar.com st-n.ads3-adnow.com
a11ybar.com
2 apis.google.com beritahebat2.blogspot.com
apis.google.com
2 netdna.bootstrapcdn.com beritahebat2.blogspot.com
netdna.bootstrapcdn.com
2 beritahebat2.blogspot.com beritahebat2.blogspot.com
1 n.ads1-adnow.com st-n.ads1-adnow.com
1 2.bp.blogspot.com beritahebat2.blogspot.com
1 themes.googleusercontent.com beritahebat2.blogspot.com
1 go.padsdel.com beritahebat2.blogspot.com
1 go.padstm.com 1 redirects
1 pagead2.googlesyndication.com beritahebat2.blogspot.com
1 st-n.ads1-adnow.com beritahebat2.blogspot.com
1 4.bp.blogspot.com beritahebat2.blogspot.com
1 1.bp.blogspot.com beritahebat2.blogspot.com
1 lh3.googleusercontent.com beritahebat2.blogspot.com
1 st-n.ads3-adnow.com beritahebat2.blogspot.com
1 ajax.googleapis.com beritahebat2.blogspot.com
1 www.beritahebat2.blogspot.com 1 redirects
0 cdn.mobicow.com Failed beritahebat2.blogspot.com
0 s10.histats.com Failed beritahebat2.blogspot.com
0 widgets.amung.us Failed beritahebat2.blogspot.com
51 27
Subject Issuer Validity Valid
misc-sni.blogspot.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.blogger.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
*.apis.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
st-n.ads3-adnow.com
R11		 2024-11-13 -
2025-02-11		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
n.ads1-adnow.com
E5		 2024-11-20 -
2025-02-18		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
padsdel.com
R11		 2024-12-01 -
2025-03-01		 3 months crt.sh
a11ybar.com
WE1		 2024-12-16 -
2025-03-16		 3 months crt.sh
edgestatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
korfo.org
R10		 2024-11-05 -
2025-02-03		 3 months crt.sh
powered-by-revidy.com
R10		 2024-11-26 -
2025-02-24		 3 months crt.sh
n.ads3-adnow.com
R11		 2024-12-31 -
2025-03-31		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://beritahebat2.blogspot.com/
Frame ID: 25DD78EE9B65C843C1406DD22FA1EAC0
Requests: 44 HTTP requests in this frame

Frame: https://go.padsdel.com/?id=208417&t=iframe
Frame ID: 684BCAE7D12D3D2B7E4B163C1EBFDCE8
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=6708901988114528665&blogName=Berita+Hebat!&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://beritahebat2.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://beritahebat2.blogspot.com/&vt=7088283739129543463&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.eXGUr_3hPjA.O%2Fd%3D1%2Frs%3DAHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A%2Fm%3D__features__
Frame ID: 53124D402150F80E09A7FC06AEA536F3
Requests: 1 HTTP requests in this frame

Frame: https://korfo.org/vu/ca/
Frame ID: 18374C2E8B6FDD1691ED4BE72CBE189E
Requests: 1 HTTP requests in this frame

Frame: https://powered-by-revidy.com/a
Frame ID: 422ACDBD56DD1910BF9750E355D3B471
Requests: 1 HTTP requests in this frame

Frame: https://korfo.org/vu/ca/
Frame ID: FE60D6FAFA222AC5082A643E3FE98C9F
Requests: 1 HTTP requests in this frame

Frame: https://powered-by-revidy.com/a
Frame ID: 881576F5BCABBEDE928E3B1455C0F235
Requests: 1 HTTP requests in this frame

Frame: https://korfo.org/vu/ca/
Frame ID: 927ACC42E214517489C5471D23E6C281
Requests: 1 HTTP requests in this frame

Frame: https://powered-by-revidy.com/a
Frame ID: FF6F6A658A16590E71C2BA6EEFA672C4
Requests: 1 HTTP requests in this frame

Frame: https://korfo.org/vu/ca/
Frame ID: 995380667A6FEE5316EF5576C7BD7CDF
Requests: 1 HTTP requests in this frame

Frame: https://powered-by-revidy.com/a
Frame ID: 5542363DE909521EBC008F230780FDDD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Berita Hebat!

Page URL History Show full URLs

  1. http://www.beritahebat2.blogspot.com/ HTTP 307
    https://www.beritahebat2.blogspot.com/ HTTP 301
    https://beritahebat2.blogspot.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

88 %
HTTPS

47 %
IPv6

19
Domains

27
Subdomains

18
IPs

4
Countries

556 kB
Transfer

1123 kB
Size

115
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.beritahebat2.blogspot.com/ HTTP 307
    https://www.beritahebat2.blogspot.com/ HTTP 301
    https://beritahebat2.blogspot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://go.padstm.com/?id=208417&t=iframe HTTP 302
  • https://go.padsdel.com/?id=208417&t=iframe
Request Chain 41
  • https://nethcdn.com/stat HTTP 302
  • https://korfo.org/vu/ca/
Request Chain 43
  • https://nethcdn.com/stat HTTP 302
  • https://korfo.org/vu/ca/
Request Chain 49
  • https://nethcdn.com/stat HTTP 302
  • https://korfo.org/vu/ca/
Request Chain 51
  • https://nethcdn.com/stat HTTP 302
  • https://korfo.org/vu/ca/

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
beritahebat2.blogspot.com/
Redirect Chain
  • http://www.beritahebat2.blogspot.com/
  • https://www.beritahebat2.blogspot.com/
  • https://beritahebat2.blogspot.com/
156 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
92d2e1dfae7eed4958892a3d75bbfcc2b900588ca4aa115d3b15e850c3d315f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
47336
content-type
text/html; charset=UTF-8
date
Tue, 31 Dec 2024 08:48:39 GMT
etag
W/"3ee000c6c1db8c1a006418061dd9a10cbb0dec8f0f5cd9ff958d9580c5486b7d"
expires
Tue, 31 Dec 2024 08:48:39 GMT
last-modified
Fri, 08 Nov 2024 14:55:31 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
199
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Tue, 31 Dec 2024 08:48:38 GMT
expires
Tue, 31 Dec 2024 08:48:38 GMT
location
https://beritahebat2.blogspot.com/
server
GSE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

content-encoding
gzip
age
268482
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Sun, 28 Dec 2025 06:13:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Dec 2024 06:13:57 GMT
last-modified
Sat, 28 Dec 2024 02:53:30 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
6620
x-xss-protection
0
server
sffe
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

age
291246
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 23:54:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 23:54:33 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
93636
x-xss-protection
0
server
sffe
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/3.1.1/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/3.1.1/css/font-awesome.min.css
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b017f657019d269d0fe288b7f4076c8a4e61182769d712646f0e1fb7b67a496
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"a347270d77e069f7ba0c6e50149ac640"
age
2685756
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 31 Dec 2024 08:48:39 GMT
last-modified
Mon, 25 Jan 2021 22:04:50 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
11/01/2024 23:04:28
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
fae3dd426aca592488bc4f5fe5c6b3dd
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.06
cf-ray
8fa903059eeda1fc-YYZ
access-control-allow-origin
*
cdn-edgestorageid
940
server
cloudflare
cdn-requestcountrycode
US
platform.js
apis.google.com/js/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d205e3611c526c7d6f6c936609ebe4a3979f8226f1ae2861629333cf078aa8c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

