www.viva.co.id Open in urlscan Pro
2600:9000:214f:e600:18:d576:df80:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j
Submission: On August 09 via manual (August 9th 2022, 1:09:13 pm UTC) from ID — Scanned from DE

Summary HTTP 346 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 76 IPs in 11 countries across 49 domains to perform 346 HTTP transactions. The main IP is 2600:9000:214f:e600:18:d576:df80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.viva.co.id. The Cisco Umbrella rank of the primary domain is 119639.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 6th 2021. Valid for: a year.

This is the only time www.viva.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2600:9000:214... 2600:9000:214f:e600:18:d576:df80:93a1	16509 (AMAZON-02) (AMAZON-02)
39	2606:4700:10:... 2606:4700:10::6814:9670	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::ac43:87f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	18.140.153.200 18.140.153.200	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 3	99.86.4.3 99.86.4.3	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
8	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	2.21.184.200 2.21.184.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700:20:... 2606:4700:20::681a:a69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4677	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
10	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
3 18	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 34	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
9 13	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 2	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
2 2	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
3	2606:4700::68... 2606:4700::6812:c4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.251.71.171 34.251.71.171	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:6843	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 1	54.220.95.67 54.220.95.67	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:9c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400e:800::200a	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
43	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
6	2a02:26f0:ea:... 2a02:26f0:ea:4a5::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	3.216.238.203 3.216.238.203	14618 (AMAZON-AES) (AMAZON-AES)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	52.213.150.8 52.213.150.8	16509 (AMAZON-02) (AMAZON-02)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.145.157.73 54.145.157.73	14618 (AMAZON-AES) (AMAZON-AES)
1	3.125.91.92 3.125.91.92	16509 (AMAZON-02) (AMAZON-02)
6	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
2	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:6ea2:7e37:6642:1ce8	14618 (AMAZON-AES) (AMAZON-AES)
1	2a05:d018:d29... 2a05:d018:d29:3601:f3cb:95d1:14be:450d	16509 (AMAZON-02) (AMAZON-02)
1	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.213.154.120 52.213.154.120	16509 (AMAZON-02) (AMAZON-02)
2 3	104.96.159.65 104.96.159.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.125.77.13 3.125.77.13	16509 (AMAZON-02) (AMAZON-02)
1 1	3.209.155.158 3.209.155.158	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	66.155.71.25 66.155.71.25	() ()
1 1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1	54.160.109.218 54.160.109.218	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
346	76

2 2600:9000:214f:e600:18:d576:df80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.viva.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:4700:10::6814:9670 (United States)

ASN13335 (CLOUDFLARENET, US)

public.viva.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thumb.viva.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:87f6 (United States)

ASN13335 (CLOUDFLARENET, US)

sso.thevivanetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.140.153.200 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-153-200.ap-southeast-1.compute.amazonaws.com

hitlog.viva.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.3 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-3.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.184.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:a69 (United States)

ASN13335 (CLOUDFLARENET, US)

thumb.intipseleb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4677 (United States)

ASN13335 (CLOUDFLARENET, US)

thumb-jagodangdut.intipseleb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)

prg-apac.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 216.58.212.130 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.37 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.159 (Leesburg, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.71.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-71-171.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:c::5c7b:6843 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.selectmedia.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.95.67 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-95-67.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:ea:4a5::2c79 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.216.238.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-238-203.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.150.8 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-150-8.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Herrischried, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.157.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-157-73.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.91.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-91-92.eu-central-1.compute.amazonaws.com

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.248 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:6ea2:7e37:6642:1ce8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

cguke-9h64o.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:f3cb:95d1:14be:450d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.154.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-154-120.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.96.159.65 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-65.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.77.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-77-13.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.155.158 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-155-158.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.160.109.218 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-109-218.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 ade.googlesyndication.com — Cisco Umbrella Rank: 297	483 KB
43	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	1 MB
42	doubleclick.net 9 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 118 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	404 KB
42	viva.co.id www.viva.co.id — Cisco Umbrella Rank: 119639 public.viva.co.id — Cisco Umbrella Rank: 276668 thumb.viva.co.id — Cisco Umbrella Rank: 177601 hitlog.viva.co.id — Cisco Umbrella Rank: 310753	444 KB
19	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 560 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453 r.casalemedia.com — Cisco Umbrella Rank: 713 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530 dsum.casalemedia.com — Cisco Umbrella Rank: 1258	19 KB
13	google.com 1 redirects ampcid.google.com — Cisco Umbrella Rank: 1708 region1.analytics.google.com — Cisco Umbrella Rank: 5381 www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 98	2 KB
12	aniview.com player.aniview.com — Cisco Umbrella Rank: 1567 track1.aniview.com — Cisco Umbrella Rank: 1647 go1.aniview.com — Cisco Umbrella Rank: 4734	248 KB
12	smartadserver.com prg-apac.smartadserver.com — Cisco Umbrella Rank: 15196 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 605	6 KB
11	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	123 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	302 KB
7	adform.net c1.adform.net — Cisco Umbrella Rank: 603 adx.adform.net — Cisco Umbrella Rank: 3659	2 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 267 fonts.googleapis.com — Cisco Umbrella Rank: 67	50 KB
6	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 277 c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 910 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	2 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238 secure.adnxs.com — Cisco Umbrella Rank: 462	3 KB
6	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 592 cdn.indexww.com — Cisco Umbrella Rank: 1470	6 KB
5	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 496 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 518 image6.pubmatic.com — Cisco Umbrella Rank: 636 t.pubmatic.com — Cisco Umbrella Rank: 4804	122 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 516	2 KB
4	intipseleb.com thumb.intipseleb.com — Cisco Umbrella Rank: 83926 thumb-jagodangdut.intipseleb.com — Cisco Umbrella Rank: 358351	70 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755	1 KB
4	google.de ampcid.google.de — Cisco Umbrella Rank: 48742 www.google.de — Cisco Umbrella Rank: 5596 adservice.google.de — Cisco Umbrella Rank: 8117	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 988	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 381	918 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 145	780 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 623	644 B
2	demdex.net 1 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 91893	2 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 921	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 396	418 B
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 602 static.adsafeprotected.com — Cisco Umbrella Rank: 594	688 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 551	634 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 288	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	140 KB
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1251	35 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 465	505 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 484	682 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 791	425 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1445	381 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 292	220 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 494	430 B
1	tremorhub.com cguke-9h64o.ads.tremorhub.com — Cisco Umbrella Rank: 91822	418 B
1	rubiconproject.com optimized-by.rubiconproject.com — Cisco Umbrella Rank: 4332	687 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	22 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11572	1 KB
1	selectmedia.asia tg1.selectmedia.asia — Cisco Umbrella Rank: 24906	5 KB
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1452	338 B
1	dotomi.com 1 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 3082	187 B
1	thevivanetworks.com sso.thevivanetworks.com — Cisco Umbrella Rank: 299751	822 B
0	rlcdn.com Failed api.rlcdn.com Failed
346	49

	Domain	Requested by
43	s0.2mdn.net	www.viva.co.id s0.2mdn.net
39	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com googleads.g.doubleclick.net www.viva.co.id www.googletagservices.com s0.2mdn.net
34	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com s0.2mdn.net
31	public.viva.co.id	www.viva.co.id public.viva.co.id
13	cm.g.doubleclick.net	9 redirects r.casalemedia.com googleads.g.doubleclick.net
12	dsum-sec.casalemedia.com	2 redirects r.casalemedia.com googleads.g.doubleclick.net ssum-sec.casalemedia.com
10	googleads.g.doubleclick.net	7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com www.viva.co.id
10	prg-apac.smartadserver.com	ads.pubmatic.com
9	www.google.com	1 redirects www.viva.co.id tpc.googlesyndication.com 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
8	googleads4.g.doubleclick.net	www.viva.co.id
8	securepubads.g.doubleclick.net	www.viva.co.id securepubads.g.doubleclick.net www.googletagservices.com
8	thumb.viva.co.id	www.viva.co.id
7	www.googletagservices.com	securepubads.g.doubleclick.net 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
7	7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	adx.adform.net	player.aniview.com
6	player.aniview.com	tg1.selectmedia.asia player.aniview.com
6	www.gstatic.com	www.viva.co.id 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
5	track1.aniview.com	www.viva.co.id player.aniview.com
5	ib.adnxs.com	2 redirects r.casalemedia.com googleads.g.doubleclick.net ssum-sec.casalemedia.com
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	www.google-analytics.com	www.viva.co.id www.google-analytics.com
4	ajax.googleapis.com	www.viva.co.id s0.2mdn.net
3	ade.googlesyndication.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	2 redirects ssum-sec.casalemedia.com
3	fonts.googleapis.com	7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
3	cdn.indexww.com	r.casalemedia.com ssum-sec.casalemedia.com
3	match.adsrvr.org	r.casalemedia.com ads.pubmatic.com ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com
3	js-sec.indexww.com	ads.pubmatic.com player.aniview.com
3	thumb.intipseleb.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	sb.scorecardresearch.com	1 redirects www.viva.co.id
2	sync-tm.everesttech.net	2 redirects
2	c2shb.pubgw.yahoo.com	player.aniview.com
2	skydeutschland.demdex.net	1 redirects 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	b1sync.zemanta.com	2 redirects
2	s.amazon-adsystem.com	1 redirects r.casalemedia.com
2	htlb.casalemedia.com	ads.pubmatic.com player.aniview.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	ads.pubmatic.com	www.viva.co.id ads.pubmatic.com
2	www.google.de	www.viva.co.id
2	region1.analytics.google.com	www.googletagmanager.com
2	www.googletagmanager.com	www.viva.co.id www.googletagmanager.com
2	www.viva.co.id	player.aniview.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	pixel.quantserve.com	1 redirects
1	pixel-sync.sitescout.com	ssum-sec.casalemedia.com
1	sync.mathtag.com	1 redirects
1	ad.turn.com	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	x.bidswitch.net	ssum-sec.casalemedia.com
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	cguke-9h64o.ads.tremorhub.com	player.aniview.com
1	optimized-by.rubiconproject.com	player.aniview.com
1	go1.aniview.com	player.aniview.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	t.pubmatic.com	ads.pubmatic.com
1	m.exactag.com	7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn3.gstatic.com	7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
1	encrypted-tbn2.gstatic.com	7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
1	encrypted-tbn0.gstatic.com	7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
1	encrypted-tbn1.gstatic.com	7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
1	static.adsafeprotected.com	7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
1	pixel.adsafeprotected.com	1 redirects
1	tg1.selectmedia.asia	securepubads.g.doubleclick.net
1	id.crwdcntrl.net	ads.pubmatic.com
1	c1.adform.net	r.casalemedia.com
1	dsum.casalemedia.com	r.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	r.casalemedia.com	js-sec.indexww.com
1	image6.pubmatic.com	ads.pubmatic.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	hbopenbid.pubmatic.com	ads.pubmatic.com
1	thumb-jagodangdut.intipseleb.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	hitlog.viva.co.id	ajax.googleapis.com
1	sso.thevivanetworks.com	www.viva.co.id
0	api.rlcdn.com Failed	ads.pubmatic.com
346	88

This site contains links to these domains. Also see Links.

Domain
www.thevivanetworks.com
jagodangdut.intipseleb.com
www.100kpj.com
www.intipseleb.com
www.vlix.id
www.sahijab.com
www.tvonenews.com
onepride.net
oneprix.id
bandung.viva.co.id
olret.viva.co.id
padang.viva.co.id
sulawesi.viva.co.id
gadget.viva.co.id
teknodaily.viva.co.id
malang.viva.co.id
sso.thevivanetworks.com
api.whatsapp.com
social-plugins.line.me
www.jagodangdut.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
*.viva.co.id Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-08-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-19` - `2023-03-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
wl.aniview.com R3	`2022-06-26` - `2022-09-24`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-12-30` - `2023-01-03`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-11-30`	6 months	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
adentifi.com Amazon	`2022-08-05` - `2023-09-03`	a year	crt.sh

This page contains 39 frames:

Primary Page: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j
Frame ID: 6E26654CCFF768BD9F607B3DEB2ABE42
Requests: 116 HTTP requests in this frame

Frame: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A08EF838A84E84354A1798601FC09D67
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Frame ID: BBF1B540E59451DF45C40045BA136C2B
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 475A2DE3C9AF0A8D2FCBF00F23DD0B4B
Requests: 1 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F72F71E0804948E294F2F3F2D096A9F1
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FCE666E96D27686125D72CBD37E2339D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 66C3BF1B028DE8D96B511A1FBA5121CA
Requests: 2 HTTP requests in this frame

Frame: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D502001DEFE8FF8B5B239C4FCFA80C37
Requests: 15 HTTP requests in this frame

Frame: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EA34C6C626748EBB781F407749D54803
Requests: 18 HTTP requests in this frame

Frame: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 80BC7FFC26BDAEB3B4EDA0A638B733B9
Requests: 5 HTTP requests in this frame

Frame: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8CB0AF16B0B07207ECD82237B375A360
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur4f-u_vjTzYZ2C3kfFTVTgfn6fwxCDcLoxAaGCJD-ITknl7qoBIxbTifVXiuehTKnu7dd5g-YHWKkeef_vLzTTf0-Qk5hlXvpy_GkQUXA0MNvV-liOEYVNhltfwq8juoxD4WPIGClTY5hNxVrQr-Mf1xGkxaxouvrtQ7-o8SS5zDYDt1X3mhSPysvpGXaZxw_cr98zUaNeKOHBJFRoEhCvu57vDsMLsx67yFEcD5-iWc501oIjVJR9oLrhkELx2fRIfCMEWvluCL9oWzUP-X-wEu1ZeLhpXnqw58rV9ekyC2qvn__xSeZpd5uo_5bDctj1WuYkgZS2Szn&sai=AMfl-YTWFfT8vssPu9I5TLLMWzttTGTKx-5zVHiC9SFjdRcFe2EOjMySj-yOrA7s5YyuwEsJT7tL9vG94xyYVE6R5ePGoQasC6IUZyUXkyvlCMX0GjdCdMQLazSIeNswmj2qHA&sig=Cg0ArKJSzI4EbcZkVguuEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1149407EF27AB855DEB8ED054299217E
Requests: 7 HTTP requests in this frame

Frame: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 00CE756F9E45D510FB009B4764E86CE5
Requests: 18 HTTP requests in this frame

Frame: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2653970D05BC13CD5E48A5F6715A0BE0
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYqOH4xgEwAQ&v=APEucNWOYCSB5rztdkXR8r4sPUusO585F-4bYEhdLhhqIeaS_xBt_Fq7B9F103OFWWhWMDZ5rXaxbXb67bokCHHKP3ovJ6gHKR2c-wewsw09BORg05lPMpZMS3eJ_Z9FwSTMDRvH0hhsp0nqp0-VGsQJRfIFirwYN6g95sHaN1vSTcFhJNYWpV0
Frame ID: 78320466EDD33908BCB1F16C36282D93
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO-p_M0BMAE&v=APEucNXd8b0LFODWBfds_YY5Rtr4eW2SSfJU8RSZVAtILwzIymEOc9AXBS1dd36Keo_rY7HRpE_Q1wx85RyEHKsBtKp61QBgPeAhYLdoBW0UPOXYzZe8fVksLMbKzIvKeIvxALO8K29-2NWVT01LTnte3GxQktqwEAKPqzfqdZhVFuX8oKNX5A4
Frame ID: 2215AA6982D8383BDF93315E823F5F90
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C6DCC7C8462B6BFD2865E2F159B9DA32
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY-eD4xgEwAQ&v=APEucNWcUmxVDyTfaSjWHKlIDjdVy7luBZJO0LEluO_6eEJTTparq-f2fIbBhvu0jrF9xC1RHSj50JOwpN2cfssNFd42EQTUKJG9cZWAU8LNctHEDY-iRiyNo1Axt7nzzaJqKJ1rJ_7ReuDnRdZ-SvtAePEQMHsSHL_E0uvC5-_GWO8fr6Yy7Wk
Frame ID: 078176C659889C3D53B4441E461447D0
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5eL4xgEwAQ&v=APEucNVWUr2hqLOQSDXDJORy9yPa3fwOMMsc0n4vJj2urTTlsA5kYYgmD7C1CQJ4FD_Tb-ZAxdu7qimyZtFwysIvw_NdXPjXscrJemBsPWeLoX_EcEa6a3ybQZH8RdrmvF6S-KS7uvo51QKzBP2rtTzllx5esFXkLCcn718wDQ2-IXjPbTtb8uU
Frame ID: 5408993E15BCA689AD3E9DD92C895C16
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 16F24D4DC77DC5F986D1AA58B1C79813
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=sgOi1eOOf8&t=1&renderingType=2&ev=01_247
Frame ID: 1AA45CDE319FF36C3B0F21E4B8A214B9
Requests: 9 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59c90be728a061224b14efc8
Frame ID: A8C5647E8B49F9C949B249F366D42AC1
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16970601419685475928/index.html?e=69&leftOffset=0&topOffset=0&c=2XDIhSTYhY&t=1&renderingType=2&ev=01_247
Frame ID: 534D57F49315FC0CA94B0EF26042F3E3
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=c5kpQVAqrH&t=1&renderingType=2&ev=01_247
Frame ID: F44958817FCDF6055BA8FF0AE9855460
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: 2A991C529946BF7656DE2992F5603956
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=UTESbWjBls&t=1&renderingType=2&ev=01_247
Frame ID: A445DB71C80FDA123F627F88248CF788
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 71BAFDF2DCE65AFA3AA01AF971FC9C58
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2442E7E23D9DCA915D3EFD86EACDC79A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: 7A2D9A1E4B394CA610BF1A8DC81C8FC8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C082C58D64D9F00E45336B22AB6C8735
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 851C89119918D0A1A67FADEEEFF6979F
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 09311DEE49A26DE7CB74D5C3491E31F6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Frame ID: 32D21E7801F53633ECA5B49FA3E06738
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Frame ID: 1796F2F9B941605836F7E5D52715E136
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Frame ID: 9D06D9F9294CD1D89C5DCAD98F033076
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Frame ID: 4E1BA26C0CA03916F865411EA9565446
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 838C05651034121F99BA005632571AD9
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CF8E03B2AA757B6D8A652B8C910DBECC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 11B3DA21753F4EE744A45F16969DA704
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Polri Bicara Waktu Pelaksanaan Autopsi Ulang Jasad Brigadir J

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

346
Requests

92 %
HTTPS

48 %
IPv6

49
Domains

88
Subdomains

76
IPs

11
Countries

3990 kB
Transfer

8546 kB
Size

46
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thevivanetworks.com/
Title: vivanetworks

Search URL Search Domain Scan URL

URL: https://jagodangdut.intipseleb.com/
Title: JagoDangdut

Search URL Search Domain Scan URL

URL: https://www.100kpj.com/
Title: 100KPJ

Search URL Search Domain Scan URL

URL: https://www.intipseleb.com/
Title: IntipSeleb

Search URL Search Domain Scan URL

URL: https://www.vlix.id/
Title: VLIX

Search URL Search Domain Scan URL

URL: https://www.sahijab.com/
Title: Sahijab

Search URL Search Domain Scan URL

URL: https://www.tvonenews.com/
Title: tvOne

Search URL Search Domain Scan URL

URL: https://onepride.net/
Title: One Pride

Search URL Search Domain Scan URL

URL: https://oneprix.id/
Title: Oneprix

Search URL Search Domain Scan URL

URL: https://bandung.viva.co.id/
Title: Bandung

Search URL Search Domain Scan URL

URL: https://olret.viva.co.id/
Title: Olret

Search URL Search Domain Scan URL

URL: https://padang.viva.co.id/
Title: Padang

Search URL Search Domain Scan URL

URL: https://sulawesi.viva.co.id/
Title: Sulawesi

Search URL Search Domain Scan URL

URL: https://gadget.viva.co.id/
Title: Gadget

Search URL Search Domain Scan URL

URL: https://teknodaily.viva.co.id/
Title: Teknodaily

Search URL Search Domain Scan URL

URL: https://malang.viva.co.id/
Title: Malang

Search URL Search Domain Scan URL

URL: https://www.vlix.id/tvone
Title: LIVE

Search URL Search Domain Scan URL

URL: https://sso.thevivanetworks.com/
Title: Profil

Search URL Search Domain Scan URL

URL: https://sso.thevivanetworks.com/edit/profile
Title: Edit Profil

Search URL Search Domain Scan URL

URL: https://sso.thevivanetworks.com/logout?ref=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j
Title: Logout

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Polri%20Bicara%20Waktu%20Pelaksanaan%20Autopsi%20Ulang%20Jasad%20Brigadir%20J%20https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j&text=Polri%20Bicara%20Waktu%20Pelaksanaan%20Autopsi%20Ulang%20Jasad%20Brigadir%20J

