mail.ugf.vrn.temporary.site Open in urlscan Pro
162.144.20.191  Public Scan

71 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mail.ugf.vrn.temporary.site/	145 KB 53 KB	4213ms 3872ms	Document text/html	162.144.20.191 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://mail.ugf.vrn.temporary.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.144.20.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-144-20-191.unifiedlayer.com Software Apache / Resource Hash 6b5ee367456fada0890a3042b0e565eddb4c2469f9d61e699233786239ece270 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 25 Aug 2024 05:27:36 GMT link <https://hhrmahotelbali.com/wp-json/>; rel="https://api.w.org/" server Apache vary Accept-Encoding,Cookie x-ua-compatible IE=edge
GET H2	200	style.min.css hhrmahotelbali.com/wp-includes/css/dist/block-library/	110 KB 21 KB	622ms 353ms	Stylesheet text/css	192.185.51.97 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://hhrmahotelbali.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1 Requested by Host: mail.ugf.vrn.temporary.site URL: https://mail.ugf.vrn.temporary.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.51.97 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-51-97.unifiedlayer.com Software Apache / Resource Hash 885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6 Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:40 GMT content-encoding gzip x-nginx-cache WordPress last-modified Sat, 24 Aug 2024 14:37:42 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css accept-ranges bytes
GET H2	200	protect_style.css hhrmahotelbali.com/wp-content/plugins/wp-copy-protect-with-color-design/css/	656 B 373 B	515ms 246ms	Stylesheet text/css	192.185.51.97 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://hhrmahotelbali.com/wp-content/plugins/wp-copy-protect-with-color-design/css/protect_style.css?ver=6.6.1 Requested by Host: mail.ugf.vrn.temporary.site URL: https://mail.ugf.vrn.temporary.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.51.97 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-51-97.unifiedlayer.com Software Apache / Resource Hash a2034e582fe52049a0b5203e137c58ad3f5263cd2e89f776b13d2ad6024ec17d Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:40 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 22 Aug 2024 08:10:44 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css accept-ranges bytes content-length 309
GET H2	200	all.min.css hhrmahotelbali.com/wp-content/themes/generatepress/assets/css/	31 KB 9 KB	623ms 354ms	Stylesheet text/css	192.185.51.97 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://hhrmahotelbali.com/wp-content/themes/generatepress/assets/css/all.min.css?ver=3.4.0 Requested by Host: mail.ugf.vrn.temporary.site URL: https://mail.ugf.vrn.temporary.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.51.97 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-51-97.unifiedlayer.com Software Apache / Resource Hash 0ed8c282ffb63a986c76f8f90850cf8e31378645b1e5da3ffcdfc86776c007c8 Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:40 GMT content-encoding gzip x-nginx-cache WordPress last-modified Sat, 17 Feb 2024 11:33:26 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css accept-ranges bytes content-length 9309
GET H2	200	style-min.css hhrmahotelbali.com/wp-content/plugins/gp-premium/blog/functions/css/	5 KB 1001 B	623ms 355ms	Stylesheet text/css	192.185.51.97 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://hhrmahotelbali.com/wp-content/plugins/gp-premium/blog/functions/css/style-min.css?ver=1.5.5 Requested by Host: mail.ugf.vrn.temporary.site URL: https://mail.ugf.vrn.temporary.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.51.97 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-51-97.unifiedlayer.com Software Apache / Resource Hash 3a311df804dd3dfefe5d2adb5e3d2cd3b42220bf7a3c4b13b283a1c33cadbea7 Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:40 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 23 Nov 2017 12:48:38 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css accept-ranges bytes content-length 943