content-encoding
gzip
etag
"5b1e5969edaf6700"
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 08:48:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 08:48:39 GMT
content-type
text/javascript
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="gapi-team"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
24178
x-xss-protection
0
server
sffe
adv_out.js
st-n.ads3-adnow.com/js/ 		310 B
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://st-n.ads3-adnow.com/js/adv_out.js
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6a0a6797ea34236cfd5bef993fdeeee494cedbd1a4cb42e0e587f8eae0a86ba8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Date
Tue, 31 Dec 2024 08:48:39 GMT
Content-Type
application/javascript; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
AEn0k_uBenkGOxiUldwvVh60W8g-t3lPS9s6v15SZvGJ-rNLjvVrhqa7p8D7xG-JJrgXtZJJWyOPHG4XAkNuuhkgI0sNG9IKsX-VQzlR71wdhy472jQhlsVfkAHtpfN6oxzAR8sWGu4MIEmfAIBlfg=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		0
0
AEn0k_uHqABFKh-QOgBx_C2LV8Y0QY-FBDrEfaVF9L0bKiJb7nRdfKFXrN62_ztgbW9Jg9blCcVoAhdz3rzVEndmVEVo09UbfHWeO07ePTnX585QHMjQml9hRTk=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		0
0
AEn0k_smVQB-B9OLV6hZPQDwVUNvPWaeLwQYFtCyvVgrkV52oCdc8wcGbiPGjP51n6H1VbTHr6GiHDV2b8fTp1_gSf8AjNOecpK5LlEQy5Jj6Fh-yriA41_VJZyHtYQ_Jpz5u_mmCalZ1rmdiXGiqAWZnwDWp1cmyNEQDGk_66-c2ZvlAbY8FZxbM45LA2s=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		0
0
kaki+putus.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheDUmqPPf6xkxAaKFHCUHPr6UGCdxxY1l3DW1nprR1LmmKMPXQEQoqoyxR4YQ36hcqdGKLhB_Dhfw9LNKrnR6q39pvNKCQihvoUvR3ti8QRbAk83heSuxgqEqIHUFdXrRGAuKYcxKgvng/s72-c/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheDUmqPPf6xkxAaKFHCUHPr6UGCdxxY1l3DW1nprR1LmmKMPXQEQoqoyxR4YQ36hcqdGKLhB_Dhfw9LNKrnR6q39pvNKCQihvoUvR3ti8QRbAk83heSuxgqEqIHUFdXrRGAuKYcxKgvng/s72-c/kaki+putus.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
903085fa3fa8967d67e737bc260967c3c159c044d0eb57b25de21dee34ee4421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v279"
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 08:48:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4318
date
Tue, 31 Dec 2024 08:48:40 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="kaki putus.jpg"
kantoi+isteri+curang.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOHe2N6CWC-PAndYi3kt3huNcJ7SRRFnrx3Bko5kima6nsPUmaLzSb49D27_j_cJd839i-05LUMm839H4XHrwT3Q5rMm_YA_8bLhUjx-SrI2ToX-O3C2OKCBaejWbKYfUdzQLo5lv4Adw/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOHe2N6CWC-PAndYi3kt3huNcJ7SRRFnrx3Bko5kima6nsPUmaLzSb49D27_j_cJd839i-05LUMm839H4XHrwT3Q5rMm_YA_8bLhUjx-SrI2ToX-O3C2OKCBaejWbKYfUdzQLo5lv4Adw/s72-c/kantoi+isteri+curang.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fa911ea3f5090e2e5180919244e8070280fa7d03451c250357ea9a656ca73339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v156"
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 08:48:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2593
date
Tue, 31 Dec 2024 08:48:39 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="kantoi isteri curang.jpg"
adik.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgj7Hei3GB9gPdrT0hosI3ypoTZEYnrKpba1bbin6Omv8FGzln1ZeXyDG37a775vdeFfuHr4sQBSueybns8yj-BCo7lFS5iawB_NuycRQf07GVAZkbcU0xZmAZeO42JgohQjpcOdmL_uRT_/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgj7Hei3GB9gPdrT0hosI3ypoTZEYnrKpba1bbin6Omv8FGzln1ZeXyDG37a775vdeFfuHr4sQBSueybns8yj-BCo7lFS5iawB_NuycRQf07GVAZkbcU0xZmAZeO42JgohQjpcOdmL_uRT_/s72-c/adik.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8d5c0e86a83b2cefe4c9f32319b97e94493cfade395a89abc12fc18ccef8c5ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v1ed"
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 08:48:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3043
date
Tue, 31 Dec 2024 08:48:39 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="adik.jpg"
lanj.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZhnymwgAYGzvBjPKJ0v3IR85orMUU8pAbhcz5bLhujoarxvIX7QKQFibO9aLiVQ7ka3gyCRL0n6pt1wxSry1syAwcWGYbFoSIuEka7KpwT9SaEz0eXVC5bB7VP1xhwV4qcmaWZP5GXBON/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZhnymwgAYGzvBjPKJ0v3IR85orMUU8pAbhcz5bLhujoarxvIX7QKQFibO9aLiVQ7ka3gyCRL0n6pt1wxSry1syAwcWGYbFoSIuEka7KpwT9SaEz0eXVC5bB7VP1xhwV4qcmaWZP5GXBON/s72-c/lanj.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0c6fc246d4c0958b6038ab7aea4b96848d3eb8fa534a238c6dbfd92eb644d409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v193b"
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 08:48:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2690
date
Tue, 31 Dec 2024 08:48:39 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="lanj.jpg"
10+Artis+Wanita+Paling+Hot+Di+Malaysia.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdnmXuizaif6YgZ2pqlkuWBhrRPqEBIq-mw8x2F4vLui9SJrDp6Ir3XmEChInrRtSVS8uhjF8m6xVhiEqPeXfwGQcGCB6bDNl56taQ3IayOjN4rIvUTzcoI8h7zVmGD4YFimeGvDgPHpI/s72-c/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdnmXuizaif6YgZ2pqlkuWBhrRPqEBIq-mw8x2F4vLui9SJrDp6Ir3XmEChInrRtSVS8uhjF8m6xVhiEqPeXfwGQcGCB6bDNl56taQ3IayOjN4rIvUTzcoI8h7zVmGD4YFimeGvDgPHpI/s72-c/10+Artis+Wanita+Paling+Hot+Di+Malaysia.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a7a784075cc54293ce4db8865c53e5ad327f92696fb673382246498249e18eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"vbda4"
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 08:48:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3805
date
Tue, 31 Dec 2024 08:48:40 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="10 Artis Wanita Paling Hot Di Malaysia.jpg"
kantoi%2Bzina.jpg
1.bp.blogspot.com/-B0ez_chinHA/VOptaO1flTI/AAAAAAAAPbw/inwDMos5Lq4/s72-c/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-B0ez_chinHA/VOptaO1flTI/AAAAAAAAPbw/inwDMos5Lq4/s72-c/kantoi%2Bzina.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a404c31e886f9d2519468423a3e1e91067f9d644a886ee4e9b40e517336f3641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

timing-allow-origin
*
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1323
date
Tue, 31 Dec 2024 08:48:39 GMT
x-xss-protection
0
content-type
image/png
server
fife
AEn0k_vOc1PJm1Cd8YvJe30GWHkUYkJgi5meKK8QCCCk_VgT7IH2iavO85Dv5cJJ2aqniCYN0QPlLEXxQK950A-zU3xMO6fpM8fvS7h8hLuwbIgBM3scf_8=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vOc1PJm1Cd8YvJe30GWHkUYkJgi5meKK8QCCCk_VgT7IH2iavO85Dv5cJJ2aqniCYN0QPlLEXxQK950A-zU3xMO6fpM8fvS7h8hLuwbIgBM3scf_8=s0-d
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
57eb79ec23f95554cfee51062e26a0e62c8b095b030bf7aa4068894370e1052e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

timing-allow-origin
*
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1187
date
Tue, 31 Dec 2024 08:48:39 GMT
x-xss-protection
0
content-type
image/jpeg
server
fife
bbyrina+1.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhK8ESmgHhaTqWCKr7Gn8fHo219QGzFvdqYBwimGXtvPbnOdQu5xqzAu1sZZpts182F7KI6daBXesF0nqnaprtPODkHDzJDSPh7zTyAZ5cHtOL8FlAEzSRF-6Gr5VCE50AePCBf1NHSPiU/s72-c/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhK8ESmgHhaTqWCKr7Gn8fHo219QGzFvdqYBwimGXtvPbnOdQu5xqzAu1sZZpts182F7KI6daBXesF0nqnaprtPODkHDzJDSPh7zTyAZ5cHtOL8FlAEzSRF-6Gr5VCE50AePCBf1NHSPiU/s72-c/bbyrina+1.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
55365f8bea71c89a83ae62ffba57db443e78e60ac4bd976911c4851c0090f70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v5fa0"
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 08:48:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3577
date
Tue, 31 Dec 2024 08:48:40 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="bbyrina 1.jpg"
foto.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCaWhBmxJGcAx-os_S2sdt8GI1Ts93syUiIwy971JuUx6ROJSOLPrlI-lEdZBr_Y0BLCE2u2wB34HCDnm3v9Go6H9pNtule3RljdCfqbQrrWEVnjVsSSoEw5i2f0Y2OVVxX_JUqJFMtwyG/s72-c/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCaWhBmxJGcAx-os_S2sdt8GI1Ts93syUiIwy971JuUx6ROJSOLPrlI-lEdZBr_Y0BLCE2u2wB34HCDnm3v9Go6H9pNtule3RljdCfqbQrrWEVnjVsSSoEw5i2f0Y2OVVxX_JUqJFMtwyG/s72-c/foto.PNG
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aa9f6ca9d9946bb5759792c734c3603cb3a2a0e81c585b55ac6c83459959dbd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v3c4"
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 08:48:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9788
date
Tue, 31 Dec 2024 08:48:40 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="foto.PNG"
1df6.jpg
4.bp.blogspot.com/-ZiyP6shjHNw/T5LnlBVj4WI/AAAAAAAALwU/e5LnG-9gIm4/s72-c/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-ZiyP6shjHNw/T5LnlBVj4WI/AAAAAAAALwU/e5LnG-9gIm4/s72-c/1df6.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a404c31e886f9d2519468423a3e1e91067f9d644a886ee4e9b40e517336f3641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