Search URL Search Domain Scan URL

URL: https://www.vlix.id/video/news/97014-gak-mau-kalah-taiwan-latihan-militer-bawa-ratusan-prajurit
Title: 

Search URL Search Domain Scan URL

URL: https://www.vlix.id/video/news/97017-pencapaian-pertamina-satu-tahun-kelola-blok-rokan
Title: 

Search URL Search Domain Scan URL

URL: https://www.vlix.id/video/intipseleb/97013-china-lagi-lagi-latihan-militer-dekat-taiwan-bikin-panas
Title: 

Search URL Search Domain Scan URL

URL: https://www.vlix.id/video/intipseleb/97015-nathalie-holscher-tabuh-genderang-perang-sindir-rizky-febian
Title: 

Search URL Search Domain Scan URL

URL: https://www.vlix.id/foto/news/25467-pkb-gerindra-kompak-daftar-peserta-pemilu-ke-kpu-bersama
Title: PKB-Gerindra Kompak Daftar Peserta Pemilu ke KPU Bersama

Search URL Search Domain Scan URL

URL: https://www.vlix.id/foto/news/25466-prabowo-antar-gerindra-daftar-peserta-pemilu-2024-ke-kpu
Title: Prabowo Antar Gerindra Daftar Peserta Pemilu 2024 ke KPU

Search URL Search Domain Scan URL

URL: https://www.intipseleb.com/lokal/39079-terhenti-2-tahun-imbas-pandemi-jakarta-melayu-festival-kembali-hadir

Search URL Search Domain Scan URL

URL: https://www.intipseleb.com/?utm_source=viva.co.id&utm_medium=viva.co.id-aggregate&utm_campaign=viva.co.id-aggregator
Title: IntipSeleb

Search URL Search Domain Scan URL

URL: https://www.intipseleb.com/arsip/39034-monas

Search URL Search Domain Scan URL

URL: https://www.intipseleb.com/lokal/39068-6-potret-millen-cyrus-dengan-para-lelaki-yang-dikira-pasangannya

Search URL Search Domain Scan URL

URL: https://jagodangdut.intipseleb.com/artikel/26098-aksi-luna-maya-jadi-pramugari-dadakan-bikin-kaget-penumpang

Search URL Search Domain Scan URL

URL: https://www.jagodangdut.com/?utm_source=viva.co.id&utm_medium=viva.co.id-aggregate&utm_campaign=viva.co.id-aggregator
Title: JagoDangdut

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vivacoid

Search URL Search Domain Scan URL

URL: https://twitter.com/VIVAcoid

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vivacoid/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/VIVAcoid

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://sb.scorecardresearch.com/c2/8429568/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 63

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.viva.co.id%2F&domain=www.viva.co.id&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=YNGuEHxsN05MOGFIYmpLUXVJWlJadHQ0eitKeklEOE1aSzczWlkwVS9pVldaVnhTRWsxR0Y0ZVVNUCtoc3ViQ2NWZnVDeXJXWVlFMlV5UHh6SVpJWGlLL01zT09GdmY4Y2dndkhqQVY1a3FoNzJ6d2Z6cEx5MTc2VFlXNDlmeU1pemphem4zYkhldlRmNU02ejFtUFB0TUhWWXppVzNqem1zNzlWV1pFNXp4d00yVjhQYjFwTUtSNXBqSUZKMHZRbm5jdjlMVFFBNE1QNkxHUHZxdnJPRGZpdVA2Y05MN0FhU3pIN0xSR1NlTjZtY3RzPXw&cppv=2

Request Chain 94

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 99

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YvJcbIARC4WgLdt5YaNFkgAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YvJcbIARC4WgLdt5YaNFkgAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBWLPGH0jIFBvFvracYvcaE&google_cver=1&gdpr=1

Request Chain 101

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvJcbIARC4WgLdt5YaNFkgAABIwAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvJcbIARC4WgLdt5YaNFkgAABIwAAAAB&dcc=t

Request Chain 103

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1660136941&gdpr=1

Request Chain 106

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

Request Chain 131

https://pixel.adsafeprotected.com/rfw/st/1083870/64162793/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_placementId=17611748104&bidurl=https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ioUSQA-D3Wmx9CYPeKGWdr HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWLPGH0jIFBvFvracYvcaE&google_cver=1

Request Chain 157

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvJcbIARC4WgLdt5YaNFkgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWLPGH0jIFBvFvracYvcaE&google_cver=1

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB4d2XN44gZtU4JFmsUOxn4&google_cver=1

Request Chain 159

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI2NzY4NzQwMjA4OTUyODQ5OA%3D%3D

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPC8hvoYQo3owrV6ubxemxs&google_cver=1

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEM3sfz9RrW97Ev3IKdw3ac8&google_cver=1

Request Chain 191

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCL57XsHBCABBiAATIIgoSA_Oqki0U HTTP 301
https://tpc.googlesyndication.com/simgad/7103612115487317334

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBVveeA6mUhSpAC_DBiANcw&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBVveeA6mUhSpAC_DBiANcw&google_cver=1&__user_check__=1&sync_id=70bdffa1-17e4-11ed-bbcd-124172220506

Request Chain 199

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=70b820c4-17e4-11ed-a2be-14bc9e680306 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzBiZGZmMzQtMTdlNC0xMWVkLWJiY2QtMTI0MTcyMjIwNTA2

Request Chain 200

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tT2RvOVNaRTJ1SGJ5TnpLNnI1cWROY1VGeFB2alhvLn5B

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJHv6STuC3rEGEyVbNOKbJE&google_cver=1

Request Chain 214

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=339616878&d_campaign=28017826&d_bust=1176998419&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=339616878&d_campaign=28017826&d_bust=1176998419&gdpr=&gdpr_consent=

Request Chain 224

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 331

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7133369451404983512&uid=Q7133369451404983512&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 333

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=05e3d5c7-5b7c-427b-b29c-37b5d3785a64&expiration=1691586545

Request Chain 343

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7515551589395905908

Request Chain 344

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YvJccgAFKfypkwAK HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvJccgAFKfypkwAK&gdpr=1&_test=YvJccgAFKfypkwAK

Request Chain 345

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=073362f2-5c72-4100-a91e-c7848ba6ffe3&gdpr=1&gdpr_consent=

Request Chain 347

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

Request Chain 348

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=0mqyIdE74yHJbrclgW35KodstyLJb-Qrgm1uj0yQ

346 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j Show response
www.viva.co.id/berita/nasional/ 135 KB
27 KB 597ms
498ms Document
text/html 2600:9000:214f:e600:18:d576:df80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:e600:18:d576:df80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8da1c86cece1ee47fbd06909f849d756ca6fd365ad8f25d4c18763afa609689f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60, public
cache-tag: 1500649
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 13:08:58 GMT
expires: Tue, 09 Aug 2022 13:09:58 GMT
last-modified: Tue, 09 Aug 2022 13:08:58 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding,Accept-Encoding,User-Agent
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
viewtype: Desktop
vivabuild: appcode=new-web
x-amz-cf-id: o9xBy-wyDX0SYXzUUUVgHNtPwLXMCUxSsrtmVKUCPTBjwsHA7QKzLA==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
public.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 20 KB
20 KB 175ms
18ms Font
binary/octet-stream 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3_-gs51os.woff2?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.viva.co.id/
Origin: https://www.viva.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1219247
cf-ray: 7380b939e862bb9b-FRA
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20348
x-amz-id-2: DJGSqmPEVmUPniUzJEKomQRF3iwCjkKS8dkmte1N/BxpCOPh+JMBt2WqXc1XIcNsjDnftdR4OBM=
last-modified: Tue, 07 Dec 2021 06:21:04 GMT
server: cloudflare
etag: "9c43f43c6a98e7a4c8f27827ff455c9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-request-id: 97NPK320D54VP145
access-control-allow-origin: https://www.viva.co.id
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
content-type: binary/octet-stream

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
public.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 21 KB
21 KB 173ms
17ms Font
binary/octet-stream 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3t-4s51os.woff2?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.viva.co.id/
Origin: https://www.viva.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1219472
cf-ray: 7380b939e863bb9b-FRA
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21080
x-amz-id-2: XzMOk8fineODJXE7u5JBBnwyeCEgG6NzAVaZtKn+gRBs0Jrjf5FUWEAD3mrJSXHEabPSmUnkSEo=
last-modified: Tue, 07 Dec 2021 06:21:03 GMT
server: cloudflare
etag: "fa61eccc5d911d604a8739a7c9dc8bcb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-request-id: 97NT3AYW5A1ZJV0T
access-control-allow-origin: https://www.viva.co.id
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
content-type: binary/octet-stream

GET
H2 200 7cHqv4kjgoGqM7E3j-ws51os.woff2
public.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 20 KB
21 KB 172ms
16ms Font
binary/octet-stream 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3j-ws51os.woff2?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff393d6091ca6df956a189411d7f152ec4957f71b09ab2a0ae3d6089c7a5ce16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.viva.co.id/
Origin: https://www.viva.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1220028
cf-ray: 7380b939e865bb9b-FRA
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20940
x-amz-id-2: 07gQt0O/4EXJzPliCDGlvz+BG4T7YfuuqmP6ljU62mqIGzNjwygHhOFr/KS0FHv6AofPiYon0XY=
last-modified: Tue, 07 Dec 2021 06:21:03 GMT
server: cloudflare
etag: "03ccd4a420f4073d168c890d0dd8d08a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-request-id: 97NKQBXECJY7J469
access-control-allow-origin: https://www.viva.co.id
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
content-type: binary/octet-stream

GET
H2 200 logo.webp
public.viva.co.id/asset-viva/responsive-web/img/ 5 KB
5 KB 19ms
16ms Image
binary/octet-stream 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public.viva.co.id/asset-viva/responsive-web/img/logo.webp?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8d673259d0bfc678aacef4e63f8ea06ec4b8694faa22927ec51e4a79ee5976c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1218343
cf-ray: 7380b93a3d54bb83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4804
x-amz-id-2: QYKLrmRyLAGd7YaShBJW1o6rp2uWdSikgzErq7icooRMXYfxLPR3ZvvSm4tQYxuApSqNA9g1n2I=
last-modified: Tue, 07 Dec 2021 06:21:06 GMT
server: cloudflare
etag: "542e5572341fd127c13b9c4d4bcc362f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6C124P7JCD08P5BY
cache-control: max-age=31536000
accept-ranges: bytes
content-type: binary/octet-stream

GET
H2 200 rancak.css
public.viva.co.id/asset-viva/responsive-web/css/ 9 KB
3 KB 188ms
33ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/rancak.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2754ea4be826ac173d67f7a3bdde928f64a4b1ad7cea6074313fd148164e130f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1220027
cf-polished: origSize=10103
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NRJ2Z2R9YX9VZY
x-amz-id-2: mlv3rxOI8qE1DL9SZaSD2Pav9tW7fuhBmr8J4ItAZ5wcHtJ9Lh0A2wFYaNOYUV+HaUMJrt48y9E=
last-modified: Fri, 08 Apr 2022 05:22:24 GMT
server: cloudflare
etag: W/"56b4c5ac2104d28efa729e864a2745b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b939ecedbb83-FRA
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 02:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 02:17:13 GMT

GET
H2 200 detail.css
public.viva.co.id/asset-viva/responsive-web/css/ 5 KB
2 KB 187ms
32ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/detail.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c405bcd8f92036855018ea498b39743853763006f991c0c152d92029c38ba827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219697
cf-polished: origSize=5263
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NH74XN7SYSJ6W6
x-amz-id-2: MK53XI5F+3B68RrF42JQJ9gPUQhxUcDZGYtjeHn7MIv5To685rw1duy1EJihpnhghBOhUGkFcjs=
last-modified: Fri, 22 Jul 2022 08:50:07 GMT
server: cloudflare
etag: W/"351f6cea159b8bc4f063f845816d578e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b939ecf1bb83-FRA
cf-bgj: minify

GET
H2 200 629ae1b5f0f33-kadiv-humas-polri-irjen-dedi-prasetyo_375_211.jpg
thumb.viva.co.id/media/frontend/thumbs3/2022/06/04/ 16 KB
16 KB 234ms
218ms Image
image/webp 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2022/06/04/629ae1b5f0f33-kadiv-humas-polri-irjen-dedi-prasetyo_375_211.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb18c3b3a0a27087792102ed11ebf664ae6fff2591c2a66068045fe2a93d117

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
vary: Accept
cf-cache-status: HIT
x-amz-request-id: VJ6RQNRQ3RVAKXA3
cf-polished: qual=85, origFmt=jpeg, origSize=25198
content-disposition: inline; filename="629ae1b5f0f33-kadiv-humas-polri-irjen-dedi-prasetyo_375_211.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15886
x-amz-id-2: WOksV47+ano/j9HGvM1UaZwosFn1EeP3MyCs821N9yEkqtQXIKNmAPwLkeg/bg63ou0XIaV45xA=
last-modified: Sat, 04 Jun 2022 04:38:16 GMT
server: cloudflare
etag: "bd2d3e8314667ac902285817861dcef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7380b93a4d78bb83-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 viva_analytics.js Show response
public.viva.co.id/asset-viva/responsive-web/js/ 1 KB
879 B 179ms
25ms Script
application/javascript 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/js/viva_analytics.js?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99f9762cd613e0d36e9bb53f8c51d5e4c5393d3452e34e9dd532348fe3489475

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219246
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6C15C2YXSM3BCZND
x-amz-id-2: zoIG8P+B4wG9g1TuL28A+GgYdIMQdHzK4hN+sQGDAuG5ka7r7te/4nnb2SYDu2Qne14Nx+k4LLk=
last-modified: Tue, 07 Dec 2021 06:21:30 GMT
server: cloudflare
etag: W/"f9e8ced65fbe8d7245f1f03a52278625"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7380b939ecf4bb83-FRA
cf-bgj: minify

GET
H2 200 uuid.js Show response
public.viva.co.id/asset-viva/responsive-web/js/ 4 KB
2 KB 181ms
27ms Script
application/javascript 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/js/uuid.js?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a88ea7c27c4e99a4114c3a490bc1c59c51f7ccb6a8a5f13c37d35005b7af2a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1220028
cf-polished: origSize=7584
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NY7852SGZNBX9J
x-amz-id-2: hiStnduxnSASK1NjerClOTAWRfeEoGMAX7inWcTJSackz/V0oXwFgrNB03dq8KbFuOCUReKefRs=
last-modified: Tue, 07 Dec 2021 06:21:30 GMT
server: cloudflare
etag: W/"7db2d23cd7b8f7377efa277f63a78cd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7380b939ecf5bb83-FRA
cf-bgj: minify

GET
H2 200 rancak-desktop.css
public.viva.co.id/asset-viva/responsive-web/css/ 4 KB
2 KB 174ms
20ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/rancak-desktop.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

727711e56af2bae60b9f1c96a71d7a1b806e0f3d887e29374f010edcc44a975b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1220025
cf-polished: origSize=3939
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NGD94DYSNV0REE
x-amz-id-2: PUMk7+EFlhVFbdGNUPi3i6+vPCfzc/8/n2iM2Eb7YZ3ktT7YeanKhg0SveUxrNFNruYjlcrkX28=
last-modified: Wed, 06 Jul 2022 12:45:02 GMT
server: cloudflare
etag: W/"7ccad598971149a422fe9ef5bbcece43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b939ecf2bb83-FRA
cf-bgj: minify

GET
H2 200 icon-profile-small.jpg
public.viva.co.id/asset-viva/responsive-web/img/ 270 B
748 B 24ms
22ms Image
image/webp 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public.viva.co.id/asset-viva/responsive-web/img/icon-profile-small.jpg?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8825e6c38403c234f6228f6cbeb88c276f0e62cbab1900d044cb8f5c2d0472b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
vary: Accept
cf-cache-status: HIT
age: 1217749
cf-polished: qual=85, origFmt=jpeg, origSize=596
cf-ray: 7380b93a3d58bb83-FRA
content-disposition: inline; filename="icon-profile-small.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 270
x-amz-id-2: nCHlzTQxVDu0hUulzHV+ff2iyuVvs3zBMgisp7r9ngQrW/M/Zv3+Fwj0L1U4cB80ErDSRwaYEeE=
last-modified: Tue, 07 Dec 2021 06:21:18 GMT
server: cloudflare
etag: "5c3ff561dbcd90411fb36c440373976b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 20SEPS2F2APRNH7K
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 629ae1b5f0f33-kadiv-humas-polri-irjen-dedi-prasetyo_1265_711.jpg
thumb.viva.co.id/media/frontend/thumbs3/2022/06/04/ 70 KB
70 KB 426ms
411ms Image
image/webp 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2022/06/04/629ae1b5f0f33-kadiv-humas-polri-irjen-dedi-prasetyo_1265_711.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8aecaf0910df9ab7bb964aad82d5baece1ef8e73339f0c47d810fa82ac6b9a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
vary: Accept
cf-cache-status: HIT
x-amz-request-id: TN78PNGH44N3XTFD
cf-polished: qual=85, origFmt=jpeg, origSize=145212
content-disposition: inline; filename="629ae1b5f0f33-kadiv-humas-polri-irjen-dedi-prasetyo_1265_711.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71746
x-amz-id-2: ejMsasbnMfVl7Xasqhb4Q3n3CrDUoEQnOdwHqEhVmoxw8NnSxmL8cVkLyYwdmVLLukIY1sxNKo0=
last-modified: Sat, 04 Jun 2022 04:38:16 GMT
server: cloudflare
etag: "97259c09d80f1651adf7b2babf80045a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7380b93a4d76bb83-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
67 KB 191ms
25ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KPDQW3

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4edd1d4becaa5835f632c8ed70af24ae3d974e85ce293da7abb7748b37597c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68459
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Aug 2022 13:08:58 GMT

GET
H2 200 lazysizes.min.js Show response
public.viva.co.id/asset-viva/responsive-web/js/ 8 KB
4 KB 19ms
17ms Script
application/javascript 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/js/lazysizes.min.js?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9b0999f439d6fc07e37171f45a1cef5a75c419dcfcc28321ec6f2ce12011b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219695
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NM799HRM1R7S62
x-amz-id-2: CGSGdpwTzRE8jpliWVaLx/g9jMvQhSlPzMxL34/5foxoGNhx8W/oceeZvtHRoqTAFVg9t1timHw=
last-modified: Tue, 07 Dec 2021 06:21:27 GMT
server: cloudflare
etag: W/"47032768eb4c255dbf0a3f78ef5c6865"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7380b93a3d5abb83-FRA

GET
H2 200 cook.php Show response
sso.thevivanetworks.com/ 236 B
822 B 839ms
669ms Script
application/javascript 2606:4700:3035::ac43:87f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.thevivanetworks.com/cook.php

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:87f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbf0af2030686af9c2b66c8db72742c57530aae9b91b7ae8e3700a24e32578b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
date: Tue, 09 Aug 2022 13:08:59 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9cQ8rhcO6xyzoDvak3WQMwPSZ1IixBzvjrSGEF5xB%2BOLQgR8adGtceCUwWXdfCtCi%2FbN92f%2BpoAqRY3WBvKhZv9aDApjOvMCHXy31qjisASttVdi71WApmtreyOa96QR1I0ZkNGlY6R6PgWkNlk1gI%2BAYkrRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7380b93b3d995be5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 viva-app.js Show response
public.viva.co.id/asset-viva/responsive-web/js/ 2 KB
724 B 27ms
23ms Script
application/javascript 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/js/viva-app.js?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84714fb67f035a8801213a5623d70a6b8ff162d57b8649f21711e40456594422

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219404
cf-polished: origSize=2398
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NRCZN9H38C9HYF
x-amz-id-2: lBlalVSD45oTQS4bejikpO0uGNl4ISP6d+JHIULI04DcgzZ9ahny6BS9kPcOoz4EiGyH7I3O9V8=
last-modified: Thu, 03 Feb 2022 09:13:32 GMT
server: cloudflare
etag: W/"f25de4984ce3e965a71b66f4088b83b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7380b93a2d51bb83-FRA
cf-bgj: minify

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/4.1.3/ 18 KB
19 KB 176ms
9ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.1.3/firebase-app.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd9e672799f3e908f9ae536c42eabb6b4300c935f5d80bed2a5a77509918578f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 08:56:15 GMT
x-content-type-options: nosniff
age: 15163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18368
x-xss-protection: 0
last-modified: Wed, 21 Jun 2017 23:01:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 08:56:15 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/4.1.3/ 25 KB
7 KB 177ms
11ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.1.3/firebase-messaging.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d1282f3fab624b88c76dc91d5057a5938b37c504e2f08bde57db6e72ef7b249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6732
x-xss-protection: 0
last-modified: Wed, 21 Jun 2017 23:01:38 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 07:21:54 GMT

