her3.idalamatekspedisi.com Open in urlscan Pro
185.250.38.105  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response her3.idalamatekspedisi.com/	77 KB 12 KB	876ms 590ms	Document text/html	185.250.38.105 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://her3.idalamatekspedisi.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.250.38.105 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi2215058.contaboserver.net Software nginx / Resource Hash 87da19ed9ad9e7f5999d79968a3d8605de236e44bbc06bc9c41d740b6dd1a8ba Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 19 Dec 2024 08:52:01 GMT expires Thu, 19 Nov 1981 08:52:00 GMT link <https://her3.idalamatekspedisi.com/wp-json/>; rel="https://api.w.org/" pragma no-cache server nginx vary Accept-Encoding x-ua-compatible IE=edge
GET H2	200	style.min.css her3.idalamatekspedisi.com/wp-includes/css/dist/block-library/	112 KB 15 KB	131ms 129ms	Stylesheet text/css	185.250.38.105 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://her3.idalamatekspedisi.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1 Requested by Host: her3.idalamatekspedisi.com URL: https://her3.idalamatekspedisi.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.250.38.105 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi2215058.contaboserver.net Software nginx / Resource Hash 3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers cache-control max-age=2592000 content-encoding gzip etag W/"67639b18-1c012" expires Sat, 18 Jan 2025 08:52:01 GMT date Thu, 19 Dec 2024 08:52:01 GMT content-type text/css last-modified Thu, 19 Dec 2024 04:03:36 GMT server nginx vary Accept-Encoding
GET H2	200	main.min.css her3.idalamatekspedisi.com/wp-content/themes/generatepress/assets/css/	19 KB 5 KB	256ms 255ms	Stylesheet text/css	185.250.38.105 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://her3.idalamatekspedisi.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.5.1 Requested by Host: her3.idalamatekspedisi.com URL: https://her3.idalamatekspedisi.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.250.38.105 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi2215058.contaboserver.net Software nginx / Resource Hash c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers cache-control max-age=2592000 content-encoding gzip etag W/"67639ceb-4c38" expires Sat, 18 Jan 2025 08:52:01 GMT date Thu, 19 Dec 2024 08:52:01 GMT content-type text/css last-modified Thu, 19 Dec 2024 04:11:23 GMT server nginx vary Accept-Encoding
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	156 KB 52 KB	29ms 17ms	Script text/javascript	74.125.130.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6118204621239317 Requested by Host: her3.idalamatekspedisi.com URL: https://her3.idalamatekspedisi.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.130.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f155.1e100.net Software cafe / Resource Hash a334f3a6673b88abbee346737214a49d614ad74ea531232de77aaef5ae069c0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://her3.idalamatekspedisi.com Referer https://her3.idalamatekspedisi.com/ Response headers content-encoding br etag 2534837390377041867 x-content-type-options nosniff expires Thu, 19 Dec 2024 08:52:01 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Thu, 19 Dec 2024 08:52:01 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 53313 x-xss-protection 0 server cafe
GET H2	200	menu.min.js Show response her3.idalamatekspedisi.com/wp-content/themes/generatepress/assets/js/	7 KB 2 KB	295ms 295ms	Script application/javascript	185.250.38.105 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://her3.idalamatekspedisi.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1 Requested by Host: her3.idalamatekspedisi.com URL: https://her3.idalamatekspedisi.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.250.38.105 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi2215058.contaboserver.net Software nginx / Resource Hash 5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers cache-control max-age=2592000 content-encoding gzip etag W/"67639ceb-1ca5" expires Sat, 18 Jan 2025 08:52:01 GMT date Thu, 19 Dec 2024 08:52:01 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 19 Dec 2024 04:11:23 GMT server nginx vary Accept-Encoding