timing-allow-origin
*
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1323
date
Tue, 31 Dec 2024 08:48:39 GMT
x-xss-protection
0
content-type
image/png
server
fife
Awek+baju+kuning.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-97fc6u6IcjSyvPHVpsA3xaWbf1OnhwC47RriY45tNkJVu40cniyjA4iGLh-2hjh709e-p7w5wyx__1ZM_AFjofKYk6dMXWXYBU3Z2plWFD32NcwjNXXcBThyh0dP-w6HcPDXcfTBYCU/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-97fc6u6IcjSyvPHVpsA3xaWbf1OnhwC47RriY45tNkJVu40cniyjA4iGLh-2hjh709e-p7w5wyx__1ZM_AFjofKYk6dMXWXYBU3Z2plWFD32NcwjNXXcBThyh0dP-w6HcPDXcfTBYCU/s72-c/Awek+baju+kuning.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c30d2ea34d3cc4336906459a5b805db6ef997ab3967d06130683348445c76bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v15de"
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 08:48:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3332
date
Tue, 31 Dec 2024 08:48:40 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="Awek baju kuning.jpg"
lucah-melayu-565x447.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgi4Qg9kA0AUlMl7m3-dDI_th8w9BpSoRP61A2kRJvqlcXO-u001qwTSsKvqQuo71vNI-vPOBz0XtI8Qkmf0g-bPK7wZxmM9Gg96ZD6k61l8q4KfTUjhUlh4V_-1w7h5aB4C1wq3AsSJmED/s72-c/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgi4Qg9kA0AUlMl7m3-dDI_th8w9BpSoRP61A2kRJvqlcXO-u001qwTSsKvqQuo71vNI-vPOBz0XtI8Qkmf0g-bPK7wZxmM9Gg96ZD6k61l8q4KfTUjhUlh4V_-1w7h5aB4C1wq3AsSJmED/s72-c/lucah-melayu-565x447.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
60e56d2423dfececc836f65dcebcd9986a3c791b88acbd23791dff64e417ed1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v1b26"
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 08:48:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2559
date
Tue, 31 Dec 2024 08:48:40 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="lucah-melayu-565x447.jpg"
adv_out.js
st-n.ads1-adnow.com/js/ 		86 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st-n.ads1-adnow.com/js/adv_out.js
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
d76535ab07df1120bfada6d12d72c8c1f46cbe4bc32d4c84d3c26af0656a8da5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

cache
MISS
x-id
td2-hw-edge-gc4
cache-control
max-age=60
content-encoding
gzip
x-id-fe
td2-hw-edge-gc4
etag
W/"65a5222c-15946"
traceparent
00-45680c6def51c67163c1ab965194a98c-ef289193c8301ae4-01
expires
Tue, 31 Dec 2024 08:49:40 GMT
date
Tue, 31 Dec 2024 08:48:40 GMT
content-type
application/javascript
last-modified
Mon, 15 Jan 2024 12:16:44 GMT
server
nginx
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6708901988114528665&zx=2d520973-9ae0-4cc2-93e4-f6cb1ee6d1e7
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-length
21
date
Tue, 31 Dec 2024 08:48:39 GMT
x-xss-protection
1; mode=block
content-type
text/css; charset=UTF-8
last-modified
Tue, 31 Dec 2024 08:48:39 GMT
server
GSE
x-frame-options
SAMEORIGIN
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/ 		175 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d1ce7035000d38d825e3ee7cf8d8eb6971561154ff5d48fc3896523074a8601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

age
269876
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options
nosniff
expires
Sun, 28 Dec 2025 05:50:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Dec 2024 05:50:43 GMT
last-modified
Mon, 02 Dec 2024 19:38:27 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges
bytes
access-control-allow-origin
*
content-length
179479
x-xss-protection
0
server
sffe
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

content-encoding
br
etag
13036835877489095579
age
21357
x-content-type-options
nosniff
expires
Tue, 14 Jan 2025 02:52:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 31 Dec 2024 02:52:42 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
42
x-xss-protection
0
server
cafe
/
go.padsdel.com/ Frame 684B
Redirect Chain
  • https://go.padstm.com/?id=208417&t=iframe
  • https://go.padsdel.com/?id=208417&t=iframe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://go.padsdel.com/?id=208417&t=iframe
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.105 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://beritahebat2.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length
8
content-type
application/octet-stream text/plain
date
Tue, 31 Dec 2024 08:48:40 GMT
server
nginx

Redirect headers

content-length
138
content-type
text/html
date
Tue, 31 Dec 2024 08:48:39 GMT
location
https://go.padsdel.com/?id=208417&t=iframe
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
x-content-type-options
nosniff
truncated
/ 		686 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95a3e12c0a5555d7d9a7a686c0edc44ce244e4a8bd779fddeb794ee1491d651d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7beb4caf690bf0c0780806ea9b3082d4f0b2f60a4439dabfbc2256b7287af676

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		574 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d1d8a15f4c31771e53ce8f6a3aa93ac018fbe959cad281693fe8d530bba08f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
-g5pDUSRgvxvOl5u-a_WHw.woff
themes.googleusercontent.com/static/fonts/oswald/v8/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
a057e0c74a6ffa4a289512d05beb6998e6be8b91be2d056568ebf0c317c11a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://beritahebat2.blogspot.com
Referer
https://beritahebat2.blogspot.com/

Response headers

age
268282
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Sun, 28 Dec 2025 06:17:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Dec 2024 06:17:17 GMT
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
content-type
font/woff
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
21520
x-xss-protection
0
server
sffe
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6708901988114528665&zx=2d520973-9ae0-4cc2-93e4-f6cb1ee6d1e7
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.191 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f191.1e100.net
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-length
21
date
Tue, 31 Dec 2024 08:48:39 GMT
x-xss-protection
1; mode=block
content-type
text/css; charset=UTF-8
last-modified
Tue, 31 Dec 2024 08:48:39 GMT
server
GSE
x-frame-options
SAMEORIGIN
navbar.g
www.blogger.com/ Frame 5312 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=6708901988114528665&blogName=Berita+Hebat!&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://beritahebat2.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://beritahebat2.blogspot.com/&vt=7088283739129543463&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.eXGUr_3hPjA.O%2Fd%3D1%2Frs%3DAHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beritahebat2.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2150
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Tue, 31 Dec 2024 08:48:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ok6.js
a11ybar.com/ 		141 B
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a11ybar.com/ok6.js
Requested by
Host: st-n.ads3-adnow.com
URL: https://st-n.ads3-adnow.com/js/adv_out.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
ae723359f13e5593e4c492c99a8d4751a3349efc137fb3ea701a991c4867b242

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5JHzk1Ls1p7gEpHtA%2BPRYwWGfRUR6wPkPyjjaV9RQZjP0NTxRxlQ2DG6SYGqAojBPL2lwy7pl1t3NdR%2FxZKulfJ92lR1HChuwm2Y7ArWhvZm5hzQWeknAt3zDPRXQw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fa903092f0fabc4-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25608&min_rtt=25445&rtt_var=4303&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4179&recv_bytes=4363&delivery_rate=545&cwnd=12000&unsent_bytes=0&cid=267f95a45ab93543&ts=143&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 08:48:39 GMT
content-type
text/javascript; charset=UTF-8
x-powered-by
PHP/5.4.16
server
cloudflare
priority
u=3,i=?0
kopi-beracun.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmH9gbPCvwM-8yrwqaqu_Uo7Y5_3XA-t8bGMx3kMzIcg1Kuf771lXkNJ4w_ncg0JkkHE4wrSxQ4K8Gj5fFY1cnBNHvuIUjudhVztFXmtew-s09X4xzfV9sJluaj4FJ_VqUy1jRz6JOMA4/w200... 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmH9gbPCvwM-8yrwqaqu_Uo7Y5_3XA-t8bGMx3kMzIcg1Kuf771lXkNJ4w_ncg0JkkHE4wrSxQ4K8Gj5fFY1cnBNHvuIUjudhVztFXmtew-s09X4xzfV9sJluaj4FJ_VqUy1jRz6JOMA4/w200-h150-c/kopi-beracun.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
fife /
Resource Hash
b3ef40f7aa6ee835522e9c6cc3e2f1e3dfe6d5421688d74a7a0eab14f2beaa6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v275f"
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 08:48:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14427
date
Tue, 31 Dec 2024 08:48:40 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="kopi-beracun.jpg"
default.jpg
i.ytimg.com/vi/xL2HIuJR43A/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/xL2HIuJR43A/default.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::77 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c114ad2336a99e25260ebae2370abecc5f866ecb73f4dd4992429eb90fe324e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