GET
H2 200 configpush.js Show response
public.viva.co.id/asset-viva/responsive-web/js/ 4 KB
2 KB 23ms
20ms Script
application/javascript 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/js/configpush.js?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c47430da76da0209f1165ec842295831babdcf9ede29c951b01016dd846cba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1218343
cf-polished: origSize=5428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6C12EWMFQK12J9KC
x-amz-id-2: vqEgjRrIoqJkeFwfacNPvQd8fAt1GwnpmtODP3x5qqoparMfPX0HrVBvChUL1pIFfIEIOunIm9s=
last-modified: Tue, 07 Dec 2021 06:21:47 GMT
server: cloudflare
etag: W/"85ba95df2baeff16cdd7bbee91fdb3e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7380b93a2d53bb83-FRA
cf-bgj: minify

GET
H2 200 YToyOntzOjU6InRva2VuIjtzOjQ6InRvcmkiO3M6MjoiaWQiO3M6NzoiMTUwMDY0OSI7fQ== Show response
hitlog.viva.co.id/hit/article/ 14 B
212 B 637ms
206ms XHR
application/json 18.140.153.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hitlog.viva.co.id/hit/article/YToyOntzOjU6InRva2VuIjtzOjQ6InRvcmkiO3M6MjoiaWQiO3M6NzoiMTUwMDY0OSI7fQ==
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.140.153.200 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-153-200.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: 615424e847264fd984685b881aa14b995a5f0ffcfb84ce22acc9da2fc54f1ffa

Request headers

Accept: */*
Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Aug 2022 13:08:59 GMT
server: nginx/1.14.0
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
etag: W/"e-Fq+8t9cMJvqeGAMYqZoCzuU5aBg"
content-length: 14
content-type: application/json; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 172ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 418
date: Tue, 09 Aug 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Aug 2022 15:02:00 GMT

GET
H2 200 widget-vlix.css
public.viva.co.id/asset-viva/responsive-web/css/ 1 KB
693 B 24ms
20ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/widget-vlix.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b7e453f56b14780317e486bfe8714241b2b58cc97274a319ceaee663911b88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1220004
cf-polished: origSize=1214
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NP7KV3BRKNPP3C
x-amz-id-2: Lklh+BhdRSggDFXWbkYzUFyMejPrNa/gUR9snKi3qhQktwARzFEZNZnk0Dsj2lEAEYB2pRC4Lcs=
last-modified: Tue, 07 Dec 2021 06:21:45 GMT
server: cloudflare
etag: W/"51ce3f8c741195fbec794d925dbd4d4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee61bb83-FRA
cf-bgj: minify

GET
H2 200 footer-style.css
public.viva.co.id/asset-viva/responsive-web/css/ 2 KB
970 B 26ms
22ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/footer-style.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a82ed499909e2232b1bdc3807b4d81bb6497115338abc33d60472c8f0f7bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219435
cf-polished: origSize=1617
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7RY7MKFFTRGP5PAS
x-amz-id-2: 6/Qv9Mb65ZMGeppAWOl/iw6rvWJoXqhFwk+VqeDlEQg/LTD2rmHZkIqZTz6atiZfwBIzwx6pwoE=
last-modified: Mon, 21 Feb 2022 06:40:53 GMT
server: cloudflare
etag: W/"84961aa316f0135475777d4b740066b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee65bb83-FRA
cf-bgj: minify

GET
H2 200 color-light.css
public.viva.co.id/asset-viva/responsive-web/css/ 3 KB
1 KB 20ms
16ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/color-light.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b00b23df1ba3482972e5ac3fdc7da3a84030bd46d7b1b3e6a36d57bcb0fb8d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219435
cf-polished: origSize=3020
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NMHVYSMYSBNA8C
x-amz-id-2: RnHdWzRwEkGAQnDNCGFkmLJ3NmboxjwFqvVXiy9m8oJZVMMDRNzimuyLhv2Rfx26Y+9JAjQjpE8=
last-modified: Fri, 24 Dec 2021 04:09:40 GMT
server: cloudflare
etag: W/"667bb11dad027b73278c0fbc42887af0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee68bb83-FRA
cf-bgj: minify

GET
H2 200 color-light-desktop.css
public.viva.co.id/asset-viva/responsive-web/css/ 295 B
401 B 28ms
24ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/color-light-desktop.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82abce0fe71054b83fd78d28aeea185d5423e823a6a3c556daed054ffa8ec0d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219671
cf-polished: origSize=369
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NN76NXQRECXYST
x-amz-id-2: U8WFaoHqYmDx1dur5VMVA7XB/5lynmTcmslP0pDFaqhD+j1rX4QEQ/jrFvHATscFULFvw7/8QgU=
last-modified: Tue, 07 Dec 2021 06:21:53 GMT
server: cloudflare
etag: W/"4a5462535cb2599ca7951382de96a50c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee6cbb83-FRA
cf-bgj: minify

GET
H2 200 color-dark.css
public.viva.co.id/asset-viva/responsive-web/css/ 3 KB
1 KB 24ms
21ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/color-dark.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e521500863df6e0d7720de7fbc7f19d2ca5c38ecabf84c89d3e2401b10ac994

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219435
cf-polished: origSize=3324
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JGN1QQ8079EBXWHC
x-amz-id-2: xaRd0cvbhrKXlLfs2JeAgEueMqjYPQhgL8pOqidl+urYbNukffWM0Dcjq5ANFAvPvfmtkunLb9s=
last-modified: Fri, 24 Dec 2021 04:09:41 GMT
server: cloudflare
etag: W/"0e7847c3a7227807c7214603370eefd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee6dbb83-FRA
cf-bgj: minify

GET
H2 200 color-dark-desktop.css
public.viva.co.id/asset-viva/responsive-web/css/ 353 B
404 B 22ms
18ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/color-dark-desktop.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dd2c416c3dfcdc1f48962dfd1310e72467d51990916eaf20ef26297106b685f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1220003
cf-polished: origSize=408
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NSN3T0266XP5EK
x-amz-id-2: jsZTG96BPQHq3LgnAkMY6lY4LYWg1rfvp/cLZjFs80/u2lWJR6+o2idNwMP+HvIBj2oW5AmR8oo=
last-modified: Fri, 22 Jul 2022 08:50:08 GMT
server: cloudflare
etag: W/"d826c444c75e3ea4e0fc1677ceaf5e2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee6ebb83-FRA
cf-bgj: minify

GET
H2 200 hold.css
public.viva.co.id/asset-viva/responsive-web/css/ 14 KB
4 KB 26ms
23ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/hold.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3789e705e8d28714755ed298479b5711dab64746d48231eeb638be4ba7d0b1f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1220004
cf-polished: origSize=15423
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NWPNSRXQXSTY82
x-amz-id-2: oz56WuYlk+8VbD8d7fCiWfGE8ubJczyerSUgoiuGvIyoR9FUlap8mhdfzcgSOe8lgNfE+jkdNAU=
last-modified: Tue, 14 Jun 2022 15:30:50 GMT
server: cloudflare
etag: W/"7cdbda22b024506860166864247536fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee70bb83-FRA
cf-bgj: minify

GET
H2 200 hold-mobile.css
public.viva.co.id/asset-viva/responsive-web/css/ 3 KB
1 KB 44ms
41ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/hold-mobile.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

766550f9e927fbfb19c49aced320ac65894807ddfb8956dbcc61ed3b5d3800c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219672
cf-polished: origSize=3327
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NP7B8EPMPBM2PF
x-amz-id-2: A57CC0KZ0VYynpqGi0XxZsFKYmpQE5DOZoF/l/n7V2GCX79SVqC/EV8im8kXtLjakwr5jkJ+ajU=
last-modified: Mon, 06 Jun 2022 14:14:01 GMT
server: cloudflare
etag: W/"dc818b3b739643f281fb79eafc572669"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93afe86bb83-FRA
cf-bgj: minify

GET
H2 200 hold-desktop.css
public.viva.co.id/asset-viva/responsive-web/css/ 2 KB
907 B 20ms
17ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/hold-desktop.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddbead4c3777bf55f3c9b842f5ab629388e31a5f15c7e63ed14604e5b431fff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219671
cf-polished: origSize=2437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NYE1E65ATGKDR8
x-amz-id-2: 6xzHSC6JC2iXuJpd0EUYlRgiA47Si2ldlOeyyJqPnZxA+0+L2OzmYft64d4ZzxZ98DL/iDv/50A=
last-modified: Wed, 22 Dec 2021 03:29:35 GMT
server: cloudflare
etag: W/"be849b7a6c6f2ebb0f2b985115c7f539"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee72bb83-FRA
cf-bgj: minify

GET
H2 200 iosfix.css
public.viva.co.id/asset-viva/responsive-web/css/ 151 B
314 B 31ms
29ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/iosfix.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6cf6d5639ffcd747e54049ad4bdcca846425e4def6279d2f012c497b2bc2521

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219456
cf-polished: origSize=186
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NV2Z2HFGDJK488
x-amz-id-2: cLy9Ircv0khoOuQyRuT8ahI5BqauiPPyOnIbvC+joLAZjlWqh9co9EeiocLC+NdteHYAdwSGRkU=
last-modified: Tue, 07 Dec 2021 06:21:35 GMT
server: cloudflare
etag: W/"d6776b612dc548f473c7127c4aecf5e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee73bb83-FRA
cf-bgj: minify

GET
H2 200 popinfix.css
public.viva.co.id/asset-viva/responsive-web/iklan/css/ 2 KB
890 B 28ms
25ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/iklan/css/popinfix.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73a69cf2a641205f7113f570db28ad9c33d2e517fa9a0f37cca7d8c46ad3e8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219435
cf-polished: origSize=2429
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NQDYG2HGX2C83A
x-amz-id-2: d1K6JCb4d6HrwYjwV7SmZNL2shW3vEKL6wa8Hp50TkF3g+Cdn4UTZAK6rF8AZbfRNMC4WlJW8mQ=
last-modified: Fri, 08 Jul 2022 11:43:45 GMT
server: cloudflare
etag: W/"f6eec46b97eddcfca9c7fcf4c7baf3f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee76bb83-FRA
cf-bgj: minify

GET
H2 200 macawfix.css
public.viva.co.id/asset-viva/responsive-web/iklan/css/ 303 B
364 B 30ms
28ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/iklan/css/macawfix.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae5f2df856109a86820c1a9a5599f89ea22884b247fd8bcaa46a53e30c624fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1220003
cf-polished: origSize=325
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NTSQ6GQ5Y8DTHG
x-amz-id-2: dDx9WWxft99P/grgMjBDHYpvonpLeozi4sfsRLeLsMOGYr8BBtFyZIlx+aXnxB75A5GQ6OP1P3I=
last-modified: Fri, 08 Jul 2022 11:43:44 GMT
server: cloudflare
etag: W/"312d657b8c7cc29a25fdc196052bf098"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee77bb83-FRA
cf-bgj: minify

GET
H2 200 freakoutfix.css
public.viva.co.id/asset-viva/responsive-web/iklan/css/ 656 B
675 B 32ms
29ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/iklan/css/freakoutfix.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24affc17276fd2ddc409767414d0e21558be763f5ffa5fd112e261bc3323caaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219435
cf-polished: origSize=716
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NP45HVE87MT3XT
x-amz-id-2: lektmrW3FIC4qmz77brGkvTh/Jd2lxtcU2FPOjz+En9hdm+sSDwIIlrwgw4F6mabC5m/pUgmrBw=
last-modified: Fri, 08 Jul 2022 11:43:43 GMT
server: cloudflare
etag: W/"b0a6a8a8122a0b77d0d40667adcb5c7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee78bb83-FRA
cf-bgj: minify

GET
H2 200 partner.css
public.viva.co.id/asset-viva/responsive-web/css/ 2 KB
652 B 28ms
26ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/partner.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

388bf997e8dd4892f6050913eeb084d6d89fd183da52e41b01b25ddd44ea07d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219435
cf-polished: origSize=1734
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97NVG78ZS7BJ5DER
x-amz-id-2: 9e9HsiTmn2uWdk5O2LxpdCpvM8srud+JVhiQ4rOdNQ3aVZ9Is5Jpm1iLEAgV650Xjm1uDtwqKcM=
last-modified: Tue, 07 Dec 2021 06:21:35 GMT
server: cloudflare
etag: W/"618fa34244cceca4d4cbf97b49e34cef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee79bb83-FRA
cf-bgj: minify

GET
H2 200 fontawesome5.css
public.viva.co.id/asset-viva/responsive-web/css/ 2 KB
576 B 26ms
24ms Stylesheet
text/css 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/css/fontawesome5.css?v=1.1.41

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc5e335fe3571dbab8bca01a367f3876191db95264692139b626c80bff6dc39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219456
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JGNE4ZZHJFSV0P0M
x-amz-id-2: M8ErUrnlHs/+lydUiEA7O5Rr1jSamYiTGj1o9WUMfbIsF698zhFqncMEz1vmqS/jy49vyRx5Hc8=
last-modified: Tue, 07 Dec 2021 06:21:54 GMT
server: cloudflare
etag: W/"3050975f10471abc705a8ad6893f65bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7380b93aee7abb83-FRA
cf-bgj: minify

GET
H3 200 fa-solid-900.woff2
public.viva.co.id/asset-viva/responsive-web/fonts/awesome5/ 78 KB
79 KB 44ms
23ms Font
binary/octet-stream 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://public.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff2

Requested by

Host: public.viva.co.id
URL: https://public.viva.co.id/asset-viva/responsive-web/css/fontawesome5.css?v=1.1.41

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://public.viva.co.id/asset-viva/responsive-web/css/fontawesome5.css?v=1.1.41
Origin: https://www.viva.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:58 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 90995
cf-ray: 7380b93b5ef69164-FRA
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80300
x-amz-id-2: Mutf+FinHHjtX/PGPdQNslwa+Fhu0/m6oovMKMAUzM88Umt8rLBAEge/Ab4U/ldbb/I/pWj49sU=
last-modified: Tue, 07 Dec 2021 06:21:02 GMT
server: cloudflare
etag: "8e1ed89b6ccb8ce41faf5cb672677105"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-request-id: PANZ5T9QVXG7RN2W
access-control-allow-origin: https://www.viva.co.id
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
content-type: binary/octet-stream

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 33ms
16ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=198806249&t=pageview&_s=1&dl=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j&ul=en-us&de=UTF-8&dt=Polri%20Bicara%20Waktu%20Pelaksanaan%20Autopsi%20Ulang%20Jasad%20Brigadir%20J&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=442299631&gjid=406748691&cid=498688345.1660050539&tid=UA-31106891-1&_gid=1659064428.1660050539&_r=1&_slc=1&cd2=1500649&cd3=Polri%20Bicara%20Waktu%20Pelaksanaan%20Autopsi%20Ulang%20Jasad%20Brigadir%20J&cd4=2022-07-22%2013%3A02%3A52&cd5=Bayu%20Nugraha%2C%20Ahmad%20Farhan%20Faris&cd6=brigadir-j%20autopsi%20polri%20ekshumasi%20viva-nasional&cd7=https%3A%2F%2Fwww.viva.co.id%2Fberita&cd8=2a01%3A4a0%3A2b%3A%3A8&cd9=233bb974-6137-44a0-87ea-9408b4b5d9ac%3A-&cd10=233bb974-6137-44a0-87ea-9408b4b5d9ac%3A-%26id%3D1500649%26tag%3Dbrigadir-j%20autopsi%20polri%20ekshumasi%20viva-nasional%26channel_id%3D5%26date_access_user%3D2022-08-09%2020%3A08%3A58&z=1408845661

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:08:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
9ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=198806249&t=event&_s=2&dl=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j&ul=en-us&de=UTF-8&dt=Polri%20Bicara%20Waktu%20Pelaksanaan%20Autopsi%20Ulang%20Jasad%20Brigadir%20J&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Article&ea=read&el=233bb974-6137-44a0-87ea-9408b4b5d9ac%3A-%26id%3D1500649%26tag%3Dbrigadir-j%20autopsi%20polri%20ekshumasi%20viva-nasional%26channel_id%3D5%26date_access_user%3D2022-08-09%2020%3A08%3A58&_u=YEBAAAABAAAAAC~&jid=&gjid=&cid=498688345.1660050539&tid=UA-31106891-1&_gid=1659064428.1660050539&cd2=1500649&cd3=Polri%20Bicara%20Waktu%20Pelaksanaan%20Autopsi%20Ulang%20Jasad%20Brigadir%20J&cd4=2022-07-22%2013%3A02%3A52&cd5=Bayu%20Nugraha%2C%20Ahmad%20Farhan%20Faris&cd6=brigadir-j%20autopsi%20polri%20ekshumasi%20viva-nasional&cd7=https%3A%2F%2Fwww.viva.co.id%2Fberita&cd8=2a01%3A4a0%3A2b%3A%3A8&cd9=233bb974-6137-44a0-87ea-9408b4b5d9ac%3A-&cd10=233bb974-6137-44a0-87ea-9408b4b5d9ac%3A-%26id%3D1500649%26tag%3Dbrigadir-j%20autopsi%20polri%20ekshumasi%20viva-nasional%26channel_id%3D5%26date_access_user%3D2022-08-09%2020%3A08%3A58&z=1744369759

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Aug 2022 13:27:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85295
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
72 KB 44ms
24ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YFFX5TN9EH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KPDQW3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9198fbbbaca75f4e78447e8e5b6990797c9523d5ed46989bdd6da7918f44daae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73924
x-xss-protection: 0
expires: Tue, 09 Aug 2022 13:08:59 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
532 B 67ms
15ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.viva.co.id
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
189 B 40ms
8ms Image
text/plain 99.86.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=8429568&ns__t=1660050538998&ns_c=UTF-8&c8=Polri%20Bicara%20Waktu%20Pelaksanaan%20Autopsi%20Ulang%20Jasad%20Brigadir%20J&c7=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j&c9=
Requested by: Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-3.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: CiAh_uEeN-H61JSfiqXicDNJLzGAfwLrDc0dZ9FQjVK5bnbbQH0m2w==
x-cache: Miss from cloudfront

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 62ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-31106891-1&cid=498688345.1660050539&jid=442299631&gjid=406748691&_gid=1659064428.1660050539&_u=YEBAAAAAAAAAAC~&z=1587698873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 09 Aug 2022 13:08:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
461 B 62ms
15ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.viva.co.id
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
347 B 52ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YFFX5TN9EH&gtm=2oe880&_p=198806249&_gaz=1&cid=498688345.1660050539&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660050539&sct=1&seg=0&dl=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j&dt=Polri%20Bicara%20Waktu%20Pelaksanaan%20Autopsi%20Ulang%20Jasad%20Brigadir%20J&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YFFX5TN9EH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:08:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 62ms
22ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YFFX5TN9EH&cid=498688345.1660050539&gtm=2oe880&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YFFX5TN9EH&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:08:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 88ms
53ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YFFX5TN9EH&cid=498688345.1660050539&gtm=2oe880&aip=1&z=1731970229

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:08:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 81ms
47ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31106891-1&cid=498688345.1660050539&jid=442299631&_u=YEBAAAAAAAAAAC~&z=1319209232

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:08:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 66ms
32ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31106891-1&cid=498688345.1660050539&jid=442299631&_u=YEBAAAAAAAAAAC~&z=1319209232

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:08:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 34ms
22ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-85211792-1&cid=498688345.1660050539&jid=1244638443&gjid=400609398&_gid=1659064428.1660050539&_u=aGDAgAABAAQCAG~&z=1619806586

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 09 Aug 2022 13:08:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
10ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=198806249&t=pageview&_s=1&dl=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j&ul=en-us&de=UTF-8&dt=Polri%20Bicara%20Waktu%20Pelaksanaan%20Autopsi%20Ulang%20Jasad%20Brigadir%20J&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAABAAQCAC~&jid=1244638443&gjid=400609398&cid=498688345.1660050539&tid=UA-85211792-1&_gid=1659064428.1660050539&gtm=2wg880KPDQW3&cd1=AMP%20Page&z=456287764

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Aug 2022 13:27:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85296
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icon-profile-small.jpg
public.viva.co.id/asset-viva/responsive-web/img/ 270 B
814 B 26ms
25ms Image
image/webp 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public.viva.co.id/asset-viva/responsive-web/img/icon-profile-small.jpg?v=1.1.41

Requested by

Host: public.viva.co.id
URL: https://public.viva.co.id/asset-viva/responsive-web/js/lazysizes.min.js?v=1.1.41