GET H2	200	jquery.min.js Show response hhrmahotelbali.com/wp-includes/js/jquery/	86 KB 38 KB	503ms 235ms	Script application/javascript	192.185.51.97 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://hhrmahotelbali.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: mail.ugf.vrn.temporary.site URL: https://mail.ugf.vrn.temporary.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.51.97 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-51-97.unifiedlayer.com Software Apache / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:40 GMT content-encoding gzip x-nginx-cache WordPress last-modified Sat, 24 Aug 2024 14:37:43 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type application/javascript accept-ranges bytes
GET H2	200	jquery-migrate.min.js Show response hhrmahotelbali.com/wp-includes/js/jquery/	13 KB 5 KB	397ms 129ms	Script application/javascript	192.185.51.97 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://hhrmahotelbali.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: mail.ugf.vrn.temporary.site URL: https://mail.ugf.vrn.temporary.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.51.97 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-51-97.unifiedlayer.com Software Apache / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:40 GMT content-encoding gzip x-nginx-cache WordPress last-modified Sat, 24 Aug 2024 14:37:43 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type application/javascript accept-ranges bytes content-length 5422
GET H2	200	js Show response www.googletagmanager.com/gtag/	318 KB 105 KB	474ms 177ms	Script application/javascript	2607:f8b0:4006:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-NCFF17JYWV Requested by Host: mail.ugf.vrn.temporary.site URL: https://mail.ugf.vrn.temporary.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ed0c15fb079557535eb2f3b8fd0adb026bb3ecadd03a387e56cc1a5ff7786f6e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 107551 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 25 Aug 2024 05:27:40 GMT
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	152 KB 51 KB	456ms 176ms	Script text/javascript	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8813338748589601 Requested by Host: mail.ugf.vrn.temporary.site URL: https://mail.ugf.vrn.temporary.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software cafe / Resource Hash 696be1aca569e38412c12f8a7ecfc5391c4611b1f94f40e9eee87dbd5b40b57e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.ugf.vrn.temporary.site/ Origin https://mail.ugf.vrn.temporary.site User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:40 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52044 x-xss-protection 0 server cafe etag 1060541640728289075 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Sun, 25 Aug 2024 05:27:40 GMT
GET H2	200	HHB-Logo-sm.png hhrmahotelbali.com/wp-content/uploads/2020/06/	7 KB 7 KB	284ms 282ms	Image image/png	192.185.51.97 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://hhrmahotelbali.com/wp-content/uploads/2020/06/HHB-Logo-sm.png Requested by Host: mail.ugf.vrn.temporary.site URL: https://mail.ugf.vrn.temporary.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.51.97 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-51-97.unifiedlayer.com Software Apache / Resource Hash ded38df29644d6e7ac1f11e4f665a217afcd7f1533bf3c3d9e709379f643b7ce Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:40 GMT x-nginx-cache WordPress last-modified Fri, 12 Jun 2020 11:27:36 GMT server Apache x-endurance-cache-level 2 content-type image/png accept-ranges bytes content-length 6685
GET		46299543-61d6-4880-8b80-6565c6dc599a https://mail.ugf.vrn.temporary.site/ Frame	0 0
GET		brand www.google.co.id/coop/cse/	0 0
GET H2	200	menu.min.js Show response hhrmahotelbali.com/wp-content/themes/generatepress/assets/js/	7 KB 2 KB	131ms 125ms	Script application/javascript	192.185.51.97 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://hhrmahotelbali.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0 Requested by Host: mail.ugf.vrn.temporary.site URL: https://mail.ugf.vrn.temporary.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.51.97 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-51-97.unifiedlayer.com Software Apache / Resource Hash 395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936 Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:40 GMT content-encoding gzip x-nginx-cache WordPress last-modified Sat, 17 Feb 2024 11:33:26 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type application/javascript accept-ranges bytes content-length 2192
GET H2	200	navigation-search.min.js Show response hhrmahotelbali.com/wp-content/themes/generatepress/assets/js/	2 KB 843 B	128ms 124ms	Script application/javascript	192.185.51.97 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://hhrmahotelbali.com/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.4.0 Requested by Host: mail.ugf.vrn.temporary.site URL: https://mail.ugf.vrn.temporary.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.51.97 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-51-97.unifiedlayer.com Software Apache / Resource Hash 07b22512394b6fe16bd285c017731e78759c4cda65c809240e49def78fba53a7 Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:40 GMT content-encoding gzip x-nginx-cache WordPress last-modified Sat, 17 Feb 2024 11:33:26 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type application/javascript accept-ranges bytes content-length 809
GET H2	200	back-to-top.min.js Show response hhrmahotelbali.com/wp-content/themes/generatepress/assets/js/	757 B 428 B	126ms 123ms	Script application/javascript	192.185.51.97 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://hhrmahotelbali.com/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.4.0 Requested by Host: mail.ugf.vrn.temporary.site URL: https://mail.ugf.vrn.temporary.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.51.97 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-51-97.unifiedlayer.com Software Apache / Resource Hash 50c686094830433cbab4c26e1b004cb3891eebfdf022ef2d41106596a4d705e0 Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:40 GMT content-encoding gzip x-nginx-cache WordPress last-modified Sat, 17 Feb 2024 11:33:26 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type application/javascript accept-ranges bytes content-length 394
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408200201/	430 KB 144 KB	458ms 180ms	Script text/javascript	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408200201/show_ads_impl_fy2021.js?bust=31086466 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8813338748589601 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software cafe / Resource Hash 4173ab22f4c23f33d0b2d4f9551bc34bc50f952872152f0e5d77c5daf30f2365 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:41 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 147365 x-xss-protection 0 server cafe etag 13930554202453195451 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 25 Aug 2024 05:27:41 GMT
POST H2	204	collect www.google-analytics.com/g/	0 0	441ms 153ms	Fetch text/plain	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-NCFF17JYWV&gtm=45je48l0v9101795220za200&_p=1724563660543&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=664033212.1724563661&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724563661&sct=1&seg=0&dl=https%3A%2F%2Fmail.ugf.vrn.temporary.site%2F&dt=HHRMA%20Hotel%20Bali%20Jobs%202024~Lowongan%20Kerja%20Hotel%20di%20Bali%20Terbaru&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5746 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NCFF17JYWV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 25 Aug 2024 05:27:41 GMT server Golfe2 content-type text/plain access-control-allow-origin https://mail.ugf.vrn.temporary.site cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	wp-emoji-release.min.js Show response hhrmahotelbali.com/wp-includes/js/	18 KB 5 KB	133ms 132ms	Script application/javascript	192.185.51.97 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://hhrmahotelbali.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1 Requested by Host: mail.ugf.vrn.temporary.site URL: https://mail.ugf.vrn.temporary.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.51.97 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-51-97.unifiedlayer.com Software Apache / Resource Hash 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:41 GMT content-encoding gzip x-nginx-cache WordPress last-modified Sat, 24 Aug 2024 14:37:43 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type application/javascript accept-ranges bytes content-length 5365
GET H3	200	zrt_lookup_fy2021.html googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/ Frame B9AD	0 0	412ms 138ms	Document text/html	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408200201/show_ads_impl_fy2021.js?bust=31086466 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.ugf.vrn.temporary.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers age 571 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4111 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 25 Aug 2024 05:18:11 GMT etag 5947459844715414650 expires Sun, 08 Sep 2024 05:18:11 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	403	ads googleads.g.doubleclick.net/pagead/ Frame 64D2	0 0	421ms 189ms	Document text/html	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8813338748589601&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1724563662&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fmail.ugf.vrn.temporary.site%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_18~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724563661178&bpp=4&bdt=1302&idt=797&shv=r20240821&mjsv=m202408200201&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2435446906968&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31086225%2C44795922%2C95333411%2C95334829%2C95337586%2C95338229%2C31086466%2C95340285%2C21065724&oid=2&pvsid=1953718341267111&tmod=1479142002&uas=0&nvt=1&fsapi=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=843 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408200201/show_ads_impl_fy2021.js?bust=31086466 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.ugf.vrn.temporary.site/ Sec-Browsing-Topics ();p=P0000000000000000000000000000000 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 25 Aug 2024 05:27:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	403	ads googleads.g.doubleclick.net/pagead/ Frame 3734	0 0	348ms 168ms	Document text/html	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8813338748589601&output=html&h=280&slotname=1739004976&adk=1620314009&adf=1850635622&pi=t.ma~as.1739004976&w=730&abgtt=6&fwrn=4&fwrnh=100&lmt=1724563662&rafmt=3&format=730x280&url=https%3A%2F%2Fmail.ugf.vrn.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724563661182&bpp=2&bdt=1306&idt=876&shv=r20240821&mjsv=m202408200201&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2435446906968&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31086225%2C44795922%2C95333411%2C95334829%2C95337586%2C95338229%2C31086466%2C95340285%2C21065724&oid=2&pvsid=1953718341267111&tmod=1479142002&uas=0&nvt=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=896 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408200201/show_ads_impl_fy2021.js?bust=31086466 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.ugf.vrn.temporary.site/ Sec-Browsing-Topics ();p=P0000000000000000000000000000000 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 25 Aug 2024 05:27:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	403	ads googleads.g.doubleclick.net/pagead/ Frame BB8A	0 0	313ms 169ms	Document text/html	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8813338748589601&output=html&h=280&slotname=3898470972&adk=2684669443&adf=2968649303&pi=t.ma~as.3898470972&w=730&abgtt=6&fwrn=4&fwrnh=100&lmt=1724563662&rafmt=3&format=730x280&url=https%3A%2F%2Fmail.ugf.vrn.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724563661184&bpp=1&bdt=1309&idt=924&shv=r20240821&mjsv=m202408200201&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C730x280&nras=1&correlator=2435446906968&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31086225%2C44795922%2C95333411%2C95334829%2C95337586%2C95338229%2C31086466%2C95340285%2C21065724&oid=2&pvsid=1953718341267111&tmod=1479142002&uas=0&nvt=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=929 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408200201/show_ads_impl_fy2021.js?bust=31086466 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.ugf.vrn.temporary.site/ Sec-Browsing-Topics ();p=P0000000000000000000000000000000 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 25 Aug 2024 05:27:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	403	ads googleads.g.doubleclick.net/pagead/ Frame E4AC	0 0	308ms 186ms	Document text/html	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8813338748589601&output=html&h=280&slotname=3215738172&adk=3627828422&adf=1208920853&pi=t.ma~as.3215738172&w=730&abgtt=6&fwrn=4&fwrnh=100&lmt=1724563662&rafmt=3&format=730x280&url=https%3A%2F%2Fmail.ugf.vrn.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724563661185&bpp=1&bdt=1309&idt=946&shv=r20240821&mjsv=m202408200201&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=2435446906968&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31086225%2C44795922%2C95333411%2C95334829%2C95337586%2C95338229%2C31086466%2C95340285%2C21065724&oid=2&pvsid=1953718341267111&tmod=1479142002&uas=0&nvt=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=950 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408200201/show_ads_impl_fy2021.js?bust=31086466 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.ugf.vrn.temporary.site/ Sec-Browsing-Topics ();p=P0000000000000000000000000000000 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 25 Aug 2024 05:27:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response ep1.adtrafficquality.google/getconfig/	17 KB 13 KB	414ms 170ms	XHR application/json	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20240821&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408200201/show_ads_impl_fy2021.js?bust=31086466 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software cafe / Resource Hash 917da27e91b94b322d2b51ff1361ecc839fdecf64c5a40e3ead0eb565e7a2610 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:42 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12830 x-xss-protection 0
GET H2	200	cropped-HHB-Logo-32x32.png hhrmahotelbali.com/wp-content/uploads/2020/06/	1 KB 1 KB	126ms 125ms	Other image/png	192.185.51.97 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://hhrmahotelbali.com/wp-content/uploads/2020/06/cropped-HHB-Logo-32x32.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.51.97 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-51-97.unifiedlayer.com Software Apache / Resource Hash 6a4dc476720aca50ef91ea6252275580dadae2edbb423e1079d13d18074f9e2f Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:42 GMT x-nginx-cache WordPress last-modified Sat, 06 Jun 2020 03:31:47 GMT server Apache x-endurance-cache-level 2 content-type image/png accept-ranges bytes content-length 1233
GET H2	200	sodar2.js Show response ep2.adtrafficquality.google/sodar/	17 KB 7 KB	461ms 156ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408200201/show_ads_impl_fy2021.js?bust=31086466 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.ugf.vrn.temporary.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 25 Aug 2024 05:27:43 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 25 Aug 2024 05:27:43 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D65	0 0	429ms 138ms	Document text/html	2607:f8b0:4006:820::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.ugf.vrn.temporary.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 788 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 25 Aug 2024 05:14:35 GMT expires Mon, 25 Aug 2025 05:14:35 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe www.google.com/recaptcha/api2/ Frame F32C	0 0	437ms 161ms	Document text/html	142.250.80.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.36 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce--yVCJjjDG6FMHzVoRWzjBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://mail.ugf.vrn.temporary.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce--yVCJjjDG6FMHzVoRWzjBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 25 Aug 2024 05:27:43 GMT expires Sun, 25 Aug 2024 05:27:43 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET		sodar pagead2.googlesyndication.com/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

mail.ugf.vrn.temporary.site

URL

blob:https://mail.ugf.vrn.temporary.site/46299543-61d6-4880-8b80-6565c6dc599a

Domain

www.google.co.id

URL

http://www.google.co.id/coop/cse/brand?form=cse-search-box&lang=in

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240821&jk=1953718341267111&bg=!tLelt_jNAAag2_gngNs7ADQBe5WfOKlQLnNU6Gf9XoUHq2Xa5R9xcPCYOEU5PcoOic2zVjmhQWtARH18A5t3d9PX4jA7AgAAAI5SAAAABWgBB34ANtRXv1XwdiNeEfhn3E2RmS_2p7owlBC686ImoJ-0aZvtaYpdyY2qh--FPK9UfRQdceO_S1MBNZkDCp420OMFR2VKx3eAQgma9GN1XyJeIr4Aajj14fkDU9_mWjSUtWj4ofQCubHtSOfj_IRWf4j98bqZvI7NWBYbPCJ7yplj70os2NntDJReYSyyYVOfdtIHpBokmARGgMCEAp-df0gZ5aEwhp3t3zTpKpddjqgLG5MG0F_YNf_S6kzMHpwCKDNSGC3WsIciaRU_1hbl7qMXLVyQTXIRIIEsxKPPbKiT3KQUquJY5hIHszpKuwbaO5Of-9aaBeBLlBlXQaUmXmbMgXxia5kgNwuWQqbU-Z1BIpupjdjzroPvNZbAP0FcZrFbq9XLKjY1H2WNgK5N3S1uPi7Yck2WyKJ5hBJVo2t9FSwrTtyWT0b3jt9vQN5stAzVKtXzEAgKLi6OW0aK4j_p_pk7WVDbN2SrYFmnBnGO0TuOIw3S6B-Xv_Pd7IHiok4Fd1FFTK5nY7OjcvhmeOWExX0wZ0k6k_8_Whkk8pNm20OYzSjfIoqQafz_qDCUS_tJKUHTAhHl-YPPkfH68_l3KVszWCXWjqBy5ab7_-aE1wkeImUDY42pNHiKQSK8rQlc7jpxZZijA1WUJFzgnrs1Ep-YCL2MUX4ijebk5HpwoMjqznoyzQJPZXw90tjlaFkJL9junvUe8rObirH_zBQxyTM_5EUx9plh66m2CAmAGVql5Jx3Ocb0IA1NUN8TxxcKSlQQzBITMRuobMtzdM19f1cz8VjXoTTpG9zUO88ZxMIsXKnDqiUk7qxqeu0b6DlDL2nJdFH_LU5Vps4fNvOQZSL8mOemJJjt4FJhauPeXj8Ozpp-gjjaYlv2_0WpX7WRRrPfEcxp68xTg5gGJYUx0gcKKI_jcPYF5C9d5ZSjVePyGbuWVkaDqnOPpU_c4UWYiXRukvxqM6hp9RaxwuYCmX9Mh7DsGxAB-5TgocabirGV-EUg2TtPiICUDdgVdpKZYHDEmBgSb2rgcbr2Ccjc9pvaQG5584Xk7IdC90oBpJXl4GGKtgu_Vgi7gXnOqlTnM0DfhKJyuhTTFrzPFMbmIeS6GF8

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| _wpemojiSettings function| jQuery function| gtag object| dataLayer object| adsbygoogle object| generatepressMenu object| generatepressNavSearch object| generatepressBackToTop object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| googletag function| onYouTubeIframeAPIReady object| gaGlobal function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive boolean| ai_lists object| host_regexp function| m function| z function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| da function| ia function| b64e function| b64d object| ai_front object| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code function| MobileDetect function| ai_process_lists boolean| ai_js_code function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| twemoji object| wp object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.temporary.site/	1970-01-21 08:38:43	Name: _ga_NCFF17JYWV Value: GS1.1.1724563661.1.0.1724563661.0.0.0
			.temporary.site/	1970-01-21 08:38:43	Name: _ga Value: GA1.1.664033212.1724563661
			.doubleclick.net/	1970-01-20 23:02:44	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://mail.ugf.vrn.temporary.site/(Line 386) Message: Mixed Content: The page at 'https://mail.ugf.vrn.temporary.site/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.google.co.id/'. This endpoint should be made available over a secure connection.
security	error	URL: https://mail.ugf.vrn.temporary.site/ Message: Mixed Content: The page at 'https://mail.ugf.vrn.temporary.site/' was loaded over HTTPS, but requested an insecure script 'http://www.google.co.id/coop/cse/brand?form=cse-search-box&lang=in'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
hhrmahotelbali.com
mail.ugf.vrn.temporary.site
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.co.id
www.google.com
www.googletagmanager.com
mail.ugf.vrn.temporary.site
pagead2.googlesyndication.com
www.google.co.id
142.250.64.66
142.250.80.36
142.250.80.98
142.251.40.130
162.144.20.191
192.185.51.97
2607:f8b0:4006:809::2008
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::2001
2607:f8b0:4006:820::2001
07b22512394b6fe16bd285c017731e78759c4cda65c809240e49def78fba53a7
0ed8c282ffb63a986c76f8f90850cf8e31378645b1e5da3ffcdfc86776c007c8
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936
3a311df804dd3dfefe5d2adb5e3d2cd3b42220bf7a3c4b13b283a1c33cadbea7
4173ab22f4c23f33d0b2d4f9551bc34bc50f952872152f0e5d77c5daf30f2365
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
50c686094830433cbab4c26e1b004cb3891eebfdf022ef2d41106596a4d705e0
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
696be1aca569e38412c12f8a7ecfc5391c4611b1f94f40e9eee87dbd5b40b57e
6a4dc476720aca50ef91ea6252275580dadae2edbb423e1079d13d18074f9e2f
6b5ee367456fada0890a3042b0e565eddb4c2469f9d61e699233786239ece270
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
917da27e91b94b322d2b51ff1361ecc839fdecf64c5a40e3ead0eb565e7a2610
a2034e582fe52049a0b5203e137c58ad3f5263cd2e89f776b13d2ad6024ec17d
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ded38df29644d6e7ac1f11e4f665a217afcd7f1533bf3c3d9e709379f643b7ce
ed0c15fb079557535eb2f3b8fd0adb026bb3ecadd03a387e56cc1a5ff7786f6e