etag
"1402560188"
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 10:48:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 08:48:40 GMT
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
2670
x-xss-protection
0
server
sffe
ggg.jpg
2.bp.blogspot.com/-oimaeIhpxEU/V7q-XhkRwqI/AAAAAAAAiB8/g0259SpVccwLM6DuO6BgcoXjiYo3YyB8ACLcB/w200-h150-c/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-oimaeIhpxEU/V7q-XhkRwqI/AAAAAAAAiB8/g0259SpVccwLM6DuO6BgcoXjiYo3YyB8ACLcB/w200-h150-c/ggg.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5765a14f88795484b8ea100bffe33189fc8a32739ca005233635f35bb54f6038
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

timing-allow-origin
*
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1058
date
Tue, 31 Dec 2024 08:48:39 GMT
x-xss-protection
0
content-type
image/png
server
fife
default.jpg
i.ytimg.com/vi/hByC3IJXK50/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/hByC3IJXK50/default.jpg
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::77 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b19255719598e7edf357034c535480e75f6cea1439f6829a8f570e89ac86743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

etag
"0"
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 10:48:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 08:48:40 GMT
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
4640
x-xss-protection
0
server
sffe
classic.js
widgets.amung.us/ 		0
0
js15.js
s10.histats.com/ 		0
0
900
cdn.mobicow.com/deliver/p/5360/3782/1/over/ 		0
0
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/3.1.1/font/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/3.1.1/font/fontawesome-webfont.woff?v=3.1.0
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/3.1.1/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e58b78b5844a988d67532b4683a6e8b3235b3d56d319727e65f460805bbdec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://beritahebat2.blogspot.com
Referer
https://netdna.bootstrapcdn.com/font-awesome/3.1.1/css/font-awesome.min.css

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"9434b081ed2d237abfe96e832592ef15"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 31 Dec 2024 08:48:39 GMT
content-type
font/woff
last-modified
Mon, 25 Jan 2021 22:04:51 GMT
cdn-cachedat
06/15/2024 19:40:31
cdn-cache
HIT
cdn-requestpullcode
200
priority
u=0,i=?0
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
75b6b9720ab305f8b5b7d20d3c0b2d76
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8fa90309389daba5-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
34420
cdn-edgestorageid
1029
server
cloudflare
cdn-requestcountrycode
US
stat.js
a11ybar.com/ 		771 B
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a11ybar.com/stat.js
Requested by
Host: a11ybar.com
URL: https://a11ybar.com/ok6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
dfe4146c226afab7a30c7dfa36827f2572a708f1fc96c8fa9247910c5005088c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIhWZQLSTN1VP5YdoiyuIoMc5K1Qp9vlkS8dWh050xqu4wHA2fj493lhaoodVhumE%2FYUxZijiUYjLQSB9Gf9tENb%2Bkebz%2FWy37CLYvR4UGTvNLJOwVSJppNZ9IKkAg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fa9030a0f71abc4-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25984&min_rtt=25445&rtt_var=3979&sent=15&recv=11&lost=0&retrans=0&sent_bytes=5042&recv_bytes=4632&delivery_rate=29318&cwnd=12000&unsent_bytes=0&cid=267f95a45ab93543&ts=308&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 08:48:40 GMT
content-type
application/javascript
x-powered-by
PHP/5.4.16
server
cloudflare
priority
u=3,i=?0
/
korfo.org/vu/ca/ Frame 1837
Redirect Chain
  • https://nethcdn.com/stat
  • https://korfo.org/vu/ca/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://korfo.org/vu/ca/
Requested by
Host: a11ybar.com
URL: https://a11ybar.com/stat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://beritahebat2.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Dec 2024 08:48:41 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8fa9030b8f3b711d-YYZ
content-type
text/html; charset=UTF-8
date
Tue, 31 Dec 2024 08:48:40 GMT
location
https://korfo.org/vu/ca/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cw0sYAHGUxFUjkGgj%2BXvLZFG2hVu%2BjgdywOcfbb5HvNTZncSaA876MLEQiSYdQlh9k5FSZWoGFFoqHwHz%2Fh9w2vbH%2BRSr6WBnpxZf2W692er1h8pLlF%2FmULKXxj%2B2A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
a
powered-by-revidy.com/ Frame 422A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://powered-by-revidy.com/a
Requested by
Host: a11ybar.com
URL: https://a11ybar.com/stat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://beritahebat2.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Dec 2024 08:48:40 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
/
korfo.org/vu/ca/ Frame FE60
Redirect Chain
  • https://nethcdn.com/stat
  • https://korfo.org/vu/ca/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://korfo.org/vu/ca/
Requested by
Host: a11ybar.com
URL: https://a11ybar.com/stat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://beritahebat2.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Dec 2024 08:48:41 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8fa9030d1f3d711d-YYZ
content-type
text/html; charset=UTF-8
date
Tue, 31 Dec 2024 08:48:40 GMT
location
https://korfo.org/vu/ca/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dD8XAYB%2BzMpHEbg%2B6Js%2BQvqnPFZa6ipYLvf1CIBrrlV8z7aABI5OcGL%2BW9lx6l8RVAUYOpXT7YpWQzCNxT%2ByRee4wUUwyFVATFWsh%2BD3sgWxMX1W%2B5E5tYl7d4ATXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
a
powered-by-revidy.com/ Frame 8815 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://powered-by-revidy.com/a
Requested by
Host: a11ybar.com
URL: https://a11ybar.com/stat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://beritahebat2.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Dec 2024 08:48:40 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
summary
beritahebat2.blogspot.com/feeds/posts/ 		378 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beritahebat2.blogspot.com/feeds/posts/summary?alt=json-in-script&callback=showpageCount&max-results=99999
Requested by
Host: beritahebat2.blogspot.com
URL: https://beritahebat2.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
a7bc411bb3dd1bc93a64f2e307272f6ea591a8378cfcad664a7a26ae45b58590
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

cache-control
public, must-revalidate, proxy-revalidate, max-age=1
content-encoding
gzip
etag
W/"906cb96c26ec1420fe8897ceacb502b4427c7455b7f43af98f356656824c4f27"
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 08:48:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50365
date
Tue, 31 Dec 2024 08:48:40 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 14:55:31 GMT
server
blogger-renderd
x-frame-options
SAMEORIGIN
a
n.ads1-adnow.com/ 		139 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://n.ads1-adnow.com/a?Id=374889&uid=ssp-4d75494e-222d-8cce-2a00-2a00-e19894d290&sync=0&ajax=0&domain=n.ads1-adnow.com&unq=1&show_num=1&click_num=0&cookies=1&_c=e30%3D&RNum=9058&docurl_=aHV2c3c_NTZqbnx0woBudnRycsKGRUJ3woLChn_CjMKKworCkEvCgcKOwo1Q&client_info=eyJ3aW4iOnsidyI6MTYwMCwiaCI6MTIwMH0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1DQSIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsInRpbWVab25lIjotOCwiZGF0ZSI6IjIwMjQtMTItMzFUMDg6NDg6NDAuMjQ4WiIsImhvdXIiOjAsIndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsInBsdWdpbnMiOlsiUERGIFZpZXdlciIsIkNocm9tZSBQREYgVmlld2VyIiwiQ2hyb21pdW0gUERGIFZpZXdlciIsIk1pY3Jvc29mdCBFZGdlIFBERiBWaWV3ZXIiLCJXZWJLaXQgYnVpbHQtaW4gUERGIl0sImZsYXNoVmVyc2lvbiI6ZmFsc2UsImNvbm5lY3Rpb25UeXBlIjoidW5kZWYifX0%3D&doc_inf=eyJ0aXRsZSI6IkJlcml0YSUyMEhlYmF0ISIsImRlc2NyaXB0aW9uIjoiIiwiY2hhclNldCI6IlVURi04In0%3D&set=e30%3D&ver=8&bln=0&bver=5&loc=https%3A%2F%2Fberitahebat2.blogspot.com%2F
Requested by
Host: st-n.ads1-adnow.com
URL: https://st-n.ads1-adnow.com/js/adv_out.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
31.172.81.226 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
01ef34f1e3479631cf2e56b01e9516de8cc23276dab37829f05c70675e9d5313