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8825e6c38403c234f6228f6cbeb88c276f0e62cbab1900d044cb8f5c2d0472b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
vary: Accept
cf-cache-status: HIT
age: 1220472
cf-polished: qual=85, origFmt=jpeg, origSize=596
cf-ray: 7380b93f9aeb90c0-FRA
content-disposition: inline; filename="icon-profile-small.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 270
x-amz-id-2: nCHlzTQxVDu0hUulzHV+ff2iyuVvs3zBMgisp7r9ngQrW/M/Zv3+Fwj0L1U4cB80ErDSRwaYEeE=
last-modified: Tue, 07 Dec 2021 06:21:18 GMT
server: cloudflare
etag: "5c3ff561dbcd90411fb36c440373976b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 20SEPS2F2APRNH7K
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 62cc0a3830b1e-kapolda-jambi-irjen-pol-rachmad-wibowo_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2022/07/11/ 11 KB
11 KB 25ms
23ms Image
image/webp 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2022/07/11/62cc0a3830b1e-kapolda-jambi-irjen-pol-rachmad-wibowo_325_183.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0808f662793f22610594d4a8c6d5421215c2931348fdb4357465b2672964a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
vary: Accept
cf-cache-status: HIT
age: 33273
cf-polished: qual=85, origFmt=jpeg, origSize=17507
cf-ray: 7380b93faaf490c0-FRA
content-disposition: inline; filename="62cc0a3830b1e-kapolda-jambi-irjen-pol-rachmad-wibowo_325_183.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10852
x-amz-id-2: J0tUmW37Sl4UzyuQ7r04W9eT6hhkJ9z2g/0WRQqqWWAPrDQHK0nTfGhpQ3O03zif3PHN7+xLf+w=
last-modified: Mon, 11 Jul 2022 11:32:10 GMT
server: cloudflare
etag: "6d5b309dd2bde62d7cd32ba0048a660c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4M8CXS2M1JCRG2PG
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 61931dcd94516-kepala-divisi-profesi-dan-pengamanan-kadiv-propam-polri-irjen-pol-ferdy-sambo_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2021/11/16/ 9 KB
10 KB 237ms
234ms Image
image/webp 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2021/11/16/61931dcd94516-kepala-divisi-profesi-dan-pengamanan-kadiv-propam-polri-irjen-pol-ferdy-sambo_325_183.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5a0c18d3f6cd54b3473615fb71782d6778ffaace573e65adadd1972b2416299

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
vary: Accept
cf-cache-status: HIT
x-amz-request-id: QNH3RX07XXS68C6X
cf-polished: qual=85, origFmt=jpeg, origSize=15345
content-disposition: inline; filename="61931dcd94516-kepala-divisi-profesi-dan-pengamanan-kadiv-propam-polri-irjen-pol-ferdy-sambo_325_183.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9386
x-amz-id-2: qTxM2Gu/DazCLRp3EAH22Jvu0F6sdMjRdydfeWEPRBvk56yl9ojD6AYA9uqa1IHoHcI4ms+/Z0I=
last-modified: Tue, 16 Nov 2021 02:56:16 GMT
server: cloudflare
etag: "69e151cfe83b891f94c5fd7d4c49e592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7380b93faaf590c0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 62efbba5606fa-istri-irjen-ferdy-sambo-putri-candrawati-kanan-saat-mendatangi-mako-brimob_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2022/08/07/ 14 KB
15 KB 32ms
30ms Image
image/webp 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2022/08/07/62efbba5606fa-istri-irjen-ferdy-sambo-putri-candrawati-kanan-saat-mendatangi-mako-brimob_325_183.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0f8be4a2ca2e2c750fb1df86aba77c6466ff803172b6f755ff53086f48386e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
vary: Accept
cf-cache-status: HIT
age: 166638
cf-polished: qual=85, origFmt=jpeg, origSize=21535
cf-ray: 7380b93faaf690c0-FRA
content-disposition: inline; filename="62efbba5606fa-istri-irjen-ferdy-sambo-putri-candrawati-kanan-saat-mendatangi-mako-brimob_325_183.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14356
x-amz-id-2: EOrnfdjNYcHRHF+F4QWnuLM4PQW5cldbstAfm5yIhMmnPSZLuGQQJ2GHvNSN6xYdhP+H+tcz2w4=
last-modified: Sun, 07 Aug 2022 13:18:31 GMT
server: cloudflare
etag: "945127f23406efd19fc2a03a5275a8a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4V4W9HASSAYYDXSE
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 62f0ffb87a42c-kumpulan-senjata-dan-amunisi-ditemukan-di-bawah-sungai-london_325_183.jpeg
thumb.viva.co.id/media/frontend/thumbs3/2022/08/08/ 19 KB
19 KB 33ms
31ms Image
image/jpeg 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2022/08/08/62f0ffb87a42c-kumpulan-senjata-dan-amunisi-ditemukan-di-bawah-sungai-london_325_183.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17dd14b958beeb8ed240f79dd382925473680c8ae527badf403326bd61f1dfe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 48106
cf-polished: degrade=85, origSize=29482, status=webp_bigger
cf-ray: 7380b93faaf790c0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19189
x-amz-id-2: NrLhxF7WQuXclYM5Bt4P2fXIQX9S1t7wimQea53z1ycbHKr8ay3dc3R0IP9y9iywRMVDav3UAWk=
last-modified: Mon, 08 Aug 2022 12:21:17 GMT
server: cloudflare
etag: "755d7b6a5001ffd849f45ef032f97e84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8W5H1TW9A1ZYETNJ
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3 200 62f1c30f71916-latihan-militer-taiwan-dilakukan-secara-teratur_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2022/08/09/ 8 KB
8 KB 41ms
39ms Image
image/webp 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2022/08/09/62f1c30f71916-latihan-militer-taiwan-dilakukan-secara-teratur_325_183.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0c3853f05c428e1d3fe0e62a49f24d0f8c93cae351ed04a4ba96ec6c943c515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
vary: Accept
cf-cache-status: HIT
age: 32272
cf-polished: qual=85, origFmt=jpeg, origSize=13767
cf-ray: 7380b93faaf990c0-FRA
content-disposition: inline; filename="62f1c30f71916-latihan-militer-taiwan-dilakukan-secara-teratur_325_183.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7762
x-amz-id-2: TdgCVsIEZ2Wh0j6k1FyGQYGAAgoCSgXNBiFpm6ph5XwpE0jhp5HvDBzuQrX3ccr+02a8eELgecY=
last-modified: Tue, 09 Aug 2022 02:14:41 GMT
server: cloudflare
etag: "959c52bad43a97726acf06e34fb2f89e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: YEY1RG2RY7H7J2Z0
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 pushnotif-bg.png
public.viva.co.id/asset-viva/responsive-web/img/ 1 KB
2 KB 25ms
23ms Image
image/webp 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public.viva.co.id/asset-viva/responsive-web/img/pushnotif-bg.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a4044c362844a24d59f4a9a9cee9ecdfee4a80c659009f51b7216cf31b26d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
vary: Accept
cf-cache-status: HIT
age: 83729
cf-polished: origFmt=png, origSize=2492
cf-ray: 7380b93faafa90c0-FRA
content-disposition: inline; filename="pushnotif-bg.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1246
x-amz-id-2: qMzWHeesOzpvfXj9Tg1NOOzv0SdtICPBebGAKheXp+JF+rl01PAbiz+JdspvIomXW2e4A1JRUXI=
last-modified: Tue, 07 Dec 2021 06:21:14 GMT
server: cloudflare
etag: "714e2f45fcac2f3e3c733f7712607b97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 780QCQK5Z0DHTA0B
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/8429568/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
367 B

8ms
7ms

Script
application/javascript

99.86.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-3.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:43:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1532
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: LC1TAGEAW_u-OGU_deqSkXhz6f6NsXf9y74pImIHe0f4qZoE1u062Q==

Redirect headers

location: /internal-c2/default/cs.js
date: Tue, 09 Aug 2022 13:08:59 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: -3lNO00DXQdT9dYlokWQmmgRlAChFO-cS6CuCBDwxWQt6pKNFbCnCA==
x-cache: Miss from cloudfront

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 460ms
379ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

ec15f98604211de09a04020860148a98124296e8ce00c461f5fded4eb0ff9d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28617
x-xss-protection: 0
server: sffe
etag: "1298 / 982 of 1000 / last-modified: 1660043424"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Aug 2022 13:08:59 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157005/907/ 388 KB
116 KB 105ms
22ms Script
application/javascript 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Requested by: Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8cf9cf1a777791f780843d27b7ba52d23dd1b6521baabbdfce3f8110dbeac2f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
content-encoding: gzip
last-modified: Fri, 15 Jul 2022 08:23:42 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=43116
accept-ranges: bytes
content-type: application/javascript
content-length: 117872
expires: Wed, 10 Aug 2022 01:07:35 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 62ms
17ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.viva.co.id%2F&domain=www.viva.co.id&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.viva.co.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 09 Aug 2022 13:08:58 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1191
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.viva.co.id%2F&domain=www.viva.co.id&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=YNGuEHxsN05MOGFIYmpLUXVJWlJadHQ0eitKeklEOE1aSzczWlkwVS9pVldaVnhTRWsxR0Y0ZVVNUCtoc3ViQ2NWZnVDeXJXWVlFMlV5UHh6SVpJWGlLL01zT09GdmY4Y2dndkhqQVY1a3FoNzJ6d2Z6cEx5MTc2VFlXND...

353 B
618 B

63ms
22ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YNGuEHxsN05MOGFIYmpLUXVJWlJadHQ0eitKeklEOE1aSzczWlkwVS9pVldaVnhTRWsxR0Y0ZVVNUCtoc3ViQ2NWZnVDeXJXWVlFMlV5UHh6SVpJWGlLL01zT09GdmY4Y2dndkhqQVY1a3FoNzJ6d2Z6cEx5MTc2VFlXNDlmeU1pemphem4zYkhldlRmNU02ejFtUFB0TUhWWXppVzNqem1zNzlWV1pFNXp4d00yVjhQYjFwTUtSNXBqSUZKMHZRbm5jdjlMVFFBNE1QNkxHUHZxdnJPRGZpdVA2Y05MN0FhU3pIN0xSR1NlTjZtY3RzPXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1eb0b5ea52088e86fc2e048e4033c97f37703060079555ec9d11451e10292275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:08:59 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2993
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:08:58 GMT
location: https://mug.criteo.com/sid?cpp=YNGuEHxsN05MOGFIYmpLUXVJWlJadHQ0eitKeklEOE1aSzczWlkwVS9pVldaVnhTRWsxR0Y0ZVVNUCtoc3ViQ2NWZnVDeXJXWVlFMlV5UHh6SVpJWGlLL01zT09GdmY4Y2dndkhqQVY1a3FoNzJ6d2Z6cEx5MTc2VFlXNDlmeU1pemphem4zYkhldlRmNU02ejFtUFB0TUhWWXppVzNqem1zNzlWV1pFNXp4d00yVjhQYjFwTUtSNXBqSUZKMHZRbm5jdjlMVFFBNE1QNkxHUHZxdnJPRGZpdVA2Y05MN0FhU3pIN0xSR1NlTjZtY3RzPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1488
content-length: 482
expires: 0

GET
H2 200 62f2549a98e1d-jakarta-melayu-festival_325_183.jpg
thumb.intipseleb.com/media/frontend/thumbs3/2022/08/09/ 27 KB
28 KB 609ms
547ms Image
image/jpeg 2606:4700:20::681a:a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.intipseleb.com/media/frontend/thumbs3/2022/08/09/62f2549a98e1d-jakarta-melayu-festival_325_183.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bda036a0ea2e4700d72fd4ea5c7b2d12373e821bfc84d042d77f8d4ad53a1e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:00 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: AYX2FE0M9Q4N7BZE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27737
x-amz-id-2: XywsWBEJddS+hiZLXCi3Mn4qKEu14HkOeRBbd9sK5vJs6yEDEzOfoQzevRqruq7oVF68fZ9h7N8=
last-modified: Tue, 09 Aug 2022 12:35:41 GMT
server: cloudflare
etag: "0de825c34a52e4eb885fd222783947a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukN1WE5LNxORyxb%2B9Cb2f9CSRY0W7ccVIAU%2BabiIPmnLRYYJnCENMXP13TNeKx%2Bk1luqakF80KLomAQvlUXbqJKCqYLuCXa5ovvSDsxaxlVz27lRHVEvVv3MPRxtTAi0UnDxgxASJv7ZrpYzWEj3Crdw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7380b9414f919030-FRA

GET
H2 200 62f20e2bf2a0a-monas_325_183.jpeg
thumb.intipseleb.com/media/frontend/thumbs3/2022/08/09/ 12 KB
13 KB 82ms
21ms Image
image/webp 2606:4700:20::681a:a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.intipseleb.com/media/frontend/thumbs3/2022/08/09/62f20e2bf2a0a-monas_325_183.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5cbe56185a635568a0463252c97c707019192d1d2f8862598807d6bfbca2565

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1007
cf-polished: qual=85, origFmt=jpeg, origSize=23402
cf-ray: 7380b9414f959030-FRA
content-disposition: inline; filename="62f20e2bf2a0a-monas_325_183.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12750
x-amz-id-2: xNXe9kSsPATg8LWa8Wsu6ocvfc5TgD05gJCxzWiY/sJIdZdQqIHZX8BOmXpgDFqAgqB47XcWw8Y=
last-modified: Tue, 09 Aug 2022 07:35:11 GMT
server: cloudflare
etag: "1e8002a5a14b01dc1a0c78770cb88245"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpo1AJjlG%2BPqK6%2Bt87AfTAhuPovI9aExmeeCbRf4HHCI9HJtKco3cheClM8SrDoF%2BY8YQ3jqM1RRMCIdAb8xNkI8FSdoJ9Gb%2BHdS%2BOfWjLuUUFEs506KKdq2VWQqpK8ZbgzII42MVPopHDOqz2Pdv6tS"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: TXTDRJHY75KTSPF4
cache-control: max-age=86400
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 62f23e37d7238-millen-cyrus_325_183.jpg
thumb.intipseleb.com/media/frontend/thumbs3/2022/08/09/ 17 KB
18 KB 84ms
22ms Image
image/jpeg 2606:4700:20::681a:a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.intipseleb.com/media/frontend/thumbs3/2022/08/09/62f23e37d7238-millen-cyrus_325_183.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

428c8958a3ad90a31a88c8ea0334d583cf8ccad65a2424e6798d3dbe559c9971

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1007
cf-polished: degrade=85, origSize=32397, status=webp_bigger
cf-ray: 7380b9414f989030-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17792
x-amz-id-2: Isj90MXS/VgDRofNqAn2MOf9SjdvPDoQUMa494PXWkMlTstgRUjji3CvoMGD94TqOzTvY+od2Vs=
last-modified: Tue, 09 Aug 2022 11:00:12 GMT
server: cloudflare
etag: "5a5b3183235ce512c9af4832e2a3ad4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tki8KVFyChGxHLdeXwlpeY1jBWX0KHu%2Fv%2F8Cpr73Fyx99UtWJjonS4%2FX9lXn99AdQHo4hd%2BkCYuuBcNZqUxrGBTZjePePcfedn1R8QEgnXAE1OOWrsYks56oCiGg01oYOgn7PMatmxp%2FwyOZVbsufFHP"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: TXT1FPQ41RFEM6CW
cache-control: max-age=86400
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 62f1fad79b004-luna-maya_dangdut_325_183.jpg
thumb-jagodangdut.intipseleb.com/thumbnail/2022/08/09/ 11 KB
12 KB 79ms
31ms Image
image/webp 2606:4700:20::ac43:4677
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb-jagodangdut.intipseleb.com/thumbnail/2022/08/09/62f1fad79b004-luna-maya_dangdut_325_183.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4677 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bb7323b5dd23e9e6158fce17af9d02401aeb1a620f2cabf19fc96fff4aa121

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:59 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1006
cf-polished: qual=85, origFmt=jpeg, origSize=22135
cf-ray: 7380b9413b24bbb0-FRA
content-disposition: inline; filename="62f1fad79b004-luna-maya_dangdut_325_183.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11146
x-amz-id-2: F/bJt1xRH0SmQ1KBRi5hkj1667rXvLNHuBJgEXWC9lqoLlHEevmsRhCuBy2uOMONwH3A4Lol60o=
last-modified: Tue, 09 Aug 2022 06:12:41 GMT
server: cloudflare
etag: "7442a48f64780df8f14325e970537a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwOQjnfxc8mCkdxilq9DV0NmEeZ2PH4E3D6%2BrE2E%2BpbzPo%2FlgIZPGKSoB5uYzopimVgFJRJZUHligqcc1Aeb2%2BW14MZOYEBg2M6FYHppkvdg2Qjd4oN9DH3Kr7554Y%2BlnRT47Jis%2FB7pxGY2GS1tm6x6m3nEVPIJOQR7m5UA"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 8FF0V06KDPBNGWZX
cache-control: max-age=86400
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 91ms
21ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 09 Aug 2022 13:08:59 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1157
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 pubads_impl_2022080401.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 26ms
8ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132985
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 08:38:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Aug 2023 12:12:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 800 B
310 B 42ms
24ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.viva.co.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

832f99f8a0d8dab1f2bb81a8cf28d62cac63e85844d5d2778800c84a7a1a6d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 285
x-xss-protection: 0
expires: Tue, 09 Aug 2022 13:08:59 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 237ms
199ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.viva.co.id
date: Tue, 09 Aug 2022 13:08:59 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
556 B 222ms
51ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:08:59 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
561 B 220ms
48ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:00 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
556 B 264ms
93ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:00 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
556 B 226ms
54ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:00 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
556 B 228ms
56ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:00 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
556 B 222ms
51ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:00 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
556 B 316ms
88ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:08:59 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
556 B 285ms
55ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:00 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
556 B 300ms
69ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:08:59 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
556 B 284ms
54ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:00 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
639 B 68ms
33ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=313582&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2228842018bf5208f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22293048f03ae89b1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22313582%22%2C%22sid%22%3A%2205%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2230afa34a3797f11%22%2C%22ext%22%3A%7B%22siteID%22%3A%22313582%22%2C%22sid%22%3A%2205%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223138915d4ef5513%22%2C%22ext%22%3A%7B%22siteID%22%3A%22313582%22%2C%22sid%22%3A%2205%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232f2065cca68004%22%2C%22ext%22%3A%7B%22siteID%22%3A%22313582%22%2C%22sid%22%3A%2205%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223356fd3b38d4bf9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22313582%22%2C%22sid%22%3A%2205%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22347ea02bb4b63c5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22313582%22%2C%22sid%22%3A%2205%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c55beaa8e467c49ffe62125e2bc5e503470c88838a90a309765d210d5086de3

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Aug 2022 13:09:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FFSB%2BoeZO56ZS0S1tXmn7izLtbbNJIB6nWXRK%2FAGnk4nWGifmInhBP8LDbnkjLkwchnOQsODisTNR5EZt4XNIyxM6d88ZUqUiNkndf8C8f1IYJBH%2BGB4UGUWfBJdJLdR1hQ0zN6"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7380b9442ccdbb97-FRA
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 47ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.viva.co.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 45ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.viva.co.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 379 KB
93 KB 1130ms
1130ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2418228991915106&correlator=374994276519626&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=11225321%2CVIVA.CO.ID%2CBerita%2Cinterstitial%2Coutstream&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=728x90%7C970x250%2C300x250%2C1x1%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C160x600%2C160x600%2C1x1%2C728x90%2C1x1%2C1x1&ifi=1&adks=1032522175%2C390710445%2C3482815306%2C390710434%2C390710435%2C390710432%2C2626688717%2C2626688718%2C1411660821%2C3481637858%2C4091369916%2C2821835629%2C1653184459%2C566311233&sfv=1-0-38&ists=3&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0&fsapi=false&prev_scp=pos%3Dleaderboard%7Cpos%3Drectangle_1%7Cpos%3Dslider%7Cpos%3Drectangle_2%7Cpos%3Drectangle_3%7Cpos%3Drectangle_4%7Cpos%3Dinarticle_1%7Cpos%3Dinarticle_2%7Cpos%3Dskin-left%7Cpos%3Dskin-right%7Cpos%3Drmb%7Cpos%3Dbottomframe%7C%7C&sc=1&cookie_enabled=1&abxe=1&dt=1660050540510&lmt=1660050538&dlt=1660050538384&idt=1646&adxs=436%2C985%2C315%2C985%2C985%2C485%2C485%2C-9%2C140%2C1300%2C315%2C436%2C-9%2C315&adys=200%2C1086%2C155%2C1894%2C2973%2C2921%2C1583%2C-9%2C359%2C359%2C1320%2C1155%2C-9%2C2164&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C-1%7C0%7C0%7C5%7C0%7C-1%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j&frm=20&vis=1&psz=970x90%7C300x250%7C970x4762%7C300x250%7C300x250%7C640x250%7C640x250%7C0x-1%7C160x600%7C160x600%7C640x1764%7C728x-1%7C0x-1%7C640x1764&msz=728x0%7C300x0%7C970x0%7C300x0%7C300x0%7C300x0%7C300x0%7C0x-1%7C160x0%7C160x0%7C640x0%7C728x-1%7C0x-1%7C640x0&fws=4%2C516%2C4%2C516%2C516%2C4%2C4%2C2%2C516%2C516%2C4%2C516%2C2%2C4&ohw=970%2C300%2C1600%2C300%2C300%2C640%2C640%2C0%2C160%2C160%2C1600%2C1600%2C0%2C1600&ga_vid=498688345.1660050539&ga_sid=1660050541&ga_hid=198806249&ga_fc=true&ga_cid=1659064428.1660050539

