berkelahi.biz.id Open in urlscan Pro
2606:4700:3036::6815:41a5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://berkelahi.biz.id/
Effective URL:
https://berkelahi.biz.id/
Submission: On December 11 via api (December 11th 2024, 2:47:11 pm UTC) from US — Scanned from FI

Summary HTTP 30 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 7 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3036::6815:41a5, located in United States and belongs to CLOUDFLARENET, US. The main domain is berkelahi.biz.id.
TLS certificate: Issued by WE1 on December 9th 2024. Valid for: 3 months.

This is the only time berkelahi.biz.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3036::6815:41a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
3	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1	172.67.164.238 172.67.164.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
7	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
30	11

7 2606:4700:3036::6815:41a5 (United States)

ASN13335 (CLOUDFLARENET, US)

berkelahi.biz.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.164.238 (United States)

ASN13335 (CLOUDFLARENET, US)

berkelahi.biz.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 www.google.com — Cisco Umbrella Rank: 3	74 KB
8	berkelahi.biz.id berkelahi.biz.id	58 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	275 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
1	gstatic.com fonts.gstatic.com	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
30	7

	Domain	Requested by
10	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	berkelahi.biz.id	berkelahi.biz.id
3	pagead2.googlesyndication.com	berkelahi.biz.id pagead2.googlesyndication.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	berkelahi.biz.id
30	9

This site contains links to these domains. Also see Links.

Domain
wordpress.org
www.idtheme.com

Subject Issuer	Validity	Valid
berkelahi.biz.id WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
adtrafficquality.google WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://berkelahi.biz.id/
Frame ID: 67D418B0A6462A9D013A162CE27F1A18
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241209/r20190131/zrt_lookup_fy2021.html
Frame ID: 35AED6759688013FD32D35D1A7394181
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5452674778464587&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733928427&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_r&format=0x0&url=https%3A%2F%2Fberkelahi.biz.id%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aifgd=1&aipaq=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733928427231&bpp=4&bdt=280&idt=229&shv=r20241209&mjsv=m202412040102&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2994678187174&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089324%2C31089330%2C31089337%2C95347445%2C95335247%2C95345967&oid=2&pvsid=2570255717622267&tmod=1607636848&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=713
Frame ID: 668A9C37762FB43FEBFC43F7DBDCA6FB
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: C0C19AAA4C6F8624FC8CBD7C5C02E08D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 99EE0DB57604F658160D249533C448EA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

berkelahi.biz.id -

Page URL History Show full URLs

http://berkelahi.biz.id/ HTTP 307
https://berkelahi.biz.id/ HTTP 307
http://berkelahi.biz.id/ HTTP 307
https://berkelahi.biz.id/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

30
Requests

97 %
HTTPS

40 %
IPv6

7
Domains

9
Subdomains

11
IPs

2
Countries

466 kB
Transfer

1378 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: https://www.idtheme.com/superfast/
Title: Theme: Superfast

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://berkelahi.biz.id/ HTTP 307
https://berkelahi.biz.id/ HTTP 307
http://berkelahi.biz.id/ HTTP 307
https://berkelahi.biz.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
berkelahi.biz.id/
Redirect Chain

http://berkelahi.biz.id/
https://berkelahi.biz.id/
http://berkelahi.biz.id/
https://berkelahi.biz.id/

52 KB
9 KB

885ms
885ms

Document
text/html

2606:4700:3036::6815:41a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berkelahi.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:41a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c18c4b0fddd15ae74189e491b9c5abdcb140dfdb81dd3f717d64739ca349b195

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f0644970d8da88a-RIX
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Wed, 11 Dec 2024 14:47:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOJHn7dTxGBeJXrlbmH1c4HxN3Evz%2Fpp6raycPppLxNmJ%2Fo15CEOogMT0O7%2BmxVsIUJpRF4mwP2Oi159%2FjVIu3hYKf%2BS8JGgwamdE%2FBzB1Uoi%2FjBc%2Fcd3sjxsT4londVM3EyGxeGsg%2B3rw9v7kTs"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=41373&min_rtt=41304&rtt_var=6570&sent=9&recv=13&lost=0&retrans=0&sent_bytes=3992&recv_bytes=2436&delivery_rate=97702&cwnd=253&unsent_bytes=0&cid=cafd9847875482ea&ts=3765&x=0"
vary: Accept-Encoding,Cookie