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

access-control-allow-origin
*
content-encoding
gzip
date
Tue, 31 Dec 2024 08:48:40 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx/1.10.3
a
n.ads3-adnow.com/ 		300 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://n.ads3-adnow.com/a?Id=374879&uid=ssp-4d75494e-222d-8cce-2a00-2a00-e19894d290&sync=0&ajax=0&domain=n.ads3-adnow.com&unq=1&show_num=1&click_num=0&cookies=1&_c=e30%3D&RNum=3232&docurl_=aHV2c3c_NTZqbnx0woBudnRycsKGRUJ3woLChn_CjMKKworCkEvCgcKOwo1Q&client_info=eyJ3aW4iOnsidyI6MTYwMCwiaCI6MTIwMH0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1DQSIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsInRpbWVab25lIjotOCwiZGF0ZSI6IjIwMjQtMTItMzFUMDg6NDg6NDAuMjQ5WiIsImhvdXIiOjAsIndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsInBsdWdpbnMiOlsiUERGIFZpZXdlciIsIkNocm9tZSBQREYgVmlld2VyIiwiQ2hyb21pdW0gUERGIFZpZXdlciIsIk1pY3Jvc29mdCBFZGdlIFBERiBWaWV3ZXIiLCJXZWJLaXQgYnVpbHQtaW4gUERGIl0sImZsYXNoVmVyc2lvbiI6ZmFsc2UsImNvbm5lY3Rpb25UeXBlIjoidW5kZWYifX0%3D&doc_inf=eyJ0aXRsZSI6IkJlcml0YSUyMEhlYmF0ISIsImRlc2NyaXB0aW9uIjoiIiwiY2hhclNldCI6IlVURi04In0%3D&set=e30%3D&ver=8&bln=1&bver=5&loc=https%3A%2F%2Fberitahebat2.blogspot.com%2F
Requested by
Host: st-n.ads1-adnow.com
URL: https://st-n.ads1-adnow.com/js/adv_out.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
da5075f0faf668a23e97a93a4fd30d91c087c5075b82ab061a2a57e8593cee94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Date
Tue, 31 Dec 2024 08:48:40 GMT
Content-Type
application/javascript; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
a
n.ads3-adnow.com/ 		300 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://n.ads3-adnow.com/a?Id=374873&uid=ssp-4d75494e-222d-8cce-2a00-2a00-e19894d290&sync=0&ajax=0&domain=n.ads3-adnow.com&unq=1&show_num=1&click_num=0&cookies=1&_c=e30%3D&RNum=3705&docurl_=aHV2c3c_NTZqbnx0woBudnRycsKGRUJ3woLChn_CjMKKworCkEvCgcKOwo1Q&client_info=eyJ3aW4iOnsidyI6MTYwMCwiaCI6MTIwMH0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1DQSIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsInRpbWVab25lIjotOCwiZGF0ZSI6IjIwMjQtMTItMzFUMDg6NDg6NDAuMjUwWiIsImhvdXIiOjAsIndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsInBsdWdpbnMiOlsiUERGIFZpZXdlciIsIkNocm9tZSBQREYgVmlld2VyIiwiQ2hyb21pdW0gUERGIFZpZXdlciIsIk1pY3Jvc29mdCBFZGdlIFBERiBWaWV3ZXIiLCJXZWJLaXQgYnVpbHQtaW4gUERGIl0sImZsYXNoVmVyc2lvbiI6ZmFsc2UsImNvbm5lY3Rpb25UeXBlIjoidW5kZWYifX0%3D&doc_inf=eyJ0aXRsZSI6IkJlcml0YSUyMEhlYmF0ISIsImRlc2NyaXB0aW9uIjoiIiwiY2hhclNldCI6IlVURi04In0%3D&set=e30%3D&ver=8&bln=2&bver=5&loc=https%3A%2F%2Fberitahebat2.blogspot.com%2F
Requested by
Host: st-n.ads1-adnow.com
URL: https://st-n.ads1-adnow.com/js/adv_out.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
da5075f0faf668a23e97a93a4fd30d91c087c5075b82ab061a2a57e8593cee94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://beritahebat2.blogspot.com/

Response headers

Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Date
Tue, 31 Dec 2024 08:48:40 GMT
Content-Type
application/javascript; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
/
korfo.org/vu/ca/ Frame 927A
Redirect Chain
  • https://nethcdn.com/stat
  • https://korfo.org/vu/ca/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://korfo.org/vu/ca/
Requested by
Host: a11ybar.com
URL: https://a11ybar.com/stat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://beritahebat2.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Dec 2024 08:48:41 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8fa9030f9f3e711d-YYZ
content-type
text/html; charset=UTF-8
date
Tue, 31 Dec 2024 08:48:41 GMT
location
https://korfo.org/vu/ca/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C0J6gwUCaYyfiBYmaLndBq2Cbn5hYcvMqVPI0egqd2YM2PS5XTfoFunmzo4IuwLgzxMWt825o5jxpWejkQdf%2FKJVk1ylYcuo6%2FhHtA3RCmG51iHILr3Oel27YreTaw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
a
powered-by-revidy.com/ Frame FF6F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://powered-by-revidy.com/a
Requested by
Host: a11ybar.com
URL: https://a11ybar.com/stat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://beritahebat2.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Dec 2024 08:48:40 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
/
korfo.org/vu/ca/ Frame 9953
Redirect Chain
  • https://nethcdn.com/stat
  • https://korfo.org/vu/ca/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://korfo.org/vu/ca/
Requested by
Host: a11ybar.com
URL: https://a11ybar.com/stat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://beritahebat2.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Dec 2024 08:48:41 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8fa903112f3f711d-YYZ
content-type
text/html; charset=UTF-8
date
Tue, 31 Dec 2024 08:48:41 GMT
location
https://korfo.org/vu/ca/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2Bs7uczOHG6SCX4B6odeyJksXDGrGFyzErbg26I3nherW1dR0LjD6tTyMDrvRa5HmkMGEk9%2BxOVVnD2zlH2oOneuINKyRgbZ6lbMPDldfqNFc0id84BLwWUdVvfx3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
a
powered-by-revidy.com/ Frame 5542 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://powered-by-revidy.com/a
Requested by
Host: a11ybar.com
URL: https://a11ybar.com/stat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://beritahebat2.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Dec 2024 08:48:41 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lh3.googleusercontent.com
URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uBenkGOxiUldwvVh60W8g-t3lPS9s6v15SZvGJ-rNLjvVrhqa7p8D7xG-JJrgXtZJJWyOPHG4XAkNuuhkgI0sNG9IKsX-VQzlR71wdhy472jQhlsVfkAHtpfN6oxzAR8sWGu4MIEmfAIBlfg=s0-d
Domain
lh3.googleusercontent.com
URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uHqABFKh-QOgBx_C2LV8Y0QY-FBDrEfaVF9L0bKiJb7nRdfKFXrN62_ztgbW9Jg9blCcVoAhdz3rzVEndmVEVo09UbfHWeO07ePTnX585QHMjQml9hRTk=s0-d
Domain
lh3.googleusercontent.com
URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_smVQB-B9OLV6hZPQDwVUNvPWaeLwQYFtCyvVgrkV52oCdc8wcGbiPGjP51n6H1VbTHr6GiHDV2b8fTp1_gSf8AjNOecpK5LlEQy5Jj6Fh-yriA41_VJZyHtYQ_Jpz5u_mmCalZ1rmdiXGiqAWZnwDWp1cmyNEQDGk_66-c2ZvlAbY8FZxbM45LA2s=s0-d
Domain
widgets.amung.us
URL
http://widgets.amung.us/classic.js
Domain
s10.histats.com
URL
http://s10.histats.com/js15.js
Domain
cdn.mobicow.com
URL
http://cdn.mobicow.com/deliver/p/5360/3782/1/over/900

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| jstiming function| tickAboveFold function| $ function| jQuery number| numposts boolean| showpostthumbnails boolean| showpostdate object| _0x9301 function| rcentbytag object| _0xc865 function| menuakram object| _0x5096 function| ct_akram function| setAttributeOnload object| gapi object| ___jsl object| jQuery18301372453339145825 object| sc_adv_out object| _F_toggles object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| j string| image_tag object| _wau object| mc_s1 object| _mcpv object| MCs_1 boolean| google_empty_script_included object| js object| ifrm object| $jscomp object| SC_STAT_CONTAINER object| SC_CODE_REGISTRY object| _sc_cached_scripts object| sc_adv_ids object| SC_TBlock_Collection function| SC_ContainerElement function| SC_loadPartnerScripts object| SC_AdvOutBuilder number| pageCount number| displayPageNum string| upPageWord string| downPageWord function| showpageCount function| showpageCount2 string| home_page_url string| thisUrl string| home_page string| __sc_int_uid number| __sc_int_uid_loadind_time string| timestamp

115 Cookies

Domain/Path Name / Value
www.interactivebrokers.com/aces/PlatformFeatures Name: JSESSIONID
Value: A7DAE31DA61813909BFF688B58401254.ny5www5
sc-static.net/scevent.min.js Name: X-AB
Value: 40d9ebe90b3b49959b010f40e839335f
.beritahebat2.blogspot.com/ Name: SC_unique_374889
Value: 1
.beritahebat2.blogspot.com/ Name: SC_unique_374879
Value: 1
.beritahebat2.blogspot.com/ Name: SC_unique_374873
Value: 1
beritahebat2.blogspot.com/ Name: SC_showNum_374889
Value: 1
beritahebat2.blogspot.com/ Name: SC_sevenDay_Expires_374889
Value: 1736239720354
beritahebat2.blogspot.com/ Name: SC_showNum_374879
Value: 1
beritahebat2.blogspot.com/ Name: SC_sevenDay_Expires_374879
Value: 1736239720356
beritahebat2.blogspot.com/ Name: SC_showNum_374873
Value: 1
beritahebat2.blogspot.com/ Name: SC_sevenDay_Expires_374873
Value: 1736239720358
.udemy.com/ Name: __cf_bm
Value: e4vLrMp9eTTMm4wRAGqE7aFLAqb8uKtT8m3da4khtEo-1735634921-1.0.1.1-f4ngUBEB423p_SB_KIDdqO4_UT_iLG_F81sg6NS.UwbVY3kRh9ixOCDJ5LYSFesM70q8_uh_FfPt8Qtf8rsvhg
.aweber.com/ Name: __cf_bm
Value: AUbyNUJsuFSyeVGnnNw0ct1Sjoz1TpwdpJJjSWlHc.U-1735634921-1.0.1.1-21UhzDbNNhtmfmByzwlJXBDB4sRtGzrJ.YaFuJM2NzjzJPokfDxbistZTecoHxdO8NHrDGrcN0lBO74jCxibJw
.jotform.com/ Name: userReferer
Value: https%3A%2F%2Fkorfo.org%2F
.jotform.com/ Name: guest
Value: guest_08caad3fe7a00fa8
.jotform.com/ Name: JOTFORM_SESSION
Value: 8c71ec6c-41b1-104a-edfd-7260a18c
.bongacams.com/ Name: __cf_bm
Value: Grjs0QveQehmQyTVaykQDK7vaWhVnZi11HTsdkV2WVk-1735634921-1.0.1.1-07UbA5yqtXmWtRIIrX4wp7I.jPvJmPWuRONTil8jJiIAxdsFcINVyM.tV1Q2GPa2YuTBdNgtshclrJV0yDEEbEFQi8_D3ztQsyIYyHRgEAw
.myheritage.com/ Name: visid_incap_292987
Value: c2QG2JDtTZiDqPFaRV8FQumvc2cAAAAAQUIPAAAAAAACmP4zVLzwu/AJyu5/+SqU
.myheritage.com/ Name: incap_ses_274_292987
Value: vSDHSi9gYDBDbLBOvXHNA+mvc2cAAAAAAWEVyb8RDdd0D+nUoy0Jfg==
.agoda.com/ Name: agoda.user.03
Value: UserId=9ca33199-29f4-4cdd-857f-e9253d09859b
.kobo.com/ Name: __cf_bm
Value: wzv4xB8wz6RXEJdbzKlBbPAsu2L7t8NQQJ8h8jyk4n4-1735634922-1.0.1.1-OV7KLaPhRjEv7BFQFf9jX.9H10MQsfkCT5gZa5v063asGvYpJDh.huEW6mNHv0Dv_tQuspoPpL_HckAvogbT8Q
.iherb.com/ Name: ihr-ea-time
Value: 1735634922088
.iherb.com/ Name: ihr-ea
Value: PerformanceHorizon-1011lA7aZv9b
.iherb.com/ Name: __cf_bm
Value: 9Y1YZ6rkfpfNExohr9w_SfD4oH.IwgiL.VIc5Y3aAtQ-1735634922-1.0.1.1-GgvZmQMSNWosbfxXEza3xGT3JgdwOF2jzV_7KQC50mufUJHkg_PKckjhY7j7RdLMSr7BJxB7w.fRySS222Z8c0vcUwim7FR8remY9PPNoXc
.iherb.com/ Name: _cfuvid
Value: nYF9AyrEGpiXnybe2A0b_PagNUICrFXpSuEiLMbf6FU-1735634922123-0.0.1.1-604800000
.ancestry.ca/ Name: __cf_bm
Value: BYpDPikOHtIoPlAC2XaejOTVPrT6QIom0NP_YT0Punk-1735634922-1.0.1.1-eQ9xVJGJZ02TGB2LCD8mPVTaXUdEWBzAzdpLuUuj9qSUzDDeDkpZi5QKT4HB3CKrrs1lijO9ZHHj3rmbC6nEHA
.ancestry.ca/ Name: _cfuvid
Value: gOlvCo_zkSN3Boi7zQcN7UWsSxnhQtOdcx6srQZtF9k-1735634922181-0.0.1.1-604800000
.squarespace.com/ Name: notice_behavior
Value: none
.iherb.com/ Name: ih-cf-cache
Value: plp=1
.iherb.com/ Name: ih-preference
Value: store=0&country=CA&language=en-US&currency=CAD&wh=EPA
.stripchat.com/ Name: __cf_bm
Value: q8k73adSt5JPWGLRKK0qa6vKj8OWpII7Gtw0tbz0nF4-1735634922-1.0.1.1-lytGQ7eNFJ2S31ylXV4VCk0dKqAVzocZwSRS62VeZDi8xYt2Up70gaKN9N9ndzngXEx3y5f8IO6p4KevMsc5pxQWERl3z6hG4MQcWpYAwwc
.stripchat.com/ Name: _cfuvid
Value: 2nRIGoDh142tcPHu3WRj6XgxBMH2i.8MxPVRNzJbpg8-1735634922289-0.0.1.1-604800000
.viagogo.com/ Name: d
Value: mwDXvAOZ3QG0W73JNldHQanZ9lNPREmb3aLFRw2
.viagogo.com/ Name: s
Value: f18OlB2VEUyS6zZ3cEoPKSZCwe13Kd0I0
www.viagogo.com/ Name: akacd_rls
Value: 1735656522~rv=50~id=7c38ebeaa45b10b74b816dc02957b373
www.sephora.com/ Name: akavpau_akaau
Value: 1735635522~id=45981c02812075c327e9ea5b81d441e5
.chaturbate.com/ Name: __cf_bm
Value: zRRPt5aPT2Ingn7SB15pLkGEbii9m3iKqC4dArGkbKc-1735634922-1.0.1.1-ZgsF1VPex7XsK0_xactapMLm2cKbl1lYkxmRE02T7t.YTmkbfqlHXLaDxU8oYYRtlERZe.utusvK_ljwemgAAA
.adsrvr.org/ Name: TDID
Value: cf6b90fd-01ba-4fb6-8aab-f9d7ab942b69
.tiktok.com/ Name: _ttp
Value: 2qyVhelmebnvQ614tImBd6ajxO2
.vrbo.com/ Name: linfo
Value: v.4,|0|0|255|1|0||||||||4105|0|0||0|0|0|-1|-1
.vrbo.com/ Name: CRQSS
Value: e|3
.vrbo.com/ Name: CRQS
Value: t|9002`s|9002003`l|en_CA`c|CAD
.vrbo.com/ Name: currency
Value: CAD
.vrbo.com/ Name: iEAPID
Value: 3
.vrbo.com/ Name: tpid
Value: v.1,9002
.vrbo.com/ Name: cesc
Value: %7B%22aff%22%3A%5B%22AFF.VRBO-CA.DIRECT.PHG.1101l367971%22%2C1735634922539%5D%2C%22lpe%22%3A%5B%22fd6b03aa-49a7-4d03-9ec2-54e57b7f80ac%22%2C1735634922540%5D%2C%22marketingClick%22%3A%5B%22true%22%2C1735634922539%5D%2C%22lmc%22%3A%5B%22AFF.VRBO-CA.DIRECT.PHG.1101L367971%22%2C1735634922540%5D%2C%22hitNumber%22%3A%5B%221%22%2C1735634922539%5D%2C%22amc%22%3A%5B%22AFF.VRBO-CA.DIRECT.PHG.1101L367971%22%2C1735634922540%5D%2C%22visitNumber%22%3A%5B%221%22%2C1735634922539%5D%2C%22ape%22%3A%5B%22fd6b03aa-49a7-4d03-9ec2-54e57b7f80ac%22%2C1735634922540%5D%2C%22cidVisit%22%3A%5B%22AFF.VRBO-CA.DIRECT.PHG.1101l367971%22%2C1735634922540%5D%2C%22entryPage%22%3A%5B%22Homepage%22%2C1735634922539%5D%2C%22cid%22%3A%5B%22AFF.VRBO-CA.DIRECT.PHG.1101l367971%22%2C1735634922540%5D%7D
.vrbo.com/ Name: HMS
Value: 7bd7a6ca-5a23-3b42-8b0c-4498ceb6d8ff
.vrbo.com/ Name: hav
Value: 0dbbc451-5b0b-66b0-e172-594b40be4213
.vrbo.com/ Name: MC1
Value: GUID=0dbbc4515b0b66b0e172594b40be4213
.vrbo.com/ Name: DUAID
Value: 0dbbc451-5b0b-66b0-e172-594b40be4213
.vrbo.com/ Name: CRAS
Value: VRBO-CA.DIRECT.PHG.1101l367971
www.vrbo.com/ Name: ha-device-id
Value: 0dbbc451-5b0b-66b0-e172-594b40be4213
www.vrbo.com/ Name: hav
Value: 0dbbc451-5b0b-66b0-e172-594b40be4213
www.vrbo.com/ Name: has
Value: 0f4afea0-1f90-5bea-0194-d50c2d7cbcb4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.getyourguide.com/ Name: __cf_bm
Value: 2YCvonq8LAiQpI7do5ll.Jo2Ijt6Z_CTsMqnvLLubQ0-1735634922-1.0.1.1-DoxIqmk9I6T.xIMfiznhmRSp_1Zl7zBS2hvWmnocAefuRpEE8_2kfNHraegQSa3KHVLBZNXJmKp5MB_2gY2P_g
.bing.com/ Name: MUID
Value: 21E1AF9AB7F36923338ABAFCB6C86895
.bat.bing.com/ Name: MR
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A90fH4LLoUfcoiGkoyO_uqI
.iherb.com/ Name: iher-pref1
Value: storeid=0&sccode=CA&lan=en-US&scurcode=CAD&pc=SDNB&zct=1735634922434
squarespace.syuh.net/ Name: AWSALBCORS
Value: syjHvgznkIk2jIukVaXOG035F1bgQ3wAX8wm7H8U8Mh7te1GOofioiUsSlNQYWe4fxZ4Ifa3PA4lsedDYw90i2QW3qx7zzMpI8WHOd7Vc1I7L4MB6Q1B0dfehXrr
.syuh.net/ Name: brwsr
Value: e4ef0cc3-c74f-11ef-9133-9179c04f9171
.trkn.us/ Name: barometric[cuid]
Value: cuid_6773afea-172b-4341-97bf-72cdc997398f
.squarespace.com/ Name: tfpsi
Value: 9cc127e4-23a1-4448-9854-049f14516ff5
.pinterest.com/ Name: ar_debug
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&e3a703ed-71a1-488c-8a1a-5a6339f6b881"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzU2MzQ5MjI7MjswMjEr5VR492yN2ICzavIhvhGEuN46iAELnb73JU68X0++bQ==
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3437:u=1:x=1:i=1735634922:t=1735721322:v=2:sig=AQGE4TmWSx8R1UeH0_QmuZ1T3tZ_CybR"
.rubiconproject.com/ Name: audit_p
Value: 1|UIogPhCf5XYTV0AcIonw/Y8X2cAmVQj8sjPqIFOSPcw3Sds8s51NzzDYSxFt8mPQx16yYOnVOBmM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLtd1bHNQmMnSM2ystICYemEP5PAMjzrhl46JIsHb5fAxaPawCL6o2GkIEGeddyuSgNbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.rubiconproject.com/ Name: khaos
Value: M5C87XKR-7-KTT5
.rubiconproject.com/ Name: khaos_p
Value: M5C87XKR-7-KTT5
.rubiconproject.com/ Name: audit
Value: 1|UIogPhCf5XYTV0AcIonw/Y8X2cAmVQj8sjPqIFOSPcw3Sds8s51NzzDYSxFt8mPQx16yYOnVOBmM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLtd1bHNQmMnSM2ystICYemEP5PAMjzrhl46JIsHb5fAxaPawCL6o2GkIEGeddyuSgNbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.twitter.com/ Name: personalization_id
Value: "v1_Jry2kqNrfvx9dACfIy17FA=="
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZ6ZUtQVWkrRURTR3BWNlBLTWNMUFVUWWNoc3pUM2dQL2NoMkp1aTJVYVUxcE8yM0J1T0t6TWVBVStINHdEdUFoaFpXdjJiMzIxQzFkS04vcU1jN3FWMmVpekN5aHZrM2JVQzNFemczdnpWTT0mUnVGTGxidVFEZElKSmJETlpqd3h3SW9sN1hJPQ=="
.stubhub.com/ Name: d
Value: v3g_vQOZ3QH0XFUEJ6qrQb6LVHx6op9PHfhPPw2
.stubhub.com/ Name: s
Value: KYcEOFA_rUW-2UEKf7w8gL_4KO53Kd0I0
www.stubhub.com/ Name: akacd_rls
Value: 1735656523~rv=40~id=8f7b0c61a90952c3cc8bd1101cf0a76d
cm.teads.tv/ Name: ar_debug
Value: 1
www.boohoo.com/ Name: dwac_901934c2df27fe61a1e3d786c2
Value: Aazf1XE1Ab9rvC34PCW_EI7eg2kFBJ2b6h0%3D|dw-only|||GBP|false|Europe%2FLondon|true
www.boohoo.com/ Name: cqcid
Value: abrHZdVcgM1sSaH6oSCC2RPKbZ
www.boohoo.com/ Name: cquid
Value: ||
www.boohoo.com/ Name: sid
Value: Aazf1XE1Ab9rvC34PCW_EI7eg2kFBJ2b6h0
www.boohoo.com/ Name: dwanonymous_3c96516478c33a12ebf223e921102926
Value: abrHZdVcgM1sSaH6oSCC2RPKbZ
.www.boohoo.com/ Name: countryBannerStatus
Value: open
.boohoo.com/ Name: trkAWIN
Value: 2319_1735634462_db92bb9047333af8dccb5e426c693000
www.boohoo.com/ Name: __cq_dnt
Value: 1
www.boohoo.com/ Name: dw_dnt
Value: 1
www.boohoo.com/ Name: dwsid
Value: OnQi9FsaSCWQlpgyRh8j2bUGfkgvK9QBETeI_zk4PzLQ12jrms2oASsU5-yTjX6enBbhMR6cNG3rg-Db0nXRog==
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkxV_2SynYUrVjTzsBX6j00wvHcgsXHGG62SWuuoyikXjnU7dLbN0NbyUDpidk
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwRHAIAgEwIqYAY+DkG4yUaqweL/ua79Y6JyUxXbxqJJ6mgL91aJmUnub62sJBrwG9lU9v7lMk0AAAAA=
.alibaba.com/ Name: cookie2
Value: a8ee8d155255e08f32496ce3eee7d7ee
.alibaba.com/ Name: icbu_s_tag
Value: 0_2_11
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCNrbl-O-4NQ9EAUSFQoGZ29vZ2xlEgsIqI6I7b7g1D0QBRIXCghhcHBuZXh1cxILCL7074eFrsk9EAUSFQoGY2FzYWxlEgsIvLmI7b7g1D0QBRgFIAMoATILCNSympDV4NQ9EAVCDyINCAESCQoFdGllcjMQAVoHd3J3NXlvMGABcgZjYXNhbGU.
.expedia.ca/ Name: linfo
Value: v.4,|0|0|255|1|0||||||||4105|0|0||0|0|0|-1|-1
.expedia.ca/ Name: CRQSS
Value: e|0
.expedia.ca/ Name: CRQS
Value: t|4`s|4`l|en_CA`c|CAD
.expedia.ca/ Name: currency
Value: CAD
.expedia.ca/ Name: iEAPID
Value: 0
.expedia.ca/ Name: tpid
Value: v.1,4
.expedia.ca/ Name: cesc
Value: %7B%22aff%22%3A%5B%22AFF.CA.DIRECT.PHG.10l10401.0.1011lA7aYHLA%22%2C1735634923596%5D%2C%22lpe%22%3A%5B%22df8ae422-1fb8-45c9-9fd7-33301d78b505%22%2C1735634923596%5D%2C%22marketingClick%22%3A%5B%22true%22%2C1735634923596%5D%2C%22lmc%22%3A%5B%22AFF.CA.DIRECT.PHG.10L10401.0%22%2C1735634923596%5D%2C%22hitNumber%22%3A%5B%221%22%2C1735634923596%5D%2C%22amc%22%3A%5B%22AFF.CA.DIRECT.PHG.10L10401.0%22%2C1735634923596%5D%2C%22visitNumber%22%3A%5B%221%22%2C1735634923596%5D%2C%22ape%22%3A%5B%22df8ae422-1fb8-45c9-9fd7-33301d78b505%22%2C1735634923596%5D%2C%22cidVisit%22%3A%5B%22AFF.CA.DIRECT.PHG.10l10401.0%22%2C1735634923596%5D%2C%22entryPage%22%3A%5B%22Homepage%22%2C1735634923596%5D%2C%22cid%22%3A%5B%22AFF.CA.DIRECT.PHG.10l10401.0%22%2C1735634923596%5D%7D
.expedia.ca/ Name: HMS
Value: f447d74f-564e-3f36-8eb9-1b933343d40e
.expedia.ca/ Name: MC1
Value: GUID=37e66bd224bc406e9565ee202f973492
.expedia.ca/ Name: DUAID
Value: 37e66bd2-24bc-406e-9565-ee202f973492
.expedia.ca/ Name: CRAS
Value: CA.DIRECT.PHG.10l10401.0
.t.co/ Name: muc_ads
Value: be84365c-a7b6-4512-90a5-6d2a83ef54c8
.t.co/ Name: __cf_bm
Value: lTtEkuQGN1ZX2R6uYqNRmd.zoQou38s809gH37jtWO8-1735634923-1.0.1.1-N833cdMHpyI77h483Abo_zPljxdHhq1yImje5mNc8Alzeie7Kt3.jQ0ikZP802TvIk2AprHOlGgFSF2qETes6w
.casalemedia.com/ Name: CMID
Value: Z3Ov69HM57EAAGCOCne48wAA
.casalemedia.com/ Name: CMPS
Value: 5696
.casalemedia.com/ Name: CMPRO
Value: 5696
.tapad.com/ Name: TapAd_TS
Value: 1735634923821
.tapad.com/ Name: TapAd_DID
Value: 10385f82-47eb-497f-9063-63063b932437
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.fragrancenet.com/ Name: __cf_bm
Value: x_BamCYcPmUzgPHcyTPO0VkNqR5KC9.bwHte703YKrY-1735634924-1.0.1.1-t6ZEQpswi2.0F2owHEYGCcblDYe3gj5QCqAqViL1Yt3GdHIfjOT4dhqk1bdyX27_Ii4kxSPQm4.DYDlVbhRR.A
.fiverr.com/ Name: _cfuvid
Value: c1JiFfeTFseraSSYLbhivV7wNc0XxOFZ1NaLV3IeNBo-1735634924215-0.0.1.1-604800000

9 Console Messages

Source Level URL
Text
network error URL: https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vOc1PJm1Cd8YvJe30GWHkUYkJgi5meKK8QCCCk_VgT7IH2iavO85Dv5cJJ2aqniCYN0QPlLEXxQK950A-zU3xMO6fpM8fvS7h8hLuwbIgBM3scf_8=s0-d
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://4.bp.blogspot.com/-ZiyP6shjHNw/T5LnlBVj4WI/AAAAAAAALwU/e5LnG-9gIm4/s72-c/1df6.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://1.bp.blogspot.com/-B0ez_chinHA/VOptaO1flTI/AAAAAAAAPbw/inwDMos5Lq4/s72-c/kantoi%2Bzina.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://beritahebat2.blogspot.com/(Line 934)
Message:
Mixed Content: The page at 'https://beritahebat2.blogspot.com/' was loaded over HTTPS, but requested an insecure script 'http://widgets.amung.us/classic.js'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://beritahebat2.blogspot.com/(Line 1521)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://beritahebat2.blogspot.com/(Line 1521)
Message:
Mixed Content: The page at 'https://beritahebat2.blogspot.com/' was loaded over HTTPS, but requested an insecure script 'http://s10.histats.com/js15.js'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://beritahebat2.blogspot.com/(Line 1521)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://beritahebat2.blogspot.com/(Line 1555)
Message:
Mixed Content: The page at 'https://beritahebat2.blogspot.com/' was loaded over HTTPS, but requested an insecure script 'http://cdn.mobicow.com/deliver/p/5360/3782/1/over/900'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://2.bp.blogspot.com/-oimaeIhpxEU/V7q-XhkRwqI/AAAAAAAAiB8/g0259SpVccwLM6DuO6BgcoXjiYo3YyB8ACLcB/w200-h150-c/ggg.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
4.bp.blogspot.com
a11ybar.com
ajax.googleapis.com
apis.google.com
beritahebat2.blogspot.com
blogger.googleusercontent.com
cdn.mobicow.com
go.padsdel.com
go.padstm.com
i.ytimg.com
korfo.org
lh3.googleusercontent.com
n.ads1-adnow.com
n.ads3-adnow.com
netdna.bootstrapcdn.com
nethcdn.com
pagead2.googlesyndication.com
powered-by-revidy.com
s10.histats.com
st-n.ads1-adnow.com
st-n.ads3-adnow.com
themes.googleusercontent.com
widgets.amung.us
www.beritahebat2.blogspot.com
www.blogger.com
cdn.mobicow.com
lh3.googleusercontent.com
s10.histats.com
widgets.amung.us
104.18.10.207
104.21.64.1
139.45.197.105
139.45.197.116
142.132.202.70
142.251.16.132
142.251.163.154
172.253.115.191
172.67.136.238
2607:f8b0:4004:c06::bf
2607:f8b0:4004:c09::84
2607:f8b0:4004:c0b::77
2607:f8b0:4004:c0b::84
2607:f8b0:4004:c17::84
2607:f8b0:4004:c17::8b
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1d::84
2a03:90c0:9996::9996
31.172.81.226
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01ef34f1e3479631cf2e56b01e9516de8cc23276dab37829f05c70675e9d5313
0c6fc246d4c0958b6038ab7aea4b96848d3eb8fa534a238c6dbfd92eb644d409
0d205e3611c526c7d6f6c936609ebe4a3979f8226f1ae2861629333cf078aa8c
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
1d1d8a15f4c31771e53ce8f6a3aa93ac018fbe959cad281693fe8d530bba08f0
4b017f657019d269d0fe288b7f4076c8a4e61182769d712646f0e1fb7b67a496
4e58b78b5844a988d67532b4683a6e8b3235b3d56d319727e65f460805bbdec4
55365f8bea71c89a83ae62ffba57db443e78e60ac4bd976911c4851c0090f70b
5765a14f88795484b8ea100bffe33189fc8a32739ca005233635f35bb54f6038
57eb79ec23f95554cfee51062e26a0e62c8b095b030bf7aa4068894370e1052e
60e56d2423dfececc836f65dcebcd9986a3c791b88acbd23791dff64e417ed1e
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6a0a6797ea34236cfd5bef993fdeeee494cedbd1a4cb42e0e587f8eae0a86ba8
7beb4caf690bf0c0780806ea9b3082d4f0b2f60a4439dabfbc2256b7287af676
7d1ce7035000d38d825e3ee7cf8d8eb6971561154ff5d48fc3896523074a8601
8d5c0e86a83b2cefe4c9f32319b97e94493cfade395a89abc12fc18ccef8c5ad
903085fa3fa8967d67e737bc260967c3c159c044d0eb57b25de21dee34ee4421
92d2e1dfae7eed4958892a3d75bbfcc2b900588ca4aa115d3b15e850c3d315f4
95a3e12c0a5555d7d9a7a686c0edc44ce244e4a8bd779fddeb794ee1491d651d
9b19255719598e7edf357034c535480e75f6cea1439f6829a8f570e89ac86743
a057e0c74a6ffa4a289512d05beb6998e6be8b91be2d056568ebf0c317c11a6c
a404c31e886f9d2519468423a3e1e91067f9d644a886ee4e9b40e517336f3641
a7a784075cc54293ce4db8865c53e5ad327f92696fb673382246498249e18eac
a7bc411bb3dd1bc93a64f2e307272f6ea591a8378cfcad664a7a26ae45b58590
aa9f6ca9d9946bb5759792c734c3603cb3a2a0e81c585b55ac6c83459959dbd8
ae723359f13e5593e4c492c99a8d4751a3349efc137fb3ea701a991c4867b242
b3ef40f7aa6ee835522e9c6cc3e2f1e3dfe6d5421688d74a7a0eab14f2beaa6f
c114ad2336a99e25260ebae2370abecc5f866ecb73f4dd4992429eb90fe324e3
c30d2ea34d3cc4336906459a5b805db6ef997ab3967d06130683348445c76bf4
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d76535ab07df1120bfada6d12d72c8c1f46cbe4bc32d4c84d3c26af0656a8da5
da5075f0faf668a23e97a93a4fd30d91c087c5075b82ab061a2a57e8593cee94
dfe4146c226afab7a30c7dfa36827f2572a708f1fc96c8fa9247910c5005088c
fa911ea3f5090e2e5180919244e8070280fa7d03451c250357ea9a656ca73339