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

86041deaeb10616b1102766fa83a40f8a044e2fb830ff126fb8ddc8c69e2eecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94779
x-xss-protection: 0
google-lineitem-id: -1,-1,5218161489,-1,5161031482,-2,-2,-1,-1,-1,-2,-1,-1,5954146250
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138370403026,-1,138286001753,-2,-2,-1,-1,-1,-2,-1,-1,138398485233
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 89ms
64ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2810489196e07113ef9b90fbac0e50eb46b9fd5881840a467ce0d3116bf4f8d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11065
x-xss-protection: 0

GET
H2 200 container.html Show response
7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A08E 6 KB
4 KB 110ms
17ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:00 GMT
expires: Wed, 09 Aug 2023 13:09:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022080401.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 9ms
9ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022080401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

897b0eda2eb5e7df39acd929ba9f3f0b30d84594239cef6874c91aabff9e3f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 10:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13600
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 08:38:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Aug 2023 10:39:55 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BBF1 15 KB
6 KB 19ms
16ms Document
text/html 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=134633
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 13:09:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 11 Aug 2022 02:32:53 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 475A 3 KB
2 KB 49ms
8ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Aug 2022 13:09:00 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H3 200 62d6afdf4644a-samuel-hutabarat-dimakam-anaknya-brigadir-j_663_372.jpg
thumb.viva.co.id/media/frontend/thumbs3/2022/07/19/ 90 KB
90 KB 236ms
234ms Image
image/webp 2606:4700:10::6814:9670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2022/07/19/62d6afdf4644a-samuel-hutabarat-dimakam-anaknya-brigadir-j_663_372.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:9670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e022cd8e03c742cafe5434dacc2b17df5af506391fcca7623780fab53d6e2a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:00 GMT
vary: Accept
cf-cache-status: HIT
x-amz-request-id: WWQPQT1Q5EWEW8X3
cf-polished: qual=85, origFmt=jpeg, origSize=119031
content-disposition: inline; filename="62d6afdf4644a-samuel-hutabarat-dimakam-anaknya-brigadir-j_663_372.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 91818
x-amz-id-2: mw0xcfxRBbme33pn6Vyq8i9WLb24gZgeYJKxYY7MNtpEY13h35ZpWp0GwOusW5pRKkvkGUJy4tg=
last-modified: Tue, 19 Jul 2022 13:21:38 GMT
server: cloudflare
etag: "1ecfead38cb759d7f44e7e277cb094bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7380b946c9a490c0-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BBF1 0
42 B 84ms
18ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66519007&p=157005&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:00 GMT
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 47ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 13:09:00 GMT

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame F72F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

75ms
39ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6deba70872d53206707dea7ba2d4c35204312df08e042b3ad3de3fd5ad2f2e34

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7380b94959369b43-FRA
content-encoding: br
content-type: text/html
date: Tue, 09 Aug 2022 13:09:01 GMT
dropped-udsids: 45|230|241|39|65|190|111|17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7%2B9NtKIKLWah1A9M1D8ZIhHUY9j%2FR%2B%2F723dJppi4WuQiJal%2F40EkohgZ8LvpohAzEVyraF2DeCH6xOJR1Mmoc0q9xfXaBsofEYdlw8VIsQXVmWix%2BPhQLSeO05bYuhc7kKv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7380b948e8c09b1c-FRA
content-type: text/html; charset=iso-8859-1
date: Tue, 09 Aug 2022 13:09:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWSljmF9%2FIaiDuslSmdmS2U2%2BrzdOMuh9epU%2Bh0vgYGiLlUyCKoXqOhgI%2FQrxuaebUOmhvNkMzqQlkbey7YlRkeZhOFpdNJLXwKQKdOVAd3Hg%2FwRizKs9IRw35jMIMOmEaB3EjWcE1l82Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FCE6 13 KB
5 KB 33ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 12:48:01 GMT
expires: Wed, 09 Aug 2023 12:48:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 66C3 783 B
535 B 47ms
19ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4783048d046dd9f29d821a83bc0317ffa15af2820ce34d9dfac7d4355b353ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U5EmxY0xU7bo-xsD5EqO4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-U5EmxY0xU7bo-xsD5EqO4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:00 GMT
expires: Tue, 09 Aug 2022 13:09:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame FCE6 36 KB
14 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 15:59:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 66C3 0
0 48ms
47ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080401&jk=2418228991915106&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame F72F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YvJcbIARC4WgLdt5YaNFkgAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YvJcbIARC4WgLdt5YaNFkgAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBWLPGH0jIFBvFvracYvcaE&google_cver=1&gdpr=1

43 B
948 B

40ms
26ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBWLPGH0jIFBvFvracYvcaE&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7380b94bfb839b33-FRA
pragma: no-cache
date: Tue, 09 Aug 2022 13:09:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnS1ZSJW8H0KfwNa8%2FMl64wh3KZe%2FaLvW6%2BMfyi9Q9XoJoa8VKzFerRCO%2F04vI7Y8qvOevtxaxlFI85XQSGGuokfFSWqvIwkm8q1rRtdq4nQbQY9ROAgG0HioLy7RwpJCus%2BJTfW2mjYHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBWLPGH0jIFBvFvracYvcaE&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame F72F 170 B
502 B 70ms
23ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YvJcbIARC4WgLdt5YaNFkgAABIwAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F72F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvJcbIARC4WgLdt5YaNFkgAABIwAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvJcbIARC4WgLdt5YaNFkgAABIwAAAAB&dcc=t

43 B
645 B

111ms
111ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvJcbIARC4WgLdt5YaNFkgAABIwAAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 13:09:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: E7WDNPDM13CZM9JXTSTK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 13:09:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: J11Q9R57FXYMK8NH02XB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvJcbIARC4WgLdt5YaNFkgAABIwAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F72F 70 B
265 B 341ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rum
dsum.casalemedia.com/ Frame F72F
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1660136941&gdpr=1

43 B
944 B

96ms
26ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1660136941&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7380b94c9c1a9c0d-FRA
pragma: no-cache
date: Tue, 09 Aug 2022 13:09:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=He%2B3e0l7hDWnolZir%2BcK7CsrIwIkM9PSfXrwXk%2FfwggynizSntkgqyGtQFTLNJv0UOby5j5%2FYCsQJGRKoPKdwFsB1kKdKoFcztcTMyBd00Js85l62aGdR18vumbHzGbzUF6CXfVf"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1660136941&gdpr=1
pragma: no-cache
date: Tue, 09 Aug 2022 13:09:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame F72F 0
0 48ms
13ms Image
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame F72F 0
331 B 321ms
21ms Image
text/plain 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame F72F
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

43 B
910 B

25ms
24ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7380b94d0ce69b33-FRA
pragma: no-cache
date: Tue, 09 Aug 2022 13:09:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbnHyBXz69iFcWpO3oIeGsV%2FUmlyDItTz6tHdjXzwE5XszHmoJj8mXTJUbPkkeNKMGuB4cFDREbmsyeycPRzCKYjmFkvLavK2B%2Bakt9lvZRn5FvRI7Xvt82tNGRjTgmJdlCDCeC%2BzB15%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma: no-cache
Date: Tue, 09 Aug 2022 13:09:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 106
Content-Type: text/html; charset=utf-8

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame F72F 43 B
424 B 80ms
25ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YvJcbIARC4WgLdt5YaNFkgAA%261164
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:01 GMT
cf-cache-status: HIT
age: 200
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "902a3d-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7380b94a696f9250-FRA
expires: Tue, 09 Aug 2022 17:09:01 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FCE6 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?13acRA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
338 B 154ms
61ms XHR
application/json 34.251.71.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.71.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-71-171.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ab04eb1a2b7dffe87d2bb199a46e89b23cd2e679a605e18508141150f959b712

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache
x-server: 10.45.17.227
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
389 B 35ms
34ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 793b562180e95ad56b9da560740baf2eacc9577ffd386ad95df5fe03d1bdd85d

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Aug 2022 13:09:01 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.viva.co.id
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Thu, 08 Sep 2022 13:09:01 GMT

GET
H3 200 container.html Show response
7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D502 6 KB
3 KB 33ms
11ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:00 GMT
expires: Wed, 09 Aug 2023 13:09:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EA34 6 KB
3 KB 25ms
17ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:00 GMT
expires: Wed, 09 Aug 2023 13:09:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 80BC 6 KB
3 KB 9ms
9ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:00 GMT
expires: Wed, 09 Aug 2023 13:09:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8CB0 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:00 GMT
expires: Wed, 09 Aug 2023 13:09:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1149 0
0 50ms
45ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur4f-u_vjTzYZ2C3kfFTVTgfn6fwxCDcLoxAaGCJD-ITknl7qoBIxbTifVXiuehTKnu7dd5g-YHWKkeef_vLzTTf0-Qk5hlXvpy_GkQUXA0MNvV-liOEYVNhltfwq8juoxD4WPIGClTY5hNxVrQr-Mf1xGkxaxouvrtQ7-o8SS5zDYDt1X3mhSPysvpGXaZxw_cr98zUaNeKOHBJFRoEhCvu57vDsMLsx67yFEcD5-iWc501oIjVJR9oLrhkELx2fRIfCMEWvluCL9oWzUP-X-wEu1ZeLhpXnqw58rV9ekyC2qvn__xSeZpd5uo_5bDctj1WuYkgZS2Szn&sai=AMfl-YTWFfT8vssPu9I5TLLMWzttTGTKx-5zVHiC9SFjdRcFe2EOjMySj-yOrA7s5YyuwEsJT7tL9vG94xyYVE6R5ePGoQasC6IUZyUXkyvlCMX0GjdCdMQLazSIeNswmj2qHA&sig=Cg0ArKJSzI4EbcZkVguuEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK spt Show response
tg1.selectmedia.asia/api/adserver/ Frame 1149 16 KB
5 KB 280ms
150ms Script
text/javascript 2a02:26f0:3500:c::5c7b:6843
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=618143eedaf7e149fd14cf49&AV_PUBLISHERID=59c90be728a061224b14efc8
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6843 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: eb0ed266df6b43907c5ec8effd1d4aa79ee8462f6635f1a25d259502ae60ecba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:09:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 4837
Expires: Tue, 09 Aug 2022 13:14:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1149 140 KB
44 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 13:09:01 GMT

GET
H3 200 container.html Show response
7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 00CE 6 KB
3 KB 10ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:00 GMT
expires: Wed, 09 Aug 2023 13:09:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2653 6 KB
3 KB 12ms
11ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:00 GMT
expires: Wed, 09 Aug 2023 13:09:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7832 624 B
838 B 57ms
20ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYqOH4xgEwAQ&v=APEucNWOYCSB5rztdkXR8r4sPUusO585F-4bYEhdLhhqIeaS_xBt_Fq7B9F103OFWWhWMDZ5rXaxbXb67bokCHHKP3ovJ6gHKR2c-wewsw09BORg05lPMpZMS3eJ_Z9FwSTMDRvH0hhsp0nqp0-VGsQJRfIFirwYN6g95sHaN1vSTcFhJNYWpV0

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:02 GMT
expires: Tue, 09 Aug 2022 13:09:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D502 83 KB
34 KB 111ms
75ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHP9tv-E0X7_xPUdMuf-ogYP1hpjZyVVgmtYLXzi5fJE6eKCxcSUy4gGJUoRzcioE4ZvNuo4H_6XVjD9EN05czCsz6FJ2D2trsyKPSyg-qfKd4QO54PqCK8ivqrRQbUA_j59ErEdntoIuN52fLpariWjSCTw&dbm_d=AKAmf-CHP5bWb970-HMXrI6E2JOMOrSpEv33zRmuhL3nbBrAbr42M5p9QYZAAUS3h3I7h70KV7sj3a6ZPUbksTue40nOAVaC_lm5WAyPJVe-RE_Foi7Y4MpRysQFBTMzgHsOg5xXigzoUOjyjiC2Mz9a7CIup79f5-dSfX2jTlJJX-lImc1uiqdtmBPBkuSggwbCLJb_6qLq2dp6WiMdNVzBbrHULo_Et5TDrlIN-5KmYBwCtYOQFfsUgHE8IXXcPO7-ngzDAIiAvyoDW1Ilm3hAEe8etmq-iNis2vFpusdX93kY8I_EkFyFvYHGFl9c3xFuIVLrf6WWDFE3HwTm9I-40r9pmxRkYKBFjfJMKZlfjkqiKARFAnm8PfF3yHg9gff3gfj3Jp8PuA8xoChsIPHk_NDesvRmdfidoQKIo2dl3To07ygo8CguCwe16JHwvgCmpGlB6FnIXlPy4Kzk7AQtzq9JKtFD0s_IfHurjkHD-MU1sfAjl44qaZWV7Zs2wkrBONwP0u8GF31wbZByx3PXhha786Fcnvj0FFGIlrhlenCTC9I7YpzCUyuH55NvhQ8lIKDtOV-PHF5Wo7_rA6oXdd2Zij-S96qalF3NxY9vjSC7cR1QYxJ_GQxtHfDiBx86FAjIqYPusfC7OJ29lteT1YrX0to3z6UHLrl15rx9aGUf1iQPcwliCIJWtIcNhuUoUjDAmINsl_Q7J0ULfGlen_pY8btLXKAViYrk-eh0XG2UDb6xLAsN3R_Mg8FQZOcuGxj1BYvRIshmcB3nio0leHQAfxlJqyLjgRPjoqJ4nez-Y6YjxqAXAhbMjGEpSybHQRDWYagKhL4uc_ST9ZDxclQOunhScng9yFheDGihVSWj-Q2JxIs96iHRlbi2kSD88dU-0ALV3LY28_lSwyQMcMDw5lHpGWkX_8ZHrgqwDu_NcokpBi7q1gFw1fpksFe5qOC6Y_tlQ7euZh46eoPLkuWtmwoKtkq04hWRjcVQMd-TD13snvWWLZikyhDHcwPSMx5wcbpp_n2sy60YWIABDAiFn0Hm3KL-SBRVRdqwHPqJwC8iLoQ2alV67c6971ALHuWJClCxM0_SIHULqayg7cFoDrthIY2iK6Rbq2xV_NmEUUyds_3GDu0epiFrK2xh_vYbel1Y4Bc8rnR36x-PW4fOSihvpdcxErFrycpdpyTXM_hJNkMK8PEoPK0tnnpqej19E2Jgqc-Ga0CI8YClhR78NH86idGzAYbp8sPltEPD7ZYE5qnV0tkn87JBFATpGMJfk532sZXaQxCDWm3-xfjIZywY90I1wmKu-Hb4t53GwUOCb0mF-pfj1lIj1JOQc4WCD4NUXfudO9gghRrgmQtgV3QAQ-748HI3dJQUzrvRVjkyQMNcCCkzTZk2Q4vWBV3zmmrHBRF1dVDSw5fkUGyLHDoFdYVF8-nTPcJDzsneRR4xSaT0lxDQGmXB-FsTUvxip6-7qYfNTR7iYhD68X8bgbMRlWSHbrAf7wSvhkEYEOdr9c71_I1AraDApC4p3XE4OnT21uf5G6ze0mVisNYKqkfBU2knYH2nC9R16O1SI2Apx0cbx4pkSFXLN5258ImSnQFwnBXmFFaUO8IrLF5GbWoC1g2Of8GQgdeJSLLz6WzmW_u06f1szPEBLzuLNbRETzBTeuPWlx_MU94-7ETYSy1_exSMlQ2D-H-KDX1vbsEIl8xkHQ2Ehlizh5ymzxXRGHgPVULcuxm2liv9wrZN_utHb7--qHWPo39NIhOtP_UtWvvktIyPIoDqeQU2rsmciieVdJs4ASfbPTfGP_4UUuzkum2WZnpkV_2QisrMWutpYBDHHCOIx98SBONkATSD5paBs858PRGGqtBmqvpOYEwraPhbv67Y6f2jnKJ5vOaAIJKbjtcajHr1Sc7dsQdAbVUr6X0Gm96EMRMLD70kmTil6lzeRxAdR_lDcp2XUWUPn6_gTzlWVDPWpKk4Dov6Rei8W-lzdJX1k98dbWZZiQLTtpEcA7xvsc51ffObblxudReuOPHmLSm8lZiHYM4vukcRVE2SNgtB6VEnsktmuGvchtGhSGJaF4RPh6xzCb83aLhy7pV2Xs33nEqOBqiCcg1eAVAGG7fNsaSIJuoU6d4msc9aspn9to0Ht3xgRWQT3BPK8puuDeCaVij_Uj-P9noDB819RLwNJLlLdk6gF6MvHmW8DiBjTUb6vMCO9pmU5G5Dwq_VUI4VLj8iLsw-QDAB8qmpdxwh2ViNji0m1aXnm42qMSJwloP6MfgZklvmJlp5nnIdH25ln_bjH19mpvYQReh_449WNudyD9S0CUT6zI3Fj8EnEs7oXn-USeKRfWES4wDM7UVscGmV7WDsCSuTndevpO6HLb_N7Y4_LvMsKCDAl_DIOFhe1oA-bF4zctwDWNIBCj6PzCkkZuWC_0Xwa2v9Yci12ydlEJGO8LQGHz3ncz0NKQrkyo3v1fnDhRSfQJqCwgu9UHBiERdfl7YXG0CeJUf6Ue8SL3Jf6jFBixVDiilibidEOTEaHPHJkWUHGDc66--R6ZW1JlcLZm0C4D5Wf8A8YX4Z8UFZbP2mGCvfnDgM4gt7IAz7m2jpp3odkfoq_JYBsc3S_ii9zIh3uBXozbqU728epz4ZEdpKgbGjMkN51AK5i13zkGxTo4DQZ4JF5CH3jttVlE0HIvnbPyRMRQzDRhfGU0dTOwZFrkAq_ftfRWP9-SOQDB9-a_b_dVqYsFoH4CSp4C7xl5vKBCxy2nKEo9FbLBvEU4_d8XSG9GyzAkYFLyMELIbBzw9xtkNAPyNbdoiLXkcVpOG5NOQFlkz76qZQJYlZOlx7I_ZtsAf-BvFT3DGXAxo_9knX8Gx-Pzv0sRq0-KxNoKGIcqhpT7aFQxmt1Iom7Op6gCyv9Er8qj8l-CHx5oLr8vF24hGj1anX3zuVAnYIoe_3MaabKo2HaiRs5uuzI4qORPF57q0iDJVSZB6-HAgDRaJPEx5oX3-LFtFXxHFotCNrx0MnEmrDTpYiB5kkMt_WHdTz7ps8xrsferXS39B9L-HfbNT9h32hYovv_C_kFXWXwqxgo27EX5dgi0xAOZz7ux9Y8H2Q5rOcQR_9_rB5uOTzzFK9QkQdvZwPAer92CbfnDJv5pUxSvDlMhKujzqpNeGu_gC4b3sj3UjAKC8eSLVUFym3WLiMMlkb1jiDo90YgZp7_xUlM9be7Kv6s_a5t7yR_8Vu3-KBrl8MKQauf69YME2Pa8lSZafKsExSOntgfnudMNszYtDJ0JPAwaUn9hq2RcygCna2V_yMC82JkZA&cid=CAASJ-Rol6Ta2ThMLR7i0q85jFZZFY6XPS25SLN_fw6eeCvlefCcgnYkiw&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

386006b955e18d0248291f11eed65331eddeaa81b94326c4c5e24443946ea480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D502 42 B
63 B 43ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BsZ1s1G4KSUYNUGKW14hdlcRexu9XFWNMPnY5YFzogwtESWN1M3dpBktHip_D0METJ9OsYeeicUq2bPWWnNmqTjKF6WwMqd1xGfpLOSYqdVQ5inec

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame D502 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:04:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D502 140 KB
43 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 13:09:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame D502 17 KB
7 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 12:59:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D502 0
0 21ms
20ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS131NDMY805v28tkv31xV4rNSagZlPM9UM8nwLaN1uNbMx-2YDv1eyL3Vz1WTduTsPNCzPK6boW3blohkPNA6nxJXTCw
Requested by: Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2215 640 B
445 B 57ms
28ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO-p_M0BMAE&v=APEucNXd8b0LFODWBfds_YY5Rtr4eW2SSfJU8RSZVAtILwzIymEOc9AXBS1dd36Keo_rY7HRpE_Q1wx85RyEHKsBtKp61QBgPeAhYLdoBW0UPOXYzZe8fVksLMbKzIvKeIvxALO8K29-2NWVT01LTnte3GxQktqwEAKPqzfqdZhVFuX8oKNX5A4