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://berkelahi.biz.id/
Non-Authoritative-Reason: DNS

GET
H2 200 style.min.css
berkelahi.biz.id/wp-includes/css/dist/block-library/ 112 KB
15 KB 799ms
798ms Stylesheet
text/css 2606:4700:3036::6815:41a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berkelahi.biz.id/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by: Host: berkelahi.biz.id
URL: https://berkelahi.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:41a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1c012-626cecdda05c0-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y6MClCa7jbvotLinWyqGOwmOmZIHINZqhLrFkUfcHpJIZN5mxsYVBMHq3gqRvL7OARONFR6cL5INYmEOJTdElOnGnlIwSd%2Fx4GfyEzfWNg9GILhg45JbXrvV1EhCKLZFGPEnf6gdd9Bx1fzPoI2V"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=43389&min_rtt=41304&rtt_var=2550&sent=64&recv=39&lost=0&retrans=0&sent_bytes=46811&recv_bytes=3173&delivery_rate=516612&cwnd=257&unsent_bytes=0&cid=cafd9847875482ea&ts=4572&x=0"
date: Wed, 11 Dec 2024 14:47:07 GMT
content-type: text/css
last-modified: Wed, 13 Nov 2024 17:38:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f06449c99a5a88a-RIX
accept-ranges: bytes
content-length: 15177
server: cloudflare

GET
H2 200 idblog-core.css
berkelahi.biz.id/wp-content/plugins/idblog-core/css/ 7 KB
2 KB 618ms
617ms Stylesheet
text/css 2606:4700:3036::6815:41a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berkelahi.biz.id/wp-content/plugins/idblog-core/css/idblog-core.css?ver=1.0.0
Requested by: Host: berkelahi.biz.id
URL: https://berkelahi.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:41a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83387259b3692c11920095e84a5eed0886d67203991f7d8115cfe0dd1723773

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1a7a-6242be4dac480-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ebWAJcCpUEkQ082ep%2FOPhe2h6enWx%2BMu5Q7pCQ3vXYZ5pDA3%2BpJ1Zq9uUE%2BmWm%2BFNPRFy8fSfN%2BxgXFaBoRGAlbjj0tN1e5x%2BtnlsJY3pAkBkTCfQuEjSlITsuZZWb5JvyrraQ8aMBFGjJDqnv7w"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=41376&min_rtt=41304&rtt_var=1593&sent=42&recv=26&lost=0&retrans=0&sent_bytes=28634&recv_bytes=3173&delivery_rate=324842&cwnd=257&unsent_bytes=0&cid=cafd9847875482ea&ts=4391&x=0"
date: Wed, 11 Dec 2024 14:47:07 GMT
content-type: text/css
last-modified: Fri, 11 Oct 2024 04:26:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f06449c99a7a88a-RIX
accept-ranges: bytes
content-length: 1841
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 231ms
80ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&display=swap&ver=2.1.4

Requested by

Host: berkelahi.biz.id
URL: https://berkelahi.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75a77f6b865331b69c574ef5833fdd1551164ece0eb19e0a1a625602e8f503a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 14:47:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 14:47:07 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 11 Dec 2024 14:47:07 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 style.css
berkelahi.biz.id/wp-content/themes/superfast/ 45 KB
10 KB 796ms
795ms Stylesheet
text/css 2606:4700:3036::6815:41a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berkelahi.biz.id/wp-content/themes/superfast/style.css?ver=2.1.4
Requested by: Host: berkelahi.biz.id
URL: https://berkelahi.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:41a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f32bc64a945ac8fa0df4a0d6c09d6859fd3f4f82e243d6475394539c6bd462

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "b2a8-6242be0faf240-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9YXJtzPFPXXAdiS9jMqxMZzezvNPNMccTTkjhWF6DAqQvnlH2g%2BFn29wJkTClCx2gCoCfleZQ0nPDblLZabIZ4opVhv7alizVFefLcGe9KE%2F5j1gSu3382F6ZOubH1EFFHaH5fB5oitIc8jCDF9"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=43389&min_rtt=41304&rtt_var=2550&sent=53&recv=39&lost=0&retrans=0&sent_bytes=36278&recv_bytes=3173&delivery_rate=516612&cwnd=257&unsent_bytes=0&cid=cafd9847875482ea&ts=4570&x=0"
date: Wed, 11 Dec 2024 14:47:07 GMT
content-type: text/css
last-modified: Fri, 11 Oct 2024 04:25:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f06449c99a8a88a-RIX
accept-ranges: bytes
content-length: 9803
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 195ms
77ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5452674778464587

Requested by

Host: berkelahi.biz.id
URL: https://berkelahi.biz.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

358e4217f74a03384849796c4e878db10e0521aff0b2eebed5cd35b200cad9bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://berkelahi.biz.id
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: br
etag: 5468418077776197654
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 14:47:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 11 Dec 2024 14:47:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53406
x-xss-protection: 0
server: cafe

GET
H2 200 berkelahi.png
berkelahi.biz.id/wp-content/uploads/2024/11/ 6 KB
7 KB 597ms
596ms Image
image/png 2606:4700:3036::6815:41a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://berkelahi.biz.id/wp-content/uploads/2024/11/berkelahi.png
Requested by: Host: berkelahi.biz.id
URL: https://berkelahi.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:41a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc64f094c917bdef660c5f9843f1d8d0a0067fd8d54150fe25f908a089cac338

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "18e0-62750be218a40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0EkBYP2RPTw4X4xrf5mlFa%2FTdsUcoU8ByifmerxPXn24wkx1%2F%2FHZCVJIoYbZ0xByvfge%2By4ckQI2mUAPlbYi2XNs6YCRyFAKQ5OCyZbKsrdOZH9dW3eJoa8ybX%2F1RvgJt50vv0Ba6J37zoKHyw0n"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f06449c99aaa88a-RIX
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=41376&min_rtt=41304&rtt_var=1593&sent=35&recv=26&lost=0&retrans=0&sent_bytes=21624&recv_bytes=3173&delivery_rate=324842&cwnd=257&unsent_bytes=0&cid=cafd9847875482ea&ts=4369&x=0"
content-length: 6368
date: Wed, 11 Dec 2024 14:47:07 GMT
content-type: image/png
last-modified: Wed, 20 Nov 2024 04:40:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 1099139-200x135.jpg
berkelahi.biz.id/wp-content/uploads/2024/10/ 7 KB
8 KB 595ms
595ms Image
image/jpeg 2606:4700:3036::6815:41a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://berkelahi.biz.id/wp-content/uploads/2024/10/1099139-200x135.jpg
Requested by: Host: berkelahi.biz.id
URL: https://berkelahi.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:41a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90089ad0f13acc86299dab4cd5f34f73320f92b59650912041bff0c6e1911b7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "1c43-6242be73d1e80"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5Udp8REwBaBWru%2F6i82iABi92yFpcbFnTcxX%2B9wBcd2%2BEeqSc%2FXTOxJd8MabV8pqq%2FEXzq%2BpARCMXRtFbECq6%2BEPVjNm5VUp789W%2Bp7SRM5%2Fbt3m%2F6u1UP43qkI%2F2dbuXuTHnNvrPzllwnXAtTf"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f06449c99aba88a-RIX
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=41376&min_rtt=41304&rtt_var=1593&sent=27&recv=26&lost=0&retrans=0&sent_bytes=13657&recv_bytes=3173&delivery_rate=324842&cwnd=257&unsent_bytes=0&cid=cafd9847875482ea&ts=4369&x=0"
content-length: 7235
date: Wed, 11 Dec 2024 14:47:07 GMT
content-type: image/jpeg
last-modified: Fri, 11 Oct 2024 04:27:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 customscript.js Show response
berkelahi.biz.id/wp-content/themes/superfast/js/ 14 KB
5 KB 612ms
611ms Script
application/javascript 2606:4700:3036::6815:41a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berkelahi.biz.id/wp-content/themes/superfast/js/customscript.js?ver=2.1.4
Requested by: Host: berkelahi.biz.id
URL: https://berkelahi.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:41a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfa6d59d57e3b6ae87dfa5ce893036f4255a2b9d9dcc56898b41ee1091a2ca97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "36ac-6242be0faf240-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fv60uFPg32bEdJZb7n7YYcWSeCWbWadSsHL8LuuYnXjMvGGdA%2BJrhFiAyVTVLP6krTKdfR88l0sL7AjPWVYer3L5JcxLBuNXsbGt3%2Bc5bGpoMeHCkwOblln7jyR8GiTYfk4dfo3lztJLES2FlQJo"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=41376&min_rtt=41304&rtt_var=1593&sent=46&recv=26&lost=0&retrans=0&sent_bytes=31063&recv_bytes=3173&delivery_rate=324842&cwnd=257&unsent_bytes=0&cid=cafd9847875482ea&ts=4394&x=0"
date: Wed, 11 Dec 2024 14:47:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 11 Oct 2024 04:25:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f06449ca9b1a88a-RIX
accept-ranges: bytes
content-length: 4574
server: cloudflare

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/ 434 KB
144 KB 96ms
96ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5452674778464587&plah=berkelahi.biz.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5452674778464587

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

7726e0e8160486bb90b8eff0962f686486ceb6858c3072e24b8adf2e31b2d0a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: br
etag: 10727873494716057859
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 14:47:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 11 Dec 2024 14:47:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147646
x-xss-protection: 0
server: cafe

GET
H3 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
38 KB 147ms
70ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&display=swap&ver=2.1.4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://berkelahi.biz.id
Referer: https://fonts.googleapis.com/

Response headers

age: 106849
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 09:06:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:06:18 GMT
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39124
x-xss-protection: 0
server: sffe

GET
H2 200 ca-pub-5452674778464587 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 298ms
102ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5452674778464587?href=https%3A%2F%2Fberkelahi.biz.id&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5452674778464587&plah=berkelahi.biz.id

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f807447149691bffbba2a265799102c2f963c4a3049340f2abbb98dcbce6b34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J_NDXrapNI0w3WPCAkHC_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 14:47:07 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1pBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxAL8XC8Pv1sF5vAgTMPHzMpaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGVjqGRjHFxgBAAlYS5Y"
content-security-policy: script-src 'report-sample' 'nonce-J_NDXrapNI0w3WPCAkHC_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241209/r20190131/ Frame 35AE 0
0 176ms
59ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241209/r20190131/zrt_lookup_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berkelahi.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 63955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 21:01:13 GMT
etag: 17661348622971093804
expires: Tue, 24 Dec 2024 21:01:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUo3cp1R-BD91gmlcgq0t5SZzuEAZHvlZECDE-zo1OtdHH44Y1eYf2yWozM3FEJM593AZuL2_SDWVEJUcGnc942SJCbpvu36eHMtS268It8bOqSp9a7OsWTbBlao1iGNVtV6DWxsw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 100ms
100ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUo3cp1R-BD91gmlcgq0t5SZzuEAZHvlZECDE-zo1OtdHH44Y1eYf2yWozM3FEJM593AZuL2_SDWVEJUcGnc942SJCbpvu36eHMtS268It8bOqSp9a7OsWTbBlao1iGNVtV6DWxsw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzOTI4NDI3LDk0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9iZXJrZWxhaGkuYml6LmlkLyIsbnVsbCxbWzgsIi1BdVBLN3lmbnA0Il0sWzksImZpIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fi.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMzC7uZXxlTc4tOWph4se1ykkPePJQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44fe3a1a58f40c664947487f9538ec6ebfccbe55b2ac9d43aec4ad05570bfb59

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F9eMeLDVCSH8GwIjuuxM8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 14:47:08 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAtxc7w5_WwXm8CH44eYlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMjQws9QyM4wuMAFTFRaA"
content-security-policy: script-src 'report-sample' 'nonce-F9eMeLDVCSH8GwIjuuxM8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 668A 0
0 174ms
111ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5452674778464587&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733928427&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_r&format=0x0&url=https%3A%2F%2Fberkelahi.biz.id%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aifgd=1&aipaq=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733928427231&bpp=4&bdt=280&idt=229&shv=r20241209&mjsv=m202412040102&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2994678187174&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089324%2C31089330%2C31089337%2C95347445%2C95335247%2C95345967&oid=2&pvsid=2570255717622267&tmod=1607636848&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=713

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berkelahi.biz.id/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Dec 2024 14:47:08 GMT
expires: Wed, 11 Dec 2024 14:47:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXLpMfGAFDFS6um6VJQHBImvInzQsSvb5QWo64fTQQKKHZQRRm6Q6npXI8E1UllxOkxCGg_enY5SfMpXBTRCm9FlLqw8yo5xXtrWSKtF2t_l_jCkrlgfialBpLAA6G6iupVH7LmPw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 104ms
104ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXLpMfGAFDFS6um6VJQHBImvInzQsSvb5QWo64fTQQKKHZQRRm6Q6npXI8E1UllxOkxCGg_enY5SfMpXBTRCm9FlLqw8yo5xXtrWSKtF2t_l_jCkrlgfialBpLAA6G6iupVH7LmPw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzOTI4NDI4LDQ2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZmkiXSwiaHR0cHM6Ly9iZXJrZWxhaGkuYml6LmlkLyIsbnVsbCxbWzgsIi1BdVBLN3lmbnA0Il0sWzksImZpIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a14760b489aace94639b7c5c4e12c724f726bdd5c4424d11c32c6d52b4ccf54

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jKMejdSKFaTEm_97TYNasw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 14:47:08 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAtxc7w5_WwXm8CMp-3mShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGRgaWegbG8QVGAEoZRWE"
content-security-policy: script-src 'report-sample' 'nonce-jKMejdSKFaTEm_97TYNasw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 147ms
78ms XHR
application/json 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241209&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

0698dc80c109bb75ffa67dfcc44394f744c63d9fc8ea832ed45f93c0bb7bf2f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13091
date: Wed, 11 Dec 2024 14:47:08 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 cropped-berkelahi-32x32.png
berkelahi.biz.id/wp-content/uploads/2024/11/ 1 KB
2 KB 595ms
595ms Other
image/png 172.67.164.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berkelahi.biz.id/wp-content/uploads/2024/11/cropped-berkelahi-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cca4d72cae32fd0af432fb37f40bfc1f4a66f320fb2cbad17e689742287643c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

cf-cache-status: MISS
etag: "435-62750beaade80"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QBf%2Br5sWMOFJgBSlooy7cK6fSFEDRb8wI3r1a27Txeo3wnCqhhr9MWoSbYc3zebu41SAMsAOO16BDQf82vzpSA%2F%2BSgcKCo2lxHad%2BZ7hBKwN0MvSQCviNQ%2BtyUCOsqgzYree"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47065&min_rtt=46367&rtt_var=7772&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4241&recv_bytes=4479&delivery_rate=388&cwnd=12000&unsent_bytes=0&cid=eed9573c66565edb&ts=1765&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 14:47:08 GMT
content-type: image/png
last-modified: Wed, 20 Nov 2024 04:40:10 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0644a43c9cb61a-WAW
accept-ranges: bytes
content-length: 1077
server: cloudflare

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 249ms
92ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 14:47:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 14:47:08 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame C0C1 0
0 220ms
72ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berkelahi.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Dec 2024 14:33:41 GMT
expires: Wed, 11 Dec 2024 15:23:41 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 99EE 0
0 194ms
72ms Document
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UcbOpLMbQFebLSPFRwm5sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berkelahi.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UcbOpLMbQFebLSPFRwm5sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Dec 2024 14:47:08 GMT
expires: Wed, 11 Dec 2024 14:47:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 160-600- Show response
fundingchoicesmessages.google.com/f/AGSKWxW53Z0EwGrKw7XE-AkzP9hwCgE0BkF0vxdkvbyPP0WiAxpDdsGQzyrGhYOuWy9nYWpwL9gIw4to9CIDBNOs8QGsGlX9UfWXlfv98YbBgmYLzJ4e03LJFABGSyzN0C3QfpGIY1eJjf-JTYIAcnMUudEqxl1zq... 54 B
109 B 71ms
70ms Script
application/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW53Z0EwGrKw7XE-AkzP9hwCgE0BkF0vxdkvbyPP0WiAxpDdsGQzyrGhYOuWy9nYWpwL9gIw4to9CIDBNOs8QGsGlX9UfWXlfv98YbBgmYLzJ4e03LJFABGSyzN0C3QfpGIY1eJjf-JTYIAcnMUudEqxl1zqGv2ZaEAus5dz26ZFful9Tnf6--1X0F7/_-ads-rotator/.az/adv//jgc-adblocker-/160x400-/160-600-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fi.-AuPK7yfnp4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzLWsQD-0G6FGMbRyw1si159fqShw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

851b94c7ce32f190bf1e5d9e9abebf9591c9616a113cb0877b7ee43d036e116e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XuIzXKSWlMgjS_Pxgxj-lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 14:47:08 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcLw5_WwXm8CDv9N-MSlpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZWOoZGMcXGAEAt2BGlg"
content-security-policy: script-src 'report-sample' 'nonce-XuIzXKSWlMgjS_Pxgxj-lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 251 KB
79 KB 61ms
61ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

835e707f64234ee6a7611d8e1d30412a922ef4a63319ab281f31bba89758c96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: br
etag: 14857376891828490462
age: 905
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 15:32:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 11 Dec 2024 14:32:03 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 80832
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxV3MMZ1Vafw5tY5pXdkSM_5mMe5sb4yGeruXSOM3d0ak72zb1yvm8nw2RNcU0Lz2FIkirSieGjpN_lUouni85aMB-2QF4uc_5jhCLuhHRnA5ckBSxqzO0FoQzrVw3UuzFEPDfZ9rw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 140ms
75ms XHR
text/html 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3MMZ1Vafw5tY5pXdkSM_5mMe5sb4yGeruXSOM3d0ak72zb1yvm8nw2RNcU0Lz2FIkirSieGjpN_lUouni85aMB-2QF4uc_5jhCLuhHRnA5ckBSxqzO0FoQzrVw3UuzFEPDfZ9rw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KIAcPtGNwnE7zp7p46TbPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://berkelahi.biz.id/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 14:47:08 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiIfjzelnu9gENrzcP4tZySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhlY6BmYxxcYAAAqVit_"
content-security-policy: script-src 'report-sample' 'nonce-KIAcPtGNwnE7zp7p46TbPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://berkelahi.biz.id
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3MMZ1Vafw5tY5pXdkSM_5mMe5sb4yGeruXSOM3d0ak72zb1yvm8nw2RNcU0Lz2FIkirSieGjpN_lUouni85aMB-2QF4uc_5jhCLuhHRnA5ckBSxqzO0FoQzrVw3UuzFEPDfZ9rw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GIjkvSnV_mRkNn0LZUFYug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://berkelahi.biz.id/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 14:47:08 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiIfjzelnu9gELszumsOs5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQws9AzM4wsMAAuNKxc"
content-security-policy: script-src 'report-sample' 'nonce-GIjkvSnV_mRkNn0LZUFYug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://berkelahi.biz.id
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3MMZ1Vafw5tY5pXdkSM_5mMe5sb4yGeruXSOM3d0ak72zb1yvm8nw2RNcU0Lz2FIkirSieGjpN_lUouni85aMB-2QF4uc_5jhCLuhHRnA5ckBSxqzO0FoQzrVw3UuzFEPDfZ9rw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cCr6uUomQuJVh05zQHTw4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://berkelahi.biz.id/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 14:47:08 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiIfjzelnu9gEDmxqW8Cs5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQws9AzM4wsMABK_Kyo"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cCr6uUomQuJVh05zQHTw4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://berkelahi.biz.id
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3MMZ1Vafw5tY5pXdkSM_5mMe5sb4yGeruXSOM3d0ak72zb1yvm8nw2RNcU0Lz2FIkirSieGjpN_lUouni85aMB-2QF4uc_5jhCLuhHRnA5ckBSxqzO0FoQzrVw3UuzFEPDfZ9rw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-By4VjUWQJdRMI0L9PAwblQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://berkelahi.biz.id/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 14:47:08 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiIfjzelnu9gEPmz_P59ZySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhlY6BmYxxcYAABA-ivP"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-By4VjUWQJdRMI0L9PAwblQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://berkelahi.biz.id
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxV2Vxas-SqOJzswK_qnVrIGTiWUPGrf5aJwhszxc9Z02hALqiLlZl2kALONzxmFZLF1CLKNjNK7v-DAhDACRW3wUicTVorURR-trTLIagjsNx3XIEZcA5nZksvJOZ9upEEChZIeKg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 80ms
80ms Script
application/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV2Vxas-SqOJzswK_qnVrIGTiWUPGrf5aJwhszxc9Z02hALqiLlZl2kALONzxmFZLF1CLKNjNK7v-DAhDACRW3wUicTVorURR-trTLIagjsNx3XIEZcA5nZksvJOZ9upEEChZIeKg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzOTI4NDI4LDgzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZmkiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9iZXJrZWxhaGkuYml6LmlkLyIsbnVsbCxbWzgsIi1BdVBLN3lmbnA0Il0sWzksImZpIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

c513485041f766795f26cd65d18a5d4505d4008f9d1ebc596b2a1e95c6874213

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EEoSM3etk091gBkV7jSjIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://berkelahi.biz.id/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 14:47:08 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcLw5_WwXm8CM9tdLmZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MLPUMjOMLjACZ8EXg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EEoSM3etk091gBkV7jSjIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3MMZ1Vafw5tY5pXdkSM_5mMe5sb4yGeruXSOM3d0ak72zb1yvm8nw2RNcU0Lz2FIkirSieGjpN_lUouni85aMB-2QF4uc_5jhCLuhHRnA5ckBSxqzO0FoQzrVw3UuzFEPDfZ9rw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1MVFQgCRss6RBBZX5hySxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://berkelahi.biz.id/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 14:47:08 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiIfjzelnu9gETiybc4JZySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhlY6BmYxxcYAAAhZStg"
content-security-policy: script-src 'report-sample' 'nonce-1MVFQgCRss6RBBZX5hySxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://berkelahi.biz.id
content-length: 0
x-xss-protection: 0
server: ESF

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241209&jk=2570255717622267&bg=!mpmlmdbNAAbFeMsx5Xg7ADQBe5WfONtttNUFkX9vuiibMA4xk3TDEqnOV32fFxn7KX1raAF3eJCNoYk2lUeiSafBm0EWAgAAACFSAAAAAmgBB34ANia3Ra3-q9r8_DkiuCdBD4zFHwLRTQ7oeWk-OHt3Ow-OuSZk9Soa4rntbyx67n5mJ17jK3Evx5kCk_dI4YCb8AisSpPAK1njb7Wf5RxvsGOgJ4uauUmsYfTCwS17vKIBndwF3DrBVuD2YJPMu7VZGTROAdcMkze_dPJxMJca_Y5kYT2QmAjx0LdIcicnvHlWU-ECI5mAOIG4fpHgYMZ7i0cierbtPQf4gZM6dxyot4dcF1_NOs-CWVMJz_loDpOp8HYtdG02wqdAZFohnkaod3PPEFn-_fLAThgd8vhFeXnvYnBVZJCbithyBz7bba0NFlEr1d99SHMpg7Kem2yOfAcSCsIIpAfntIG3g3wYDKcNxebQylAxzLaXkCXIb85OGjq75P9VKbtRcIuQdaGP4NDwUhRZQTwiCJVptbapgIpIUcQBoM3dQn5NrDUG-G0tmjRi2-Gfvf3ckglVrujd77x-A4HENpccC0Z-l7D_KhE2mt4ntkKhBBSKbGWG10OsKyN07mkXuyDyyLvcafenMUSdZsTwyUBZlUj4YuHmaI0Ybx2okgO87iq2VF8qNY1VbpJCrPCHB79vVdzMBzvk-govl2LUalH6UVvTiaYgu3MajkbMW6BrCqtSq5Wy1X_XfxTAEbMTyjuMAXBJQr1VsYQAYh4Y8Bzy_PaiEEHrtZjGfa6Xf8GTPVaosAWQ0xXaipyrpiRikSRPl2Nbwn4rb0YMnKhZCJSx8hvBNz1v44xOokverV7oj09dOveqzlJlAlnkX0ERmTGVWigYmRolJiAab_hbfPgA6hShdJYWRsemMD0y_Rw8WKxG0h8bjLLne-8EDDMkWNiiA4mjRDpSixB5IN9yaWOMcP9KOzuLIpq6t4CcqDUEi_2N7Xu_7wABt8t1KT8wftdic0rHjuksbXCU_EF_mYCmNDxve0CNID9_DqDJVEE9xFsFpPJe

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-21 01:38:49	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

berkelahi.biz.id
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.google.com
ep1.adtrafficquality.google
142.250.185.68
142.250.186.131
142.250.74.206
172.67.164.238
216.58.206.34
216.58.206.66
2606:4700:3036::6815:41a5
2a00:1450:4001:803::200e
2a00:1450:4001:809::200a
2a00:1450:4001:82a::2001
0698dc80c109bb75ffa67dfcc44394f744c63d9fc8ea832ed45f93c0bb7bf2f8
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
2f807447149691bffbba2a265799102c2f963c4a3049340f2abbb98dcbce6b34
358e4217f74a03384849796c4e878db10e0521aff0b2eebed5cd35b200cad9bc
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3cca4d72cae32fd0af432fb37f40bfc1f4a66f320fb2cbad17e689742287643c
44fe3a1a58f40c664947487f9538ec6ebfccbe55b2ac9d43aec4ad05570bfb59
6a14760b489aace94639b7c5c4e12c724f726bdd5c4424d11c32c6d52b4ccf54
75a77f6b865331b69c574ef5833fdd1551164ece0eb19e0a1a625602e8f503a9
75f32bc64a945ac8fa0df4a0d6c09d6859fd3f4f82e243d6475394539c6bd462
7726e0e8160486bb90b8eff0962f686486ceb6858c3072e24b8adf2e31b2d0a4
835e707f64234ee6a7611d8e1d30412a922ef4a63319ab281f31bba89758c96c
851b94c7ce32f190bf1e5d9e9abebf9591c9616a113cb0877b7ee43d036e116e
90089ad0f13acc86299dab4cd5f34f73320f92b59650912041bff0c6e1911b7d
a83387259b3692c11920095e84a5eed0886d67203991f7d8115cfe0dd1723773
c18c4b0fddd15ae74189e491b9c5abdcb140dfdb81dd3f717d64739ca349b195
c513485041f766795f26cd65d18a5d4505d4008f9d1ebc596b2a1e95c6874213
dfa6d59d57e3b6ae87dfa5ce893036f4255a2b9d9dcc56898b41ee1091a2ca97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc64f094c917bdef660c5f9843f1d8d0a0067fd8d54150fe25f908a089cac338
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

berkelahi.biz.id Open in urlscan Pro 2606:4700:3036::6815:41a5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

40 %IPv6

7 Domains

9 Subdomains

11 IPs

2 Countries

466 kBTransfer

1378 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

berkelahi.biz.id Open in urlscan Pro
2606:4700:3036::6815:41a5 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

40 %
IPv6

7
Domains

9
Subdomains

11
IPs

2
Countries

466 kB
Transfer

1378 kB
Size

1
Cookies

30 HTTP transactions
0 data transactions