GET		7bba898f-4249-4afa-8457-5db24f36de5c https://her3.idalamatekspedisi.com/ Frame	0 0
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/	435 KB 145 KB	310ms 308ms	Script text/javascript	74.125.130.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6118204621239317 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.130.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f155.1e100.net Software cafe / Resource Hash 7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers content-encoding br etag 4174761130244020438 age 49387 x-content-type-options nosniff expires Wed, 01 Jan 2025 19:08:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Wed, 18 Dec 2024 19:08:55 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=1209600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 147831 x-xss-protection 0 server cafe
GET H2	200	wp-emoji-release.min.js Show response her3.idalamatekspedisi.com/wp-includes/js/	18 KB 5 KB	132ms 131ms	Script application/javascript	185.250.38.105 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://her3.idalamatekspedisi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1 Requested by Host: her3.idalamatekspedisi.com URL: https://her3.idalamatekspedisi.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.250.38.105 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi2215058.contaboserver.net Software nginx / Resource Hash 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers cache-control max-age=2592000 content-encoding gzip etag W/"67639b18-4926" expires Sat, 18 Jan 2025 08:52:02 GMT date Thu, 19 Dec 2024 08:52:02 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 19 Dec 2024 04:03:36 GMT server nginx vary Accept-Encoding
GET H3	200	zrt_lookup_fy2021.html googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame F10C	0 0	11ms 5ms	Document text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://her3.idalamatekspedisi.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers age 16497 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4128 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 19 Dec 2024 04:17:05 GMT etag 17661348622971093804 expires Thu, 02 Jan 2025 04:17:05 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads googleads.g.doubleclick.net/pagead/ Frame E611	0 0	489ms 489ms	Document text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6118204621239317&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1734598322&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fher3.idalamatekspedisi.com%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734598321846&bpp=11&bdt=108&idt=362&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7711429408923&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089323%2C31089330%2C95332925%2C95345966&oid=2&pvsid=1716368320252989&tmod=613248321&uas=0&nvt=1&fsapi=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=406 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://her3.idalamatekspedisi.com/ Sec-Browsing-Topics ();p=P0000000000000000000000000000000 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 4699 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 19 Dec 2024 08:52:02 GMT expires Thu, 19 Dec 2024 08:52:02 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ca-pub-6118204621239317 Show response fundingchoicesmessages.google.com/i/	197 KB 65 KB	30ms 16ms	Script application/javascript	172.253.118.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/ca-pub-6118204621239317?href=https%3A%2F%2Fher3.idalamatekspedisi.com&ers=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f102.1e100.net Software ESF / Resource Hash 3f9d6e7b737a0aba2df4f1e7856f85a6acce204981323621800552a0dedaf983 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ouQ3WhHkaJ0ZpcnfuRJlUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:02 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcGza27-bTWDDp8n_mJQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDACMj0W0" content-security-policy script-src 'report-sample' 'nonce-ouQ3WhHkaJ0ZpcnfuRJlUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H2	200	AGSKWxVWCLQwgfL7VhMszp5xfqZmfNGZey5t1PexTQ66nULSpUnZiXjdJmRN44MOUF1df83GK_R0wzOSsJn8SSCJjvH4m4XjUW2EYPpNTve-GSgEI9tfUSMsc3g5ljBL75MeC8g1vv7txw== Show response fundingchoicesmessages.google.com/f/	10 KB 5 KB	19ms 18ms	Script application/javascript	172.253.118.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxVWCLQwgfL7VhMszp5xfqZmfNGZey5t1PexTQ66nULSpUnZiXjdJmRN44MOUF1df83GK_R0wzOSsJn8SSCJjvH4m4XjUW2EYPpNTve-GSgEI9tfUSMsc3g5ljBL75MeC8g1vv7txw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NTk4MzIyLDg4ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9oZXIzLmlkYWxhbWF0ZWtzcGVkaXNpLmNvbS8iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1HQiJdLFsxOSwiMiJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMz5CG32zdJinPKWsaU0t3FQYfMJqg/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f102.1e100.net Software ESF / Resource Hash b3b56b412d534294362286c89ad8b24406912d2e927f2ef9663074c8fcd67628 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-7CI8wwGVPSCI7KJf9oEyOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:02 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcGza27-bTeDH7P4NzEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhkaGRnoGhvEFBgB-IEVX" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-7CI8wwGVPSCI7KJf9oEyOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H3	200	sodar Show response ep1.adtrafficquality.google/getconfig/	17 KB 13 KB	23ms 13ms	XHR application/json	142.251.175.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241212&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS sh-in-f156.1e100.net Software cafe / Resource Hash 560067646cffd13dd5f3ce88118f291af7b15e4696c8c4773c9e615b5afb3b9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 13164 date Thu, 19 Dec 2024 08:52:02 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	404	favicon.ico her3.idalamatekspedisi.com/	3 KB 1 KB	346ms 345ms	Other text/html	185.250.38.105 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://her3.idalamatekspedisi.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.250.38.105 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi2215058.contaboserver.net Software nginx / Resource Hash d9cd6dfca94282619431285858508adf7a4552a70c2bb6dc4f30b0c83d9b1615 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers content-encoding gzip date Thu, 19 Dec 2024 08:52:03 GMT etag W/"67639a45-b96" content-type text/html; charset=utf-8 vary Accept-Encoding server nginx
GET H2	200	sodar2.js Show response ep2.adtrafficquality.google/sodar/	18 KB 7 KB	19ms 6ms	Script text/javascript	74.125.200.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f132.1e100.net Software sffe / Resource Hash ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers content-encoding gzip etag "1727224258380615" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} x-content-type-options nosniff expires Thu, 19 Dec 2024 08:52:02 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:02 GMT content-type text/javascript vary Accept-Encoding cache-control private, max-age=3000 cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin accept-ranges bytes content-length 6445 x-xss-protection 0 server sffe
GET H2	200	runner.html ep2.adtrafficquality.google/sodar/sodar2/232/ Frame D1F0	0 0	8ms 4ms	Document text/html	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://her3.idalamatekspedisi.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 1569 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000 content-encoding gzip content-length 5005 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 19 Dec 2024 08:25:53 GMT expires Thu, 19 Dec 2024 09:15:53 GMT last-modified Mon, 23 Sep 2024 18:12:21 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe www.google.com/recaptcha/api2/ Frame CB95	0 0	28ms 10ms	Document text/html	64.233.170.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 64.233.170.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f104.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-8JSIq3Viz_1PKdNi2k6BLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://her3.idalamatekspedisi.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-8JSIq3Viz_1PKdNi2k6BLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Thu, 19 Dec 2024 08:52:03 GMT expires Thu, 19 Dec 2024 08:52:03 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H3	200	boxad2. Show response fundingchoicesmessages.google.com/f/AGSKWxWau7NR5ZemRzaqMhhTJ_NRBuqy6lWM491V1o8aLmy1SeELytsguDkZ7wm9PByJr4p6AknfRd-ak7cRwPQaHjvLzA3ePI9d0vjbvHvwaNgeRQqKEWNVG-RWQm8wH5EAdglj1PuuBDcqnG56HhL2f5fnJWfOW...	54 B 109 B	13ms 13ms	Script application/javascript	172.253.118.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWau7NR5ZemRzaqMhhTJ_NRBuqy6lWM491V1o8aLmy1SeELytsguDkZ7wm9PByJr4p6AknfRd-ak7cRwPQaHjvLzA3ePI9d0vjbvHvwaNgeRQqKEWNVG-RWQm8wH5EAdglj1PuuBDcqnG56HhL2f5fnJWfOW1JefA248IqImUUqeM1HanGQcPP-feXv/_-tower-ad-.ad/tag./adzintext-/xpopup.js/boxad2. Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxsRjaGQgg_qEWxm6phgf2MMsNNOQ/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f102.1e100.net Software ESF / Resource Hash 2a6cf2b5c1f5e3ea1c19bb831ca5290c02af4f5d8380334e2a62cf63be25ddac Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-u8I35dF89isXN7yJR7wZjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:03 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcGze27-bTeDB93m_GZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDACa7kX2" content-security-policy script-src 'report-sample' 'nonce-u8I35dF89isXN7yJR7wZjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H3	200	rum.js Show response pagead2.googlesyndication.com/pagead/js/	70 KB 26 KB	6ms 5ms	Script text/javascript	74.125.130.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxsRjaGQgg_qEWxm6phgf2MMsNNOQ/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.130.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f155.1e100.net Software cafe / Resource Hash cf93db5f15fb6b90864ea934827bca87f92e75ad6a3aab83881b1f6777ee8929 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers content-encoding br etag 82456162888936996 age 694 x-content-type-options nosniff expires Thu, 19 Dec 2024 09:40:29 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Thu, 19 Dec 2024 08:40:29 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=3600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 26167 x-xss-protection 0 server cafe
POST H3	204	AGSKWxW8Od1_s2dh6qSOn7sosndfB2wT4yxZ4woDva8eBUSconBaZKDCODfhlI0joeb1-l2XOB6y5Z35JGd5RopVg9dte2FPlBUQCWi6WCQCS-JautII7lBWme6_3-rlH0nt08klWckcuQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	14ms 9ms	XHR text/html	172.253.118.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxW8Od1_s2dh6qSOn7sosndfB2wT4yxZ4woDva8eBUSconBaZKDCODfhlI0joeb1-l2XOB6y5Z35JGd5RopVg9dte2FPlBUQCWi6WCQCS-JautII7lBWme6_3-rlH0nt08klWckcuQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMz5CG32zdJinPKWsaU0t3FQYfMJqg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f102.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fU1U_FfsT0sm8gusDHvNIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://her3.idalamatekspedisi.com/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:03 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj897-3WwCG062_WFUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoZGegZm8QUGAPf-Kt0" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fU1U_FfsT0sm8gusDHvNIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://her3.idalamatekspedisi.com content-length 0 x-xss-protection 0 server ESF
POST H3	204	AGSKWxW8Od1_s2dh6qSOn7sosndfB2wT4yxZ4woDva8eBUSconBaZKDCODfhlI0joeb1-l2XOB6y5Z35JGd5RopVg9dte2FPlBUQCWi6WCQCS-JautII7lBWme6_3-rlH0nt08klWckcuQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	11ms 11ms	XHR text/html	172.253.118.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxW8Od1_s2dh6qSOn7sosndfB2wT4yxZ4woDva8eBUSconBaZKDCODfhlI0joeb1-l2XOB6y5Z35JGd5RopVg9dte2FPlBUQCWi6WCQCS-JautII7lBWme6_3-rlH0nt08klWckcuQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMz5CG32zdJinPKWsaU0t3FQYfMJqg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f102.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--jY5H7oTuN8cMvbvgY_h-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://her3.idalamatekspedisi.com/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:03 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj897-3WwCDe_eNjIpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDI0MjPQOz-AIDAO-uKr8" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--jY5H7oTuN8cMvbvgY_h-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://her3.idalamatekspedisi.com content-length 0 x-xss-protection 0 server ESF
POST H3	204	AGSKWxW8Od1_s2dh6qSOn7sosndfB2wT4yxZ4woDva8eBUSconBaZKDCODfhlI0joeb1-l2XOB6y5Z35JGd5RopVg9dte2FPlBUQCWi6WCQCS-JautII7lBWme6_3-rlH0nt08klWckcuQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	21ms 20ms	XHR text/html	172.253.118.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxW8Od1_s2dh6qSOn7sosndfB2wT4yxZ4woDva8eBUSconBaZKDCODfhlI0joeb1-l2XOB6y5Z35JGd5RopVg9dte2FPlBUQCWi6WCQCS-JautII7lBWme6_3-rlH0nt08klWckcuQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMz5CG32zdJinPKWsaU0t3FQYfMJqg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f102.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-JJc-hOdlNAs_fyGP9xb6aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://her3.idalamatekspedisi.com/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:03 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj897-3WwCPxafbGZScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoZGegZm8QUGAPPkKss" content-security-policy script-src 'report-sample' 'nonce-JJc-hOdlNAs_fyGP9xb6aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://her3.idalamatekspedisi.com content-length 0 x-xss-protection 0 server ESF
POST H3	204	AGSKWxW8Od1_s2dh6qSOn7sosndfB2wT4yxZ4woDva8eBUSconBaZKDCODfhlI0joeb1-l2XOB6y5Z35JGd5RopVg9dte2FPlBUQCWi6WCQCS-JautII7lBWme6_3-rlH0nt08klWckcuQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	18ms 17ms	XHR text/html	172.253.118.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxW8Od1_s2dh6qSOn7sosndfB2wT4yxZ4woDva8eBUSconBaZKDCODfhlI0joeb1-l2XOB6y5Z35JGd5RopVg9dte2FPlBUQCWi6WCQCS-JautII7lBWme6_3-rlH0nt08klWckcuQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMz5CG32zdJinPKWsaU0t3FQYfMJqg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f102.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-CilhaIDC568-zoybCme66Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://her3.idalamatekspedisi.com/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:03 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj897-3WwCB37-bmJScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoZGegZm8QUGABDxKyk" content-security-policy script-src 'report-sample' 'nonce-CilhaIDC568-zoybCme66Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://her3.idalamatekspedisi.com content-length 0 x-xss-protection 0 server ESF
GET H3	200	AGSKWxWAG-Un4Ibqj7BBBsCB8l3V3NFb1LEB2ByrLZhcGwku6TS-1GBxcudYKD5pSoHOUeGBn_0iGwxAu1jp4FjZs-bZfIo69BuAB1Yl1kykuZ-VQUrf8vptOgWmefWqSFAPvQL-cQ0wEQ== Show response fundingchoicesmessages.google.com/f/	6 KB 2 KB	23ms 23ms	Script application/javascript	172.253.118.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWAG-Un4Ibqj7BBBsCB8l3V3NFb1LEB2ByrLZhcGwku6TS-1GBxcudYKD5pSoHOUeGBn_0iGwxAu1jp4FjZs-bZfIo69BuAB1Yl1kykuZ-VQUrf8vptOgWmefWqSFAPvQL-cQ0wEQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NTk4MzIzLDUzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vaGVyMy5pZGFsYW1hdGVrc3BlZGlzaS5jb20vIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZW4tR0IiXSxbMTksIjIiXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMz5CG32zdJinPKWsaU0t3FQYfMJqg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f102.1e100.net Software ESF / Resource Hash 1f30e481afe44519126686db2c842c90bbe04d03ed7392a787ce2ff87ed3039a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-pnM9wExIlod3Ak1Oh9nQog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:03 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcGze27-bTeBE48IOJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQyNDIz0Dw_gCAwBzYEUB" content-security-policy script-src 'report-sample' 'nonce-pnM9wExIlod3Ak1Oh9nQog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
POST H3	204	AGSKWxW8Od1_s2dh6qSOn7sosndfB2wT4yxZ4woDva8eBUSconBaZKDCODfhlI0joeb1-l2XOB6y5Z35JGd5RopVg9dte2FPlBUQCWi6WCQCS-JautII7lBWme6_3-rlH0nt08klWckcuQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	11ms 9ms	XHR text/html	172.253.118.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxW8Od1_s2dh6qSOn7sosndfB2wT4yxZ4woDva8eBUSconBaZKDCODfhlI0joeb1-l2XOB6y5Z35JGd5RopVg9dte2FPlBUQCWi6WCQCS-JautII7lBWme6_3-rlH0nt08klWckcuQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMz5CG32zdJinPKWsaU0t3FQYfMJqg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f102.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HzkcpU-MJujpOz7JUMDhCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://her3.idalamatekspedisi.com/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:03 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj897-3WwCC05fm8Ck5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAPCJKr0" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HzkcpU-MJujpOz7JUMDhCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://her3.idalamatekspedisi.com content-length 0 x-xss-protection 0 server ESF
GET H3	200	AGSKWxVGd4LX3b7s4JAyoRlhSpUgsyE5TpOEqyIsV9TebAINC3o9qE5wnJMcSNIZ2q5kY9ft0IHwm7XFGZKb06R3XShyJImdB2CgLRKIJhTteu64n0XU7cdyJpA51SXBgB8JShdx7vFzrw== Show response fundingchoicesmessages.google.com/f/	3 KB 1 KB	85ms 84ms	Script application/javascript	172.253.118.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxVGd4LX3b7s4JAyoRlhSpUgsyE5TpOEqyIsV9TebAINC3o9qE5wnJMcSNIZ2q5kY9ft0IHwm7XFGZKb06R3XShyJImdB2CgLRKIJhTteu64n0XU7cdyJpA51SXBgB8JShdx7vFzrw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NTk4MzIzLDU2NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vaGVyMy5pZGFsYW1hdGVrc3BlZGlzaS5jb20vIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZW4tR0IiXSxbMTksIjIiXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMz5CG32zdJinPKWsaU0t3FQYfMJqg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f102.1e100.net Software ESF / Resource Hash b4486f037acbdbf2693cdfd751bb2caae11f3a4d3e6d1f9ad196683746ad10c7 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-NFLkFGydvQDDyXnJKUERpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:03 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0ZBiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxAL8XBs3tu_m01gxbQ7W5iUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAyNDI30DAzjCwwAxxJKXQ" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-NFLkFGydvQDDyXnJKUERpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET		sodar ep1.adtrafficquality.google/pagead/	0 0
GET H3	200	AGSKWxX73chwyy7ynfG_IZ9pHN1-5ZIPHEg-MvsmmGflkbqp26c7Pbb0OFTDGYeMEGy8mp_Rgv_Xefdm5_taFwksI67ec8axzNTX4NE73y-LD_sFRJxTaRB1xJa05hLLs0vUlfnRgyLAbg== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	19ms 19ms	Script application/javascript	172.253.118.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxX73chwyy7ynfG_IZ9pHN1-5ZIPHEg-MvsmmGflkbqp26c7Pbb0OFTDGYeMEGy8mp_Rgv_Xefdm5_taFwksI67ec8axzNTX4NE73y-LD_sFRJxTaRB1xJa05hLLs0vUlfnRgyLAbg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NTk4MzIzLDY1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9oZXIzLmlkYWxhbWF0ZWtzcGVkaXNpLmNvbS8iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1HQiJdLFsxOSwiMiJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMz5CG32zdJinPKWsaU0t3FQYfMJqg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f102.1e100.net Software ESF / Resource Hash 528a9eeef669d075ff5628533240978ebd3201cde95dfe28a8e37205056ab7d3 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4_31bGZJMkrFd-esgVDcSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://her3.idalamatekspedisi.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:03 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1pBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxAL8XBs3tu_m02g4-bBA0xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoZGhkZ6BobxBQYAyy1Kcg" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4_31bGZJMkrFd-esgVDcSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
POST H3	204	AGSKWxWKpaUI3EfGitMeHJrM9aIMhZhW6A8RvGxwXloZk98g8yrgQcy83frd6QI30fG6A57eemyeb9Pbsu6L_i59iJjo0EO5quKWuD0IBjlrfXFQLs76PmxGthFsz2-r-2cmT_HCAQ6MYQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	21ms 19ms	XHR text/html	172.253.118.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWKpaUI3EfGitMeHJrM9aIMhZhW6A8RvGxwXloZk98g8yrgQcy83frd6QI30fG6A57eemyeb9Pbsu6L_i59iJjo0EO5quKWuD0IBjlrfXFQLs76PmxGthFsz2-r-2cmT_HCAQ6MYQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMz5CG32zdJinPKWsaU0t3FQYfMJqg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f102.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9btlpf2IstD2FZvxtdZYcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://her3.idalamatekspedisi.com/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:03 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj897-3WwCM7Z8OM2k5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAAB8KvU" content-security-policy script-src 'report-sample' 'nonce-9btlpf2IstD2FZvxtdZYcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://her3.idalamatekspedisi.com content-length 0 x-xss-protection 0 server ESF
POST H3	204	AGSKWxW8Od1_s2dh6qSOn7sosndfB2wT4yxZ4woDva8eBUSconBaZKDCODfhlI0joeb1-l2XOB6y5Z35JGd5RopVg9dte2FPlBUQCWi6WCQCS-JautII7lBWme6_3-rlH0nt08klWckcuQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	10ms 8ms	XHR text/html	172.253.118.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxW8Od1_s2dh6qSOn7sosndfB2wT4yxZ4woDva8eBUSconBaZKDCODfhlI0joeb1-l2XOB6y5Z35JGd5RopVg9dte2FPlBUQCWi6WCQCS-JautII7lBWme6_3-rlH0nt08klWckcuQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMz5CG32zdJinPKWsaU0t3FQYfMJqg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f102.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cInhzBwYybC2bs7zdjr1aA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://her3.idalamatekspedisi.com/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 08:52:03 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj897-3WwCN663nmBScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoZGegZm8QUGAP2AKuk" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cInhzBwYybC2bs7zdjr1aA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://her3.idalamatekspedisi.com content-length 0 x-xss-protection 0 server ESF

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

her3.idalamatekspedisi.com

URL

blob:https://her3.idalamatekspedisi.com/7bba898f-4249-4afa-8457-5db24f36de5c

Domain

ep1.adtrafficquality.google

URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241212&jk=1716368320252989&bg=!7O-l76DNAAbtGp3CzRo7ADQBe5WfOM86aQCNrLIVhTtRUCpIAKhX4HjTrDTi9PGBohyuTFM4njLJtmCLw45O3QKWbJaNAgAAAElSAAAAA2gBB34ANtb9A1OLe9pF19uw-64mU0mhpurmGSBbQQEDTYfaz2WQvSXrTtbI84g65bmRJv9v7zO6ZrK2LAoAoyzzeVVQN7ynBkAbNBElXFCyYWvhsIubS6moCSH-3GX0Rx0eiVwyzbbX1Nf5LM0GEro_46TfCa2aqQvgPuqcwuxznpfis1X7X72_z1kyy3hpZcHSN7kD_g28htPDNS9xNaDuF3fP6crTpAbDcDCQRZ2oO7kqRb5qCR6Ro7U4WY2yOOmcmCFQBibCW6V8KiVS1LnJW3yIn2q2ct8y52X7eOlbN1yZApwrv_UrUE1Y0-c877L1F-U7T4hMURPzrDBy23b-HTG3OIDcuTu5ULywDYaR2UV66M-oJ2NGyRxAhFFRq19MQOFTVviw_dfUpUmCocEBIFkVSxsOz9dMBh9nsDY_Qc03ejG2dua0ACs3eGq6UwSKtFeQGBo4pDwZLyrIIOWKoSgm-mnQs4VeYsFQyZTk0fIEJptzicDFPS0yg6cx8tvFVa3s7bS2eorqgbtdu-sF65RNV2Z5nV_kA0gC7FmShGdnfPAbdwgNtTFaE5jd7LmXavy7OKTR2wgQpBHZmQ691xsAXYtwVRxqikitS78T75GnRWO8ldwh3mK4M-wGG4d16nH_zb86psyR1NipFXhPbATqtpGoSTaQ2JhUehP8UZqx1QNaf4e8rqnjWM8oYw3eYY6FkYEXOp8wRQxS1wFO2U7xao9hNs2OOWWK1ME9I-QQFCsrYO4HO80lxKtrrNXpEQNIm2SuQ0t6fmbTX4oINtP9_PepOA2dcUH6DzyJamis1BrHkLHU7JvJcRBNm2CL8u7r2sZVe2OHP-xRAXEvABoTYEdNpDIU1yR-iymH1vWj2fp2oTqKXBS2dGYCLVphkjSVyU13iAd6Unogn_xFrj5Cd0awjc1w06MEZOS1-_K_u7mrOnjzmxxxsdkqt3RmHsLlYqBEjuSt0GAnWZHCVVoR8R0cHZ1fbiLUFwhYvB1jcjMsKnle6HqmDj2dVYvnXjuzn4-zwwQHZUaaX4iVs0R1ykQnEEGk7e7uZNnJjNuuTchsPnztRciK4Xra3ilX1UlN4vnDHb5kRvnj18XLEC1qGKZ-xY3pQhlA4whi9DlWXuBfyj9Ily3bbcINV036md4QSS9WQ965uH-1PK4AllPPO3px0uTAJblPqCxruA

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| generatepressMenu object| twemoji object| wp function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| Y2JlZjQ4ZjI1MTllOGJiNmxvYWRlcl9qcw== string| Y2JlZjQ4ZjI1MTllOGJiNmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| GoogleGcLKhOms object| _google_rum_ns_ boolean| 5339c5ce-d7ff-454c-852b-6476fa6c730c object| google_image_requests

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			her3.idalamatekspedisi.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: oqd13btkn59r3r90019r8sa32h
			.doubleclick.net/	1970-01-21 01:49:59	Name: test_cookie Value: CheckForPermission
			.idalamatekspedisi.com/	1970-01-21 10:35:34	Name: FCNEC Value: %5B%5B%22AKsRol_7HupYLyyZnCQLHoBvyNhdoASyyxrovofRsLxReAu5K6qYjxxfJw0PPXFozugYCi9mRMQ7vvZA_Gv3DXeUi-VHKfKuypM471zlQwoe2jjeqIPY9PISPh3OpUOz2cpW7Hwhr3Q-H9XKxSakr_o2TqBJcN0Zjg%3D%3D%22%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://her3.idalamatekspedisi.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
her3.idalamatekspedisi.com
pagead2.googlesyndication.com
www.google.com
ep1.adtrafficquality.google
her3.idalamatekspedisi.com
142.251.175.156
172.253.118.102
172.253.118.132
185.250.38.105
64.233.170.104
74.125.130.155
74.125.200.132
74.125.24.155
1f30e481afe44519126686db2c842c90bbe04d03ed7392a787ce2ff87ed3039a
2a6cf2b5c1f5e3ea1c19bb831ca5290c02af4f5d8380334e2a62cf63be25ddac
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3f9d6e7b737a0aba2df4f1e7856f85a6acce204981323621800552a0dedaf983
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
528a9eeef669d075ff5628533240978ebd3201cde95dfe28a8e37205056ab7d3
560067646cffd13dd5f3ce88118f291af7b15e4696c8c4773c9e615b5afb3b9b
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
87da19ed9ad9e7f5999d79968a3d8605de236e44bbc06bc9c41d740b6dd1a8ba
a334f3a6673b88abbee346737214a49d614ad74ea531232de77aaef5ae069c0e
b3b56b412d534294362286c89ad8b24406912d2e927f2ef9663074c8fcd67628
b4486f037acbdbf2693cdfd751bb2caae11f3a4d3e6d1f9ad196683746ad10c7
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56
cf93db5f15fb6b90864ea934827bca87f92e75ad6a3aab83881b1f6777ee8929
d9cd6dfca94282619431285858508adf7a4552a70c2bb6dc4f30b0c83d9b1615
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99