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:02 GMT
expires: Tue, 09 Aug 2022 13:09:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EA34 83 KB
34 KB 97ms
68ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTwsts2qt4e_yZ33VGOQnmOWNr8Za8JfKUCNHIf7NNelLjHD5_mCQNGX0oblJzd95xGfUXYqQFYHUmDc2H6SycblqVSV-qhP-zXIZLAgW9BCne2EReoDBclokAhtVOcrGuW448DmLWjI8IE4nkqdFF_xMAYA&dbm_d=AKAmf-ADN7Lo5WV8gP_pTANnl8v3DwAGnpTs9vF23z36ox1duIxGdA-0h3FYcDKnXO_RZ7pE91EDELOsFgyISFCy-xBL069Euztb0PHW5TFNkk-PY7Fgqot8HU6b_8aebxAH3bbERF-t7tRhrN9BZxDvc0j9AW9dxWj4_qpZ-eA84mLTs60OADSgPhOd1S3CxI4_oK-2dvBpwu45w0AE8Q5meNmiCKjYMijbq-HY-cmZFE5jJKEejX93QowO3ec97bpdMPT0ml_36RmvQRDVyFtYbgEle1x0kwvSR0Nd0bG2ZUE4QkH-ItcxlXjAH1rMjDbsQhLlt6xukMQFAIv76MMIsDsrJV3Pf2tpq2z3sBRG5xJdGTf6yCRY6OhfR_Obkh3K1G9jGqL64G__FcF_KYdG7pny7Xwsfkj9dDRqymOZb5zAlMeT5sgFg4tXyij8AR-76pxtxY3CX7A82zpu7JxEO1TGpx8qOkS28wvcJYyThPj8q4F2oTQPegRG8ZZY17Kax4drwLR9yM9nWZRwPLf_TB3ca_WJQouwJ_JVgcNVKemA6YjwSuftAcR3fgutdEkS50tf3vHWNGsRzQ2MAFbMPrG3hN-mc_MrPAw2NkxXv0cXCKjuSmZCImK4dKqlUwYPsZXnpvu6FwyeU5_v0EeVlReIQm9ndIAJ0UnaPPJM1J-nKRbTSvoXbN4iJc2Zi29x0rirX4nBM02UGQSAzCg_pjmV0eNXg_Qv-E6cesCitaTo2-jK-PI9aBHVIy70wLe_1seioaDs8Hai-lsrONdRJo92ZSadMCL6lZCurhYQXljQGf-neSiPeQFMk_5MIuboA3EAvDXAog1GXrY4AfNjMl1xRaiasah4h7uu-m1ZaKBWT2hMUNY862jJraZZXdKlFAKpCoWnymCRaCDnqrfs8mzzUZGXATLmYTa194T4C4sZEaPRCq4N51ol_zliLLhrEk4TjnzZQm8YAQNYe3lHrL2CGn5ZeBUpYGFQrijhf59vIM8sNXicz5wiggE3mC36i5FHtdimSxmmzEkB1znaAQ_CIkCa5glLWxIUKHMTsteHhUA9hH-ncJDJUYgVbo2gAiNjO0pgU7Eeuc2yx4majqYdKrMGo1A3TeGgVq7q2w2dMc0jQO2a2XU5H8RH-mOWhkhc4yBHh1UNGqWeREsIT1M1aZM85N45XsMi9Z2LCx5RuFKUbFCBGJHZ-GncyYKqdZQkNaC0qAXx4riAw7nxS77CKlgkNtmOwMcLYo9z1-vJf6sLbfnr06ARNu1bHKWf6ctgHeQiEP7vywApblih6_A15fVXHnAnv8G56Q9mkYMu9p_vfZVxYm-SeUQIaNU9uudEiSLvBgg5y5uGyLIEoLUf8ytPT74flFAczc9YNZO_1gJMZGxwEj9k456a6NbW9CQN7KS_0gCki99iBjy1ot0n_v7ntUwAiTDKKbfxYHtxwZcDKqY4I1DFmFhNzHN3Sc7mv_0D6gP6p4WzVY5ZbkQ-DncbdkBcizCiDNn_bspPAHUNjdHE3p8cJiv1DuDI_HZwXoUy6xg-N4RRHO-KfuYppM-dW6aWV2BNX5eMybsJRfQNGTqH5oBeTQW_bDg4WjB9C3SJvxgjQXK_yqW0CsgYWHkaFUaitiFJdk9mnOhCKpE-a1avchiDNOuo8oAeAo5grOqf_2X0KctPoNJK-9sGb3LvgJ_MZ3MESSoM06HE5QdCggID1J-u1_R1PYOE1FjwBuju-X7f5RN75l63yXJwqvNCdSsJmmGjHZN4gv5b95C7Gb5Ed9eHkBixbJPXefwIlE_w84Y1I0WRf7T8eQZZBjGea1XYhOwYXU2s92AJKwg0Pxqp6CTLztra_65K9Lfbbl8CqjGbHv5pTO_A1YCclC9zZLGCRt5eNqwl-_9FM4qa0vvB-D0qLS8YHGvztue-OmQpynZ__wLHiA2OHdT4vNtCK6FR51ZEhF7qkcflk_MH39k2m54pKwBXQetqZE389sIQoPt5AHXSEJL4s9DsnzQdipxn7byHuxM8dKnq-tNqSrNkOGVRgKKPj4KFJkoWPIa-Vq-tKRBIZubkk_EQDNwQnTecouVD7dN8xaahLf-j0mbNbviza0vZhQonJUJdgXyDMFk_PltP6UKWxA67lOxSZqa8aaWoXLUzqxbm5siEQjymD9hWH1XOhy3ZbWfsNWjWYYCI_SQqdQlBQ0mRYcwhkArg6q0TKFAM16Aa4Lj_ZeZI8Uo8TxYFDrMNfGzi01zIS3vh9-bYtUc6hsTiA3SAOVqvKRQTTaP5iYcF-iCienVAAzSfgbS_AOyfYVjG6Zhjkc_fYVUXtSysl8JSIt0ngqsQS0T9Y004gvKsvRrjzTgRm9a7Lh8Yf5ny0uaefGVW5ZkBAeklryz_o1sV3et4B3yO_o3zyP2v6QBXJGuuLOgrxah6Es9TfJWPdhjxduwqIdwtkTGIapCow-NZ8uEqbg2XrONEdnNWNhe0smA5h67toE-3bk3xs-9DR8acYjsR9oJslEiRr16l3e3A7UAg2CezXTqwytTjEITv7wCQIIOwTnTA0q0Zs0dadZ3DU2cOow5x78Eb5KUa1EIOhyBNj6lF7Z9r6lC37IbZQ7FUb9NbmqOaTzgT6CIJKXGRQRCsCnMLouM-4I3eGpRPC00IkeEFLyk9U0VvEOdLf4B9m8TygkazNgDBpA2evwctCviRdZGGdUEIlceoptaoxOlBQkcqfvtRR298lURxfVGf8aWPWGvEVwFIr1ldlRkwAxZ3zvXe8dDPxKOuXzoIy1c_E_KC1aEFXygv1K83cq-ZwLcKOyFjgGfy0fU1LDwE89MjJKToMkfOZrLnqEp4P0gWp7j_JVw1LnF0XBIANh9VbsAFNvS8ZgtgYB4BDqmoiMsr9ARhrhL4olQklPVgltg50WkjGq5L7kc8CsJi-W7v0W4p5L77dA595RSpzYH7V_AB8W1mS_v3LdR1cgeOlPldZBRQHOfkbQd7FNCc9eCQwy4P6uC4Z5fkoDKn-IwsNQ8sfuwwyJmV8p5WEnNDoTEXYEmm9Y4uu9QiXbebsjjG4NrwRWo0wLEqavnH7GRvWRXngRchS8cakPx7PZt9d2qOLHLFWzR0WFN7-UKU6tG_4EDVcFqlL8CAPJHfDLkSt3mbCWhxiAck2PsM-tjBcWAY2gPSbRJiNarRPETSrsh0BDjJ5MsjjZIMMUobrxalNbRc6w19V2T5i-C9Lxe0-JCfPbCuNUW0NifSFDhZyPbgNbZH_vT3TGsN66vmcao9uy1u&cid=CAASJ-RojLbkpGCcYSqXZ3RgtKdeHLEBwwnsfKa98GlSpcOQczzm3WGvUQ&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a8f634b20c7756e085237bfa16fdcf66430d049ab8239a89ff21a22d82e0e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA34 42 B
63 B 46ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ARjysKTTvqOkazAP4jlRf88XTAvrHrf1CDZheuBMx8CWCbW9lKg22djlsUOajNyZxQiAeWTFVk6ULtIdrMbAo4v40ycWoOEVxCvFDWPslCTcrhjHA

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame EA34
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1083870/64162793/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_placementId=176...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
481 B

624ms
15ms

Image
image/gif

2600:9000:214f:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:214f:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 11:48:56 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
age: 4497607
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: bs1haAdAoaziT5xCQAlc5pPTzpazfJmBHrZzdBdK3ORzLjHA2xitug==

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame EA34 3 KB
1 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:04:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA34 140 KB
43 KB 64ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 13:09:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame EA34 17 KB
7 KB 19ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 12:59:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EA34 0
0 25ms
18ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9uoB66Z9an9IQo3PkujgVzoTGJpOOLckBl3EL3ltPAbDDXN57pnqXnTdpf9R4LwofybvDNJ-Bde2eGRj2I8uVKDZ_Bw
Requested by: Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 css2
fonts.googleapis.com/ Frame 80BC 4 KB
1 KB 77ms
26ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 11:48:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 09 Aug 2022 13:09:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Aug 2022 13:09:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C6DC 8 KB
966 B 61ms
28ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 12:01:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 09 Aug 2022 13:09:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Aug 2022 13:09:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame C6DC 2 KB
902 B 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 12:46:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame C6DC 23 KB
9 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9660
x-xss-protection: 0
server: cafe
etag: 13823643058518418725
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:04:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame C6DC 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:04:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6DC 140 KB
43 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 13:09:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame C6DC 17 KB
7 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 12:59:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C6DC 0
0 19ms
17ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUnegRszxJ9XANvoTSINiHiq68emDct7b7ZVpqHkvtYjO0C_kc5nlQRIFf3S0i5SJRpCGE8SeMmiUqvudiz4yQufth1g
Requested by: Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame C6DC 32 KB
13 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 21:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 14:00:52 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/ Frame 80BC 19 KB
8 KB 22ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8392
x-xss-protection: 0
server: cafe
etag: 14983445617412810031
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:08:36 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 80BC 205 B
229 B 31ms
13ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 10:17:04 GMT
x-content-type-options: nosniff
age: 10318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 09 Aug 2023 10:17:04 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 80BC 604 B
628 B 30ms
12ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:29:49 GMT
x-content-type-options: nosniff
age: 20353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 09 Aug 2023 07:29:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0781 466 B
301 B 45ms
23ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY-eD4xgEwAQ&v=APEucNWcUmxVDyTfaSjWHKlIDjdVy7luBZJO0LEluO_6eEJTTparq-f2fIbBhvu0jrF9xC1RHSj50JOwpN2cfssNFd42EQTUKJG9cZWAU8LNctHEDY-iRiyNo1Axt7nzzaJqKJ1rJ_7ReuDnRdZ-SvtAePEQMHsSHL_E0uvC5-_GWO8fr6Yy7Wk

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 280
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8CB0 83 KB
34 KB 107ms
82ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AclkfLVJAqLF2DbJlKEzix9CqSEeQEwNdtHmG6iEpLY8RbJGFM94dHzke4Ak7ZFXBG1P3WatkkFG5BK9ssCLufzznNaylN3PRaXRTkKX4yUzHG0cwOptnmXSB1MPlXe--lVZnzNjk1hRej5J3leltDeSbzSQ&dbm_d=AKAmf-DkyJcv-tqNbVCGqt-FM2ETtKJkwl9B5Z_Em-LlqMiNy7yK3ftuhUD2CvP4_uMf9Mbh1pbAQqwNTOZh-YvHpkaXW56aq5ow8GA5n6B96yijIoSrv8Yl5Gf1hkgGmebjz2tdWR_tYBwBkcxSlis3ELxdVfbnyIxQ8N2QtmP4WztiEubEjT1U7DE1s0QKmGeYe70Cg6n-LYU98LPzctvlpMGr7mGdoRWjczbbaOuGhpubPPT7cc2SnKOG2VKJ3zoBDgeuwBOEGYVCDBC6iR9TwDNeWDNgLOZ6mc7Qsspvwc-z1eLXmGjEeyIgw2znkN9ZauRu7A5yCK3mzIbmpP3gXqlQMJu1QLW4QAsc0uIK_HMHQCiXqXffsQwnQTarWkvxlyQcN8oUZNfSNjQPHO8gNSFSFUSsAmBLDERQXG4oidpNigN2jnWsgJwki1M8PgMsJcaOx-vjTL7ONTJIo690OW-eklOUUZeKtSUw0BaC4chhnHsLMutGWwPOb-PZuVsIW1-dYkcwue9GvuGTY0a0mM6wsr8FpFv5fUOBF78XX13kONKb6E-O24t2zCv8KZGZQR4k8POXWlwlYA-tMy3a2E296uFxZ-UvO4UKyyW4EWkCw5CwJVO-vC4Ua50PtHaGEadScSZYhvEmBoyAjODKsaLpnu5o6scvGKNRtL2UMXI9zJi7iqz_t3WW9oH49iPyT6yRYxMbs2t5zaOhiP0KET_KV6ZjgJA5y5sw0d07lTkUS5FN1EaBoTbdti6xwfF4wGPMuS_ytGYoAs0j0VcdxQ_HCNh0vu69lPfrjG-utVhszGFiNfwPKGsqIHBqtL4B2Lao1iFqj33PYLyUhLkJgeXT1U0-lIQreOrguJrmxtGLgh6P05aP0ruK1jHsBZ1m26SYLrIbp3BJkY5BorUgSir5NvKzJZn5ZlgYTqHf0IAVWVnDvvOP-ilcLNQsNV6RKu0ClUjUBOEds13bE1iyBVlKoAi0Uox1KJqs6Ot_yQrfvki54bfefOUrzNhptxjlrj2jK0lY3nPJto-tJqJLd-MwSQW607jhRr92G16aAfyXukXJEqkA1DtfqCLK9HS29I6riyLmWW_f1PSsPDz_op5xin9cs9s7rFlL-NChXeYSuSLy_g25-CySR9uy48iwptV4pY6ORPbNvXOcJbt8ks5xW_1VIeHkQQMOt_YgW4jH19R0eUye-EWv4gppDxO5wzVkHF6yf-pvJna7dwQNHO_xOsa4uuix5rpQ1U7CrRle4mb_scmCQByFHAnl48yAcUtL1TE4paw0HrifKMmU0y9u_nyhcQ2xJvXlTcR8tug8aS3eVfLPgEsrnpLp1t1UKXyePRwvDA3Qx_1RzbkL9b3mEzqm8sGhB9PXY8fmU-mq3EZWJ2jExloRARpo8XKV-mgHehib3yY95W8m-hxGj2qP2Vdlr-bA-1ZENVNekyNs6cW7LZQuAxUqToTrFONSQYhxTYW1v6axIYMs01H3d89H4t9qxHkDQRQ3OpqPEpwxyKVYqR2vNYQ6bR0cuRtV-lV8Hc1FPR281j3OwA6uf5hMsSlj4ueefhp-vt493gBjU97komCJIw4tZ-Zjo1cSU9aBV7AwhCYAYg9LTlfN1Zi3Om9mn3EO09dMh6Q0yzYKwmEtD04Zpm5qFcB0mbEBtMd1YRKi9MPW6L59ewyiDretaa3gnW1Lflv3PH6CWbcOtuR6XwgeJFN1n3M4zuJBY-VzhoR0teGXtp__TgqI_kia2xAfgV1NeXPwa7_JOIU8jZolLMdAqY9-3Mo1L-32i42HdijZ20BwBo6hk9cEYIeVKT79LL1hevo8pG1Xm3wAqfe1D2OOl1j-IAwiRsa1aJ65NfoukuNLV9BSJ1Lt6WXXIaN9803P92QupEXjuUxAHApEbPciS_rsVNN0RfGEMwVxaifUJyWyK8jSCM9X76uIxw7I5kMI8vbhAfA5HAjAxdBQq5hwA_Vlg1k1sRJxNeVwZNuUcAjnEdkZzn61pMS9_cp9iUEQXAzn_Zm2ua2mNe0Som8JRi3swknaRZ3W31wr7AW7-Dqs2eztUQXmVvhch_QflRmhziJOkorxdpJeLSA60qWN_D81bK86t7qeVNhO5HYvyJxuvcg2XlrabvmLZLGmxsHDc_GlAErTCTXBpp_VraNpF45l_U9WJdQuuKah7vizr0e6w1XtoYVUhvMB1N5LkfnWTyjcI-0H_cKKDikwf98E2xbSCfGjzLf95UbZVX0HXe5Ra_b2BNI5R9J8LkuPId3Sxy3PRGR6LxuUp2UQMGb0XbBuL5aOR0h5R3S0tZF9A1EQ5NvZIFMwnmt6wLMWCfcbkdVj2w73Q4f8fmBo15QETi98-hjSxTiRj73IC8xFD82girvPzbPPLdLLf3Z4RakVyLrIHimmsSZCpvVlndvvCUsj-wEJ3rz6LFEG91P6VHQs1RmktF_3Kv-UcFb8fWTiAdToPNi7J7BawNxWq-_xJu-L_jXGuqnT9bW_AtNk_7f7JnBYbwGzUTePySfMb_yc6tALN877HQ0ZWTZWqZHl7pUVtx_HiKOIYn8GS4v60QPA5gxoLfd6uleqaGO47NVn1SdxDZmd6nlXCJq9--TcahpwQGVB17amdLoyvpVj1cIBiHSbFG5kyL-MUsVpX4PAM0SlmSIUu_Sc5gE1QB4FiH3R88H-BIVOJeEqf3kqi0CsDsiuX_94jbYBBVvCiBmxbB88LdQ9_OjwIw-nHD0-VduRnqpVDw3QyWm5MEnU-c5cfYOgvBfzAikB0r93WMVu2rhwspaFdNiOYAKSk6uNn6TPjp92TgAy4ankBNCI1ryO_7Ik2C-AavrpTEVLmZKYxwh1NFh9AvAiOzXuMccFj0AAujgKU59jWr9RfaPlEiu0xHM76czvq-1ZI2qGahCwATDDxqolAALiHMTTWHOO81oU-iLPaUlLO4YjtbIu82Nli67T0zcMTuYSiYPzqJPVmdz170tx9Ue_fOel4efHDgkZQwGpXVeVKL5oNJE0bctzEVb7_W-pvIpmPmia5LzI_GVpsqRQvgmKDq4clUFlbCLkv-M9hEfgxCNrznz8W5LREUM0QYjr3otNPVuTMAWfcOtnuAOEHAdK6y1TXRfHXQe7khppiik8q5mi8W5uzVC6X3A8FWXd7VYzqVxXtzFAK_t4cg8PfAAX3K_Q8Vy3pKwrcK2KKSR_xcgDBF-RmL7rloPzPAaDsVW83rc6ZAsQYB1qZMJuLVzf7UGcpwnydt2Kt8PbaT144kd1IxNTwRdl8McsBcsxiNVxdM28TQ&cid=CAASJ-Ropf6i0vkJr2o9idl0Hp2zUfQD_eVhjTaRMVT746cgmcXm4ZSCmA&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e60ff093b0ed7c01c5af9b1a10cc7493b53fc2d2ed0fa12420fbf1a62d00d3e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34483
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CB0 42 B
63 B 48ms
43ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dxu8GuoZkPRAef2JYB4U2xdyZW_197AJDB1gZb0LQDzU6SmCbRSsmlDC9aU47Io-Fit7YH9dBowmC9w8-exM2qElpB4ZkHX7sm0yOXmqnFssYU4_E

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 8CB0 3 KB
1 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:04:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CB0 140 KB
43 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 13:09:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 8CB0 17 KB
7 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 12:59:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8CB0 0
0 22ms
18ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0jkO38IlTVyLXCoZMxEiKLPjEMgoKcsKI5T2p_yjcPv0CA72krGyvVq0ptTV5QqgkmLyReD2HLvEqnVXnmxMBhre8Dw
Requested by: Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
44ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080401&jk=2418228991915106&bg=!-fql-r7NAAZGjrx1Zo47ACkAdvg8WtwWCkkUxRec5y7hDQ31RiUT3CQXiHJmZfiRxGaRVzQKH-BCJQIAAAFqUgAAAANoAQeZAr_EZ5SvuHMJ9vnFR7MNKmaVf67aquRHi5YqK1rTryvLfE_z1NxkCTW-msK_27Zc081DE-FKUhBVD0bl8SzfzK25zX7TxHWON_ud09wJ3OcKW5C6GjJczx0TL5HZsLRPAnLDzzyjl3d9djV_sr7G8YPuGiZSGpF9UkGIquneGwjcx7RPYQzkMGZzvxvfVA_nM1-k9_rgGmT8YTP90_JgZxW_9NvBZvDvjgr19OWxA40rlKcasWuDSIlAOuZgEv72cfviWAS6EgFmWQOO3pv4Iyvy0reSFrDMFkhXK0SGDv2cmzK-ZTTieIaXoR7NT9tLLbwnaUBCqXY9BLsFddhXTSuuTMnFHv351NI_IFMpJAT6F7wJQU9easxRgTeW2oT6450EYQ9tc9wfrKKuzXsB8IVEmgsGn2DyQHcLNAepaNdCHQfi0UvZEKEtHvvgCvFQxQ5KZ4UrUT6s4IUerVjz1WqFJuN-U1T4HZPpPmqHMem3wILUE0BxG56HX6hUpPB_5X3xS0BND78K1oaVDsLSyZfeJeX85g4qJo84PovzN8bw4eGuuEsGbHD44-E2bVTGr4Y7FcvgSXqIbkxxbnF6ZOcC4EUe_shFGStCHyMoSSi5fy66o-0MMmomAt4nzImnvRTS7-Ao710upB3UQiYiBQI3Wf38nH5P0KcvNGZntKBdUGyty-_v2_HHkn7M_kNDvZP_J6Cmq9MtbIREi-nmE4qR-PNsSnEe_V5TSaJf46nm42Bfh7CFXgw96Od17FOraRZ0fNeyzyqNHQTRT8NWuxqfVLzLrXN0c5ENk2-og0sAjmJJagIEbUCzgxA9RoF8xFUvpoWg7gw_yVAW_dM0jJcIrYNZLA9CzMjDYwhi6TMFkhK9VobRwdrsoVCbleczWotjwAuzHjsgRLpnZt6nd1M2E9e5exkVldgbtaRXaPA9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7832
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWLPGH0jIFBvFvracYvcaE&google_cver=1

43 B
909 B

69ms
47ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWLPGH0jIFBvFvracYvcaE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYqOH4xgEwAQ&v=APEucNWOYCSB5rztdkXR8r4sPUusO585F-4bYEhdLhhqIeaS_xBt_Fq7B9F103OFWWhWMDZ5rXaxbXb67bokCHHKP3ovJ6gHKR2c-wewsw09BORg05lPMpZMS3eJ_Z9FwSTMDRvH0hhsp0nqp0-VGsQJRfIFirwYN6g95sHaN1vSTcFhJNYWpV0
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7380b9516b7d9b33-FRA
pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eJChS%2B08QTveIVHHbnFETOuCDCKBcsN%2FhupYBKf0p%2BJ0w1598xXzJaHECmz3L7yC9mSnvySh1KflGEr1mK9MqikV3P1wi9kUeLlrj5d9joqVyAMBvxDNgrww6Zq0kTqYiWynKnvxbSyyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWLPGH0jIFBvFvracYvcaE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7832
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvJcbIARC4WgLdt5YaNFkgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWLPGH0jIFBvFvracYvcaE&google_cver=1

43 B
910 B

32ms
31ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWLPGH0jIFBvFvracYvcaE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYqOH4xgEwAQ&v=APEucNWOYCSB5rztdkXR8r4sPUusO585F-4bYEhdLhhqIeaS_xBt_Fq7B9F103OFWWhWMDZ5rXaxbXb67bokCHHKP3ovJ6gHKR2c-wewsw09BORg05lPMpZMS3eJ_Z9FwSTMDRvH0hhsp0nqp0-VGsQJRfIFirwYN6g95sHaN1vSTcFhJNYWpV0
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7380b951cc169b33-FRA
pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVnI9FWcFRZn%2Fe%2BThiR3BSjliFPjJLJFT53DZG%2Bnew2cuBIRVhx6uelUBF%2Fv0MAvd9z2C99i69CMznifLB69ZKSwkc6swBWl5B8iU0cJRlMdZlf3iz1NQ26yhGhbah9BI%2F6njk3ZI6ZdpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWLPGH0jIFBvFvracYvcaE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7832
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB4d2XN44gZtU4JFmsUOxn4&google_cver=1

43 B
1010 B

51ms
36ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB4d2XN44gZtU4JFmsUOxn4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYqOH4xgEwAQ&v=APEucNWOYCSB5rztdkXR8r4sPUusO585F-4bYEhdLhhqIeaS_xBt_Fq7B9F103OFWWhWMDZ5rXaxbXb67bokCHHKP3ovJ6gHKR2c-wewsw09BORg05lPMpZMS3eJ_Z9FwSTMDRvH0hhsp0nqp0-VGsQJRfIFirwYN6g95sHaN1vSTcFhJNYWpV0

Protocol

HTTP/1.1

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 13:09:02 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 943f2f3b-cb7e-45d1-8699-2bd4d20f84e5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB4d2XN44gZtU4JFmsUOxn4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7832
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI2NzY4NzQwMjA4OTUyODQ5OA%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI2NzY4NzQwMjA4OTUyODQ5OA%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 13:09:02 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a268b62e-a375-4307-b8cf-90962964be4a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI2NzY4NzQwMjA4OTUyODQ5OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1149 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c67232fe516ae269b33b069828112b46fb7c1db1f58c84c6aed6040bbc68f32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 00CE 2 KB
535 B 66ms
35ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 12:56:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 09 Aug 2022 13:09:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Aug 2022 13:09:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 00CE 2 KB
902 B 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 12:46:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 00CE 0
0 69ms
69ms Fetch
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEWaIbFzyYryZKIWl9u8P0NqJ-AnVhajJa8zJlNaJD8_Dvt3LGBABILmhuSlglaqUgqAHoAHjwKvHA8gBCakCEs4XBVIjsT7gAgCoAwHIA8sEqgS6Ak_QBR-_sjKQABfFqMxX1hc1SIWg4HRL91Yanix3E-mVQPg2sdtAys8hvdexa_FpH53OILZck2nWobEFbS_u1DZoHhMaxUMGAtWg0Ei4qj-Wv5_Da9fs4JcMhRaJW6_PnOipFVN380L-2hwS9xGOXRuL6RsNRV2O-4gSOp9K6GQZKEXjH-JHlzuEkzq6CYTUD4EhifeVNwtRB8dMORWVW7RCeZgTxmlTFdr8gJlhk4cxAPVtO5oOG1983UHg2ejV4oFa0UV98Kux4kNgypwfrVcmVizI8dycq9vWj9etBgr0fLSQNzZBj8MTcpnUmx-gMCY5QBdQp3YZMCJrUD7TEhP2Kjl5APj19qZa-zkRWbo9m0eo8ViJou2nhYWHIyr7XhU6WGwS_IWUIpI9bVzEFnkCHsmrWdEwmKmOwASylae9uwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH0f-MJqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCwiAXSCBIIiOGAEBABGB0yA6qCAToCgECACgPICwHYEwuIFAHQFQGAFwGyFx4KHAgAEhRwdWItODc3ODg1MDc5OTg0NjczMRjxpBQ&sigh=4rVSSvqk7II&uach_m=[UACH]&template_id=494
Requested by: Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame 00CE 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9660
x-xss-protection: 0
server: cafe
etag: 13823643058518418725
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:04:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 00CE 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:04:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00CE 140 KB
43 KB 272ms
269ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 13:09:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 00CE 17 KB
7 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 12:59:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 00CE 0
0 17ms
15ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFqK4knjEwAIs8OON89ciXgeqDsiKKH2kSvGw6ItpSgeK9M3KLF_l75tbGRjoiJ0jP0GzDvN61NqsznB0y9sQL17KPFQ
Requested by: Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame 00CE 32 KB
13 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 21:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 14:00:52 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2215
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPC8hvoYQo3owrV6ubxemxs&google_cver=1

43 B
273 B

592ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPC8hvoYQo3owrV6ubxemxs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO-p_M0BMAE&v=APEucNXd8b0LFODWBfds_YY5Rtr4eW2SSfJU8RSZVAtILwzIymEOc9AXBS1dd36Keo_rY7HRpE_Q1wx85RyEHKsBtKp61QBgPeAhYLdoBW0UPOXYzZe8fVksLMbKzIvKeIvxALO8K29-2NWVT01LTnte3GxQktqwEAKPqzfqdZhVFuX8oKNX5A4
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPC8hvoYQo3owrV6ubxemxs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 2215 43 B
145 B 659ms
20ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO-p_M0BMAE&v=APEucNXd8b0LFODWBfds_YY5Rtr4eW2SSfJU8RSZVAtILwzIymEOc9AXBS1dd36Keo_rY7HRpE_Q1wx85RyEHKsBtKp61QBgPeAhYLdoBW0UPOXYzZe8fVksLMbKzIvKeIvxALO8K29-2NWVT01LTnte3GxQktqwEAKPqzfqdZhVFuX8oKNX5A4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 2215
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEM3sfz9RrW97Ev3IKdw3ac8&google_cver=1

23 B
172 B

581ms
51ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEM3sfz9RrW97Ev3IKdw3ac8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO-p_M0BMAE&v=APEucNXd8b0LFODWBfds_YY5Rtr4eW2SSfJU8RSZVAtILwzIymEOc9AXBS1dd36Keo_rY7HRpE_Q1wx85RyEHKsBtKp61QBgPeAhYLdoBW0UPOXYzZe8fVksLMbKzIvKeIvxALO8K29-2NWVT01LTnte3GxQktqwEAKPqzfqdZhVFuX8oKNX5A4
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 09 Aug 2022 13:09:02 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEM3sfz9RrW97Ev3IKdw3ac8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 2215 23 B
172 B 651ms
42ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO-p_M0BMAE&v=APEucNXd8b0LFODWBfds_YY5Rtr4eW2SSfJU8RSZVAtILwzIymEOc9AXBS1dd36Keo_rY7HRpE_Q1wx85RyEHKsBtKp61QBgPeAhYLdoBW0UPOXYzZe8fVksLMbKzIvKeIvxALO8K29-2NWVT01LTnte3GxQktqwEAKPqzfqdZhVFuX8oKNX5A4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 09 Aug 2022 13:09:02 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5408 398 B
279 B 37ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5eL4xgEwAQ&v=APEucNVWUr2hqLOQSDXDJORy9yPa3fwOMMsc0n4vJj2urTTlsA5kYYgmD7C1CQJ4FD_Tb-ZAxdu7qimyZtFwysIvw_NdXPjXscrJemBsPWeLoX_EcEa6a3ybQZH8RdrmvF6S-KS7uvo51QKzBP2rtTzllx5esFXkLCcn718wDQ2-IXjPbTtb8uU

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 258
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2653 83 KB
34 KB 73ms
71ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqKmg9noDFqqoj8phwLh8uHbrYw7r0Faf4vmMzHAM4hg3bPJhXmPJFl-8kgQqwZ-FYD21Y1Q94wcvkEmPfgFA6a6Od-fRkwDHOUUUV8NeXFEkYZpDqT3ZuylvrcEZcv1vhXG5isWCYBYmBvJhNwk0EpVg1FA&dbm_d=AKAmf-DaNFlcY4jjhH_WObu7Ju36ciMDm9YBZAg8Qfe9bLIhMaoC557-iyiuPFBp8UN-cIfVJNkI0U-jjxQvan0PNJyshtrZSMrFN5hHMNqFOgSWW0_1Bjr-aZ_B3FaO39EY7QtOL2CvuPZtOGbSKwQ5rHhnFaosh4aAWQV-qU5LT6u9uWs9S0AfbIG9Z6_4iekCFBKnifh_H5Tw8IMEReOsbLpkTQ2DFFJpTET6la1Schxh2mAoGVTEFcv3Cj0nt5pJOhDkyBVpdaZKAOFhxtZyqOuTSFItPpmVtmvfx2ukFDkzO9eH1Cdh5fBhyLtVdZ7BcUeaY76eHEWoajXdWYWUKpJFrIoUBfTMlcMpRND1i7Sk5GzGSNbP7gpDHy1RVNgX-0PX_PAqRFYuflBkO2580YNywORmiLPFR0W5XE2QLOnzquBMhUmnGoofSmDnh-qXqPb1lxHBiUzbsdxhQIev1HkiJfGykXoENubiNhPjhvYFlQLp6SMBjS__D1TqQKzynZ38gSvKrmcMKifR3QhSmojEB-xfwLTRfBOBB_FNSqIIEhIxyYKx02ZA8DUgB7aVwFgigbJ8HSs7OxQSrpQc3MpfBrtC3UGSFZBRFQwI52yddmOyo2DKA6ztNKsTjDwuLXjX1yLXxdoHhZCJeD7Osy3PHmoXLwy3v7k27UKbfdCFeKC5BHSwL8iHTZtYazZalx3JthonkxGV2335GU_qpoF4EDwMeo6ayWosMYkuhJwKoy8g-e26MISRxXrDWEyIf4-mf3nqzuZ_ySLL8aZgnuhGN7rpSHqMKK-AOm2MQnv4cXBupenPhtDGkGwz2SLlRkJItSpFuH1A4zCc-c38HLmO7L_IejPxKgrbcPmn_VJG9kWtiuM5X8bcEj32sd6e91Ij3sc5m06-CnSGPupx4sMW37-Qb74UnEhN3nOm03f8hBSjOJ2BEh6_adC-bfYtCaDustMwZz49IS5iHXdIMW0BwrgkDYOTE4pNvFIcreE1ObEZJUEOOUHVLAqqjTuBqVLv31xJvshX1URj2eimS0lkZkmR_5T1lwdU9YKpz3xYgDysSF0INKZ4jtmnbQn2K5X0MqhcSKG0UoFCYZN5HmBEdgsjMqJ9WMe632buDJxR7YVxk0dFiHg9wC3WF2NMo7AUH64p1rQF-e4JdAN8eaGlEIV5jVcv8IqeoU7kB8_jmMufRt9wOhxUqs5veOxNab7vk9nKdqkzQu97fULrh4lh6w1_UR6B8Y5Qxa1R_wytaFX8B4L6-jkBqn3BVXGK3CXAFJB3iWO5dvXTlC2Rvshnl-q66Re2bly4nTkrH-hg7lnf7bbVparO51wCxwT1TgQeW11g5rI2CcNK8T1xh_x7y3WYgaSzMXPv5fcG1HnEb1i9OGipIXgXJpWO2ZlBVsZdvf3-na3Z63YgSFsOA3yCz3HpTnMbBI6Aop_7tB_aRKnpYQrXAUzFcJaff0u6GUhZt7wBtI16JpGzHIFJltYTBVhyCopdgYtuBeT4bQRm4NJhsugw2_U0AsPzOVp5CwEJOC2CqfleB8ETxbbd2vkUFMcSlgwt7Pp0-IQo_gZ6u3nfu47jfqM20QxjF4HdcdXUvTYHz77gtMTwxam3u4nRjC46VFzYVzw_YGjMMwXhkZvNkYPZfnx3fGw1cjfD2p98eKk7aSLnyr9Upvhjp2whkYiA4q6ZSuvV9wZl_1lOV345aT8ZEgWOmECFGDUiMo3PJyvr3o3wgpz264kwu_ui1ZdmLv_07qDaDlZ__oiIV3XZwS5X9l9ey9HjkA7eGZHTfGKnhEthD0HPJ4E3ydFBko8eNQNhvtlT4WwzOIzaTFE3n48w3fvIt-jswib1dOdDPafvzhyHEJx20eRstTZq7TgaKVFsyCBAiBt1kncJUqtyqe7BOxTn7PIr9jYQNDdkpxABy6bzgLe5Wx9GvAfbfIhfEAnQr44hwOBL80l2Clvloe5tcY0ZuSZzPGqioXHiwNEFIWcfcNBN2lvCzEidP7DSk7p552rRx80hHoHkPL7ySqaAmwk-PEd6PEuDQFS3ZKeZumqMbhjHlVdcIX77PXzozZi-0DIr2gReDf1301YoWhg_yxtAnwfQoQflAJgzQ04o3uty7YEAspSIKv0-zGc10vVRO3o9a1EiVOSd7NDgpDywWopNOH4miNvyYwBm6ZC1-Z5ZZ2TFOPR5MnWhcp_j2wcc-59cA-ju9Aqe9oDApKRi3AoUbB4iTJ7saoDRWVMfaZSRv6p-WYE2aFC2a0RgAuDaRjWU-UeVRdNmqmDj-leC_J6cgl8RJaYYfbt7rOhcFfZCjogbjMiWr3WOEbmMQuj96DS1NoZWxyFw_kuw0qCpVLcAUBiiYJdswb99UVXcE-JIoibRyegP1-oQ41g4PX3IFW2qQvH9wXSj6o_Rw-1SAqBZqDQ37v7wYy6WUgRAsIewuWqr84_h8QQfKrxrDJzquXhMnRlYvs8z_wSL7Ph8rU-mxsyw9cFTeovkHAUgxNz1m8X1616T_vG8N64GwIloCKtT6ZqcfJ6iZm8YiWo6tQlX0zZKYW3lzTY81PYOYBROSkuTxDG5hZobrab76AuqJuNBeH936PbsCBYAUjQxjVh6bdPaty0APOqG7Azfvb3eOSAbtUkL_ypz8C-eD_ohbRl89xujutsAvsXXOxvI0z-l6arGw_Psn-aIy8UWtP1UghIxHeSYkRUhrux7hHBUI7-C2Uio2jP9-eVhmmwylTKA5mDEdGUpp3IWffZ8Yn12y64PMlrHeL6mPt2x3kkwyYEeXV5VYcAgquCASu-galdygyFqEGRlqbLtNtSCSTUDFrDcH26PHv6SRawFPSnP5-KtXvGuKRkCPKyAMnfb64WdIV1NOsxhTdo0e4ReptkOd4iuvI_vlCB-PGKiCvIob0SC0Cx9nr_17u8sdNvfB2gWMxwDg1b76kaa1GPZIPmA9WrpZvx1QVVTSt_8iiccqdCEQnnTlGIk7JFs5Px1JOtQfHh5-Fq-VQsHDtTlg4KuCPxEIMUW5jABCEYeWjZDVV7Hc75jp3elFCUsW_SvqAZvSmIyg54VGFME715v73PPVdcJU179sIQEaTDr6EyJ3h8tG5xYieVEF46PValYP8ze6ei-euQ054ly3WLsl8V-6_cxtquc-CBRVA-INdgmOqrvTA33Nx5uNgKHnB0paEFuEqZXVudsztK3iCU3gXWYldzM6H9cFxfr9ZjrYA8cDCMX2J-8IMQ9KSih2n4yTJfR66roo0PXziYc0fiww2cQt_Q6X1aKzH-v_H6H0Q&cid=CAASJ-Ro8dzn_bzexVuC404q5u0Idnl0X-gBGwz0MUKsPC4G5L8zbgc4yA&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4028bb95dc9f5b5f35f011f1fb6343a96fd8fd3cb4c53737216ba3206e00fef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34397
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2653 42 B
63 B 53ms
50ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B7kuGrqf2sJPPgQvDAEbACoGYJvvFyzWghA1YgARWiBllBzjlOkTZyuyIJaoz2oVeVFk8iDbbZ_mxGwTyKly0tGBgOue1f6KQl0txCj1lmAinDInA

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 2653 3 KB
1 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:04:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2653 140 KB
43 KB 281ms
275ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 13:09:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 2653 17 KB
7 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 12:59:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2653 0
0 24ms
19ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRppAn1lXPYijxom26yLC_aoly3PYFyPnvcGr0r94OXcdAqu5o0YieALKgB-LW-nhdhoS5qBVzAErFpDB3xpxtPbqQvkw
Requested by: Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame EA34 170 KB
59 KB 660ms
6ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Origin: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 11:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Aug 2022 11:11:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/ Frame EA34 8 KB
3 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTwsts2qt4e_yZ33VGOQnmOWNr8Za8JfKUCNHIf7NNelLjHD5_mCQNGX0oblJzd95xGfUXYqQFYHUmDc2H6SycblqVSV-qhP-zXIZLAgW9BCne2EReoDBclokAhtVOcrGuW448DmLWjI8IE4nkqdFF_xMAYA&dbm_d=AKAmf-ADN7Lo5WV8gP_pTANnl8v3DwAGnpTs9vF23z36ox1duIxGdA-0h3FYcDKnXO_RZ7pE91EDELOsFgyISFCy-xBL069Euztb0PHW5TFNkk-PY7Fgqot8HU6b_8aebxAH3bbERF-t7tRhrN9BZxDvc0j9AW9dxWj4_qpZ-eA84mLTs60OADSgPhOd1S3CxI4_oK-2dvBpwu45w0AE8Q5meNmiCKjYMijbq-HY-cmZFE5jJKEejX93QowO3ec97bpdMPT0ml_36RmvQRDVyFtYbgEle1x0kwvSR0Nd0bG2ZUE4QkH-ItcxlXjAH1rMjDbsQhLlt6xukMQFAIv76MMIsDsrJV3Pf2tpq2z3sBRG5xJdGTf6yCRY6OhfR_Obkh3K1G9jGqL64G__FcF_KYdG7pny7Xwsfkj9dDRqymOZb5zAlMeT5sgFg4tXyij8AR-76pxtxY3CX7A82zpu7JxEO1TGpx8qOkS28wvcJYyThPj8q4F2oTQPegRG8ZZY17Kax4drwLR9yM9nWZRwPLf_TB3ca_WJQouwJ_JVgcNVKemA6YjwSuftAcR3fgutdEkS50tf3vHWNGsRzQ2MAFbMPrG3hN-mc_MrPAw2NkxXv0cXCKjuSmZCImK4dKqlUwYPsZXnpvu6FwyeU5_v0EeVlReIQm9ndIAJ0UnaPPJM1J-nKRbTSvoXbN4iJc2Zi29x0rirX4nBM02UGQSAzCg_pjmV0eNXg_Qv-E6cesCitaTo2-jK-PI9aBHVIy70wLe_1seioaDs8Hai-lsrONdRJo92ZSadMCL6lZCurhYQXljQGf-neSiPeQFMk_5MIuboA3EAvDXAog1GXrY4AfNjMl1xRaiasah4h7uu-m1ZaKBWT2hMUNY862jJraZZXdKlFAKpCoWnymCRaCDnqrfs8mzzUZGXATLmYTa194T4C4sZEaPRCq4N51ol_zliLLhrEk4TjnzZQm8YAQNYe3lHrL2CGn5ZeBUpYGFQrijhf59vIM8sNXicz5wiggE3mC36i5FHtdimSxmmzEkB1znaAQ_CIkCa5glLWxIUKHMTsteHhUA9hH-ncJDJUYgVbo2gAiNjO0pgU7Eeuc2yx4majqYdKrMGo1A3TeGgVq7q2w2dMc0jQO2a2XU5H8RH-mOWhkhc4yBHh1UNGqWeREsIT1M1aZM85N45XsMi9Z2LCx5RuFKUbFCBGJHZ-GncyYKqdZQkNaC0qAXx4riAw7nxS77CKlgkNtmOwMcLYo9z1-vJf6sLbfnr06ARNu1bHKWf6ctgHeQiEP7vywApblih6_A15fVXHnAnv8G56Q9mkYMu9p_vfZVxYm-SeUQIaNU9uudEiSLvBgg5y5uGyLIEoLUf8ytPT74flFAczc9YNZO_1gJMZGxwEj9k456a6NbW9CQN7KS_0gCki99iBjy1ot0n_v7ntUwAiTDKKbfxYHtxwZcDKqY4I1DFmFhNzHN3Sc7mv_0D6gP6p4WzVY5ZbkQ-DncbdkBcizCiDNn_bspPAHUNjdHE3p8cJiv1DuDI_HZwXoUy6xg-N4RRHO-KfuYppM-dW6aWV2BNX5eMybsJRfQNGTqH5oBeTQW_bDg4WjB9C3SJvxgjQXK_yqW0CsgYWHkaFUaitiFJdk9mnOhCKpE-a1avchiDNOuo8oAeAo5grOqf_2X0KctPoNJK-9sGb3LvgJ_MZ3MESSoM06HE5QdCggID1J-u1_R1PYOE1FjwBuju-X7f5RN75l63yXJwqvNCdSsJmmGjHZN4gv5b95C7Gb5Ed9eHkBixbJPXefwIlE_w84Y1I0WRf7T8eQZZBjGea1XYhOwYXU2s92AJKwg0Pxqp6CTLztra_65K9Lfbbl8CqjGbHv5pTO_A1YCclC9zZLGCRt5eNqwl-_9FM4qa0vvB-D0qLS8YHGvztue-OmQpynZ__wLHiA2OHdT4vNtCK6FR51ZEhF7qkcflk_MH39k2m54pKwBXQetqZE389sIQoPt5AHXSEJL4s9DsnzQdipxn7byHuxM8dKnq-tNqSrNkOGVRgKKPj4KFJkoWPIa-Vq-tKRBIZubkk_EQDNwQnTecouVD7dN8xaahLf-j0mbNbviza0vZhQonJUJdgXyDMFk_PltP6UKWxA67lOxSZqa8aaWoXLUzqxbm5siEQjymD9hWH1XOhy3ZbWfsNWjWYYCI_SQqdQlBQ0mRYcwhkArg6q0TKFAM16Aa4Lj_ZeZI8Uo8TxYFDrMNfGzi01zIS3vh9-bYtUc6hsTiA3SAOVqvKRQTTaP5iYcF-iCienVAAzSfgbS_AOyfYVjG6Zhjkc_fYVUXtSysl8JSIt0ngqsQS0T9Y004gvKsvRrjzTgRm9a7Lh8Yf5ny0uaefGVW5ZkBAeklryz_o1sV3et4B3yO_o3zyP2v6QBXJGuuLOgrxah6Es9TfJWPdhjxduwqIdwtkTGIapCow-NZ8uEqbg2XrONEdnNWNhe0smA5h67toE-3bk3xs-9DR8acYjsR9oJslEiRr16l3e3A7UAg2CezXTqwytTjEITv7wCQIIOwTnTA0q0Zs0dadZ3DU2cOow5x78Eb5KUa1EIOhyBNj6lF7Z9r6lC37IbZQ7FUb9NbmqOaTzgT6CIJKXGRQRCsCnMLouM-4I3eGpRPC00IkeEFLyk9U0VvEOdLf4B9m8TygkazNgDBpA2evwctCviRdZGGdUEIlceoptaoxOlBQkcqfvtRR298lURxfVGf8aWPWGvEVwFIr1ldlRkwAxZ3zvXe8dDPxKOuXzoIy1c_E_KC1aEFXygv1K83cq-ZwLcKOyFjgGfy0fU1LDwE89MjJKToMkfOZrLnqEp4P0gWp7j_JVw1LnF0XBIANh9VbsAFNvS8ZgtgYB4BDqmoiMsr9ARhrhL4olQklPVgltg50WkjGq5L7kc8CsJi-W7v0W4p5L77dA595RSpzYH7V_AB8W1mS_v3LdR1cgeOlPldZBRQHOfkbQd7FNCc9eCQwy4P6uC4Z5fkoDKn-IwsNQ8sfuwwyJmV8p5WEnNDoTEXYEmm9Y4uu9QiXbebsjjG4NrwRWo0wLEqavnH7GRvWRXngRchS8cakPx7PZt9d2qOLHLFWzR0WFN7-UKU6tG_4EDVcFqlL8CAPJHfDLkSt3mbCWhxiAck2PsM-tjBcWAY2gPSbRJiNarRPETSrsh0BDjJ5MsjjZIMMUobrxalNbRc6w19V2T5i-C9Lxe0-JCfPbCuNUW0NifSFDhZyPbgNbZH_vT3TGsN66vmcao9uy1u&cid=CAASJ-RojLbkpGCcYSqXZ3RgtKdeHLEBwwnsfKa98GlSpcOQczzm3WGvUQ&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:03:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame EA34 30 KB
12 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11825
x-xss-protection: 0
server: cafe
etag: 9647346768486398696
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:05:27 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame D502 170 KB
59 KB 658ms
15ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Origin: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 11:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Aug 2022 11:11:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/ Frame D502 8 KB
3 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHP9tv-E0X7_xPUdMuf-ogYP1hpjZyVVgmtYLXzi5fJE6eKCxcSUy4gGJUoRzcioE4ZvNuo4H_6XVjD9EN05czCsz6FJ2D2trsyKPSyg-qfKd4QO54PqCK8ivqrRQbUA_j59ErEdntoIuN52fLpariWjSCTw&dbm_d=AKAmf-CHP5bWb970-HMXrI6E2JOMOrSpEv33zRmuhL3nbBrAbr42M5p9QYZAAUS3h3I7h70KV7sj3a6ZPUbksTue40nOAVaC_lm5WAyPJVe-RE_Foi7Y4MpRysQFBTMzgHsOg5xXigzoUOjyjiC2Mz9a7CIup79f5-dSfX2jTlJJX-lImc1uiqdtmBPBkuSggwbCLJb_6qLq2dp6WiMdNVzBbrHULo_Et5TDrlIN-5KmYBwCtYOQFfsUgHE8IXXcPO7-ngzDAIiAvyoDW1Ilm3hAEe8etmq-iNis2vFpusdX93kY8I_EkFyFvYHGFl9c3xFuIVLrf6WWDFE3HwTm9I-40r9pmxRkYKBFjfJMKZlfjkqiKARFAnm8PfF3yHg9gff3gfj3Jp8PuA8xoChsIPHk_NDesvRmdfidoQKIo2dl3To07ygo8CguCwe16JHwvgCmpGlB6FnIXlPy4Kzk7AQtzq9JKtFD0s_IfHurjkHD-MU1sfAjl44qaZWV7Zs2wkrBONwP0u8GF31wbZByx3PXhha786Fcnvj0FFGIlrhlenCTC9I7YpzCUyuH55NvhQ8lIKDtOV-PHF5Wo7_rA6oXdd2Zij-S96qalF3NxY9vjSC7cR1QYxJ_GQxtHfDiBx86FAjIqYPusfC7OJ29lteT1YrX0to3z6UHLrl15rx9aGUf1iQPcwliCIJWtIcNhuUoUjDAmINsl_Q7J0ULfGlen_pY8btLXKAViYrk-eh0XG2UDb6xLAsN3R_Mg8FQZOcuGxj1BYvRIshmcB3nio0leHQAfxlJqyLjgRPjoqJ4nez-Y6YjxqAXAhbMjGEpSybHQRDWYagKhL4uc_ST9ZDxclQOunhScng9yFheDGihVSWj-Q2JxIs96iHRlbi2kSD88dU-0ALV3LY28_lSwyQMcMDw5lHpGWkX_8ZHrgqwDu_NcokpBi7q1gFw1fpksFe5qOC6Y_tlQ7euZh46eoPLkuWtmwoKtkq04hWRjcVQMd-TD13snvWWLZikyhDHcwPSMx5wcbpp_n2sy60YWIABDAiFn0Hm3KL-SBRVRdqwHPqJwC8iLoQ2alV67c6971ALHuWJClCxM0_SIHULqayg7cFoDrthIY2iK6Rbq2xV_NmEUUyds_3GDu0epiFrK2xh_vYbel1Y4Bc8rnR36x-PW4fOSihvpdcxErFrycpdpyTXM_hJNkMK8PEoPK0tnnpqej19E2Jgqc-Ga0CI8YClhR78NH86idGzAYbp8sPltEPD7ZYE5qnV0tkn87JBFATpGMJfk532sZXaQxCDWm3-xfjIZywY90I1wmKu-Hb4t53GwUOCb0mF-pfj1lIj1JOQc4WCD4NUXfudO9gghRrgmQtgV3QAQ-748HI3dJQUzrvRVjkyQMNcCCkzTZk2Q4vWBV3zmmrHBRF1dVDSw5fkUGyLHDoFdYVF8-nTPcJDzsneRR4xSaT0lxDQGmXB-FsTUvxip6-7qYfNTR7iYhD68X8bgbMRlWSHbrAf7wSvhkEYEOdr9c71_I1AraDApC4p3XE4OnT21uf5G6ze0mVisNYKqkfBU2knYH2nC9R16O1SI2Apx0cbx4pkSFXLN5258ImSnQFwnBXmFFaUO8IrLF5GbWoC1g2Of8GQgdeJSLLz6WzmW_u06f1szPEBLzuLNbRETzBTeuPWlx_MU94-7ETYSy1_exSMlQ2D-H-KDX1vbsEIl8xkHQ2Ehlizh5ymzxXRGHgPVULcuxm2liv9wrZN_utHb7--qHWPo39NIhOtP_UtWvvktIyPIoDqeQU2rsmciieVdJs4ASfbPTfGP_4UUuzkum2WZnpkV_2QisrMWutpYBDHHCOIx98SBONkATSD5paBs858PRGGqtBmqvpOYEwraPhbv67Y6f2jnKJ5vOaAIJKbjtcajHr1Sc7dsQdAbVUr6X0Gm96EMRMLD70kmTil6lzeRxAdR_lDcp2XUWUPn6_gTzlWVDPWpKk4Dov6Rei8W-lzdJX1k98dbWZZiQLTtpEcA7xvsc51ffObblxudReuOPHmLSm8lZiHYM4vukcRVE2SNgtB6VEnsktmuGvchtGhSGJaF4RPh6xzCb83aLhy7pV2Xs33nEqOBqiCcg1eAVAGG7fNsaSIJuoU6d4msc9aspn9to0Ht3xgRWQT3BPK8puuDeCaVij_Uj-P9noDB819RLwNJLlLdk6gF6MvHmW8DiBjTUb6vMCO9pmU5G5Dwq_VUI4VLj8iLsw-QDAB8qmpdxwh2ViNji0m1aXnm42qMSJwloP6MfgZklvmJlp5nnIdH25ln_bjH19mpvYQReh_449WNudyD9S0CUT6zI3Fj8EnEs7oXn-USeKRfWES4wDM7UVscGmV7WDsCSuTndevpO6HLb_N7Y4_LvMsKCDAl_DIOFhe1oA-bF4zctwDWNIBCj6PzCkkZuWC_0Xwa2v9Yci12ydlEJGO8LQGHz3ncz0NKQrkyo3v1fnDhRSfQJqCwgu9UHBiERdfl7YXG0CeJUf6Ue8SL3Jf6jFBixVDiilibidEOTEaHPHJkWUHGDc66--R6ZW1JlcLZm0C4D5Wf8A8YX4Z8UFZbP2mGCvfnDgM4gt7IAz7m2jpp3odkfoq_JYBsc3S_ii9zIh3uBXozbqU728epz4ZEdpKgbGjMkN51AK5i13zkGxTo4DQZ4JF5CH3jttVlE0HIvnbPyRMRQzDRhfGU0dTOwZFrkAq_ftfRWP9-SOQDB9-a_b_dVqYsFoH4CSp4C7xl5vKBCxy2nKEo9FbLBvEU4_d8XSG9GyzAkYFLyMELIbBzw9xtkNAPyNbdoiLXkcVpOG5NOQFlkz76qZQJYlZOlx7I_ZtsAf-BvFT3DGXAxo_9knX8Gx-Pzv0sRq0-KxNoKGIcqhpT7aFQxmt1Iom7Op6gCyv9Er8qj8l-CHx5oLr8vF24hGj1anX3zuVAnYIoe_3MaabKo2HaiRs5uuzI4qORPF57q0iDJVSZB6-HAgDRaJPEx5oX3-LFtFXxHFotCNrx0MnEmrDTpYiB5kkMt_WHdTz7ps8xrsferXS39B9L-HfbNT9h32hYovv_C_kFXWXwqxgo27EX5dgi0xAOZz7ux9Y8H2Q5rOcQR_9_rB5uOTzzFK9QkQdvZwPAer92CbfnDJv5pUxSvDlMhKujzqpNeGu_gC4b3sj3UjAKC8eSLVUFym3WLiMMlkb1jiDo90YgZp7_xUlM9be7Kv6s_a5t7yR_8Vu3-KBrl8MKQauf69YME2Pa8lSZafKsExSOntgfnudMNszYtDJ0JPAwaUn9hq2RcygCna2V_yMC82JkZA&cid=CAASJ-Rol6Ta2ThMLR7i0q85jFZZFY6XPS25SLN_fw6eeCvlefCcgnYkiw&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:03:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame D502 30 KB
12 KB 29ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11825
x-xss-protection: 0
server: cafe
etag: 9647346768486398696
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:05:27 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 00CE 8 KB
9 KB 644ms
13ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTaeJvuPD87C2jS-nSt5h4Hg0ZlbsHqhFbFc33DrnDJ6zvsDQPc&usqp=CAI

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3598904c37872028224c7b16ad66bb8950619a34fc75c6e90a6034fb7c65cb65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 14:48:47 GMT
x-content-type-options: nosniff
age: 426015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8253
x-xss-protection: 0
last-modified: Sat, 04 Jun 2022 03:33:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 04 Aug 2023 14:48:47 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 00CE 18 KB
19 KB 645ms
14ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSqVDR9lTYPlsog5STu-geL8fDRJmls4uD8R7ZKivZqT0zZmsc&usqp=CAI

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febbd9b8b248dddea8c720b35214fa6fae44c4b868eba6f77fdfdbf082dc0629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 13:54:59 GMT
x-content-type-options: nosniff
age: 83643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18763
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 03:29:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 08 Aug 2023 13:54:59 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 00CE 8 KB
8 KB 639ms
8ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRts6MR50jLWi0BvGtFvW2XXxLjxwik-gpxpWMNGY1s2ixPBnA&usqp=CAI

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

691129c7486134cdb3d888a1edbf9db4bdc3decfd8220ec633806f1459de7dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 08:39:12 GMT
x-content-type-options: nosniff
age: 188990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8076
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 06:01:22 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 07 Aug 2023 08:39:12 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 00CE 13 KB
14 KB 649ms
18ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTs73oCkv4Xd7_Wtr41PZGkUoQsULNuNkOKLfcU6eyRg0jTKrU&usqp=CAI

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c430d789b604e2db2f843b495b687bf0008c7e30b352da6fa89111d8f3755ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 11:27:26 GMT
x-content-type-options: nosniff
age: 92496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13617
x-xss-protection: 0
last-modified: Sun, 02 Aug 2020 14:11:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 08 Aug 2023 11:27:26 GMT

GET
H3

200

7103612115487317334
tpc.googlesyndication.com/simgad/ Frame 00CE
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCL57XsHBCABBiAATIIgoSA_Oqki0U
https://tpc.googlesyndication.com/simgad/7103612115487317334

5 KB
5 KB

8ms
8ms

Image
image/png

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7103612115487317334

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24fe63307e2903b2a4b2d80c28383d91861dc9ade1b28feac920e9f5f7b7dddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 08:47:01 GMT
x-content-type-options: nosniff
age: 15721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5156
x-xss-protection: 0
last-modified: Mon, 18 Nov 2019 11:07:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Aug 2023 08:47:01 GMT

Redirect headers

date: Mon, 08 Aug 2022 13:24:36 GMT
x-content-type-options: nosniff
server: cafe
age: 85466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/7103612115487317334
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Sep 2022 13:24:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 16F2 143 B
163 B 10ms
10ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 12:10:58 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8CB0 170 KB
59 KB 577ms
29ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Origin: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 11:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Aug 2022 11:11:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/ Frame 8CB0 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AclkfLVJAqLF2DbJlKEzix9CqSEeQEwNdtHmG6iEpLY8RbJGFM94dHzke4Ak7ZFXBG1P3WatkkFG5BK9ssCLufzznNaylN3PRaXRTkKX4yUzHG0cwOptnmXSB1MPlXe--lVZnzNjk1hRej5J3leltDeSbzSQ&dbm_d=AKAmf-DkyJcv-tqNbVCGqt-FM2ETtKJkwl9B5Z_Em-LlqMiNy7yK3ftuhUD2CvP4_uMf9Mbh1pbAQqwNTOZh-YvHpkaXW56aq5ow8GA5n6B96yijIoSrv8Yl5Gf1hkgGmebjz2tdWR_tYBwBkcxSlis3ELxdVfbnyIxQ8N2QtmP4WztiEubEjT1U7DE1s0QKmGeYe70Cg6n-LYU98LPzctvlpMGr7mGdoRWjczbbaOuGhpubPPT7cc2SnKOG2VKJ3zoBDgeuwBOEGYVCDBC6iR9TwDNeWDNgLOZ6mc7Qsspvwc-z1eLXmGjEeyIgw2znkN9ZauRu7A5yCK3mzIbmpP3gXqlQMJu1QLW4QAsc0uIK_HMHQCiXqXffsQwnQTarWkvxlyQcN8oUZNfSNjQPHO8gNSFSFUSsAmBLDERQXG4oidpNigN2jnWsgJwki1M8PgMsJcaOx-vjTL7ONTJIo690OW-eklOUUZeKtSUw0BaC4chhnHsLMutGWwPOb-PZuVsIW1-dYkcwue9GvuGTY0a0mM6wsr8FpFv5fUOBF78XX13kONKb6E-O24t2zCv8KZGZQR4k8POXWlwlYA-tMy3a2E296uFxZ-UvO4UKyyW4EWkCw5CwJVO-vC4Ua50PtHaGEadScSZYhvEmBoyAjODKsaLpnu5o6scvGKNRtL2UMXI9zJi7iqz_t3WW9oH49iPyT6yRYxMbs2t5zaOhiP0KET_KV6ZjgJA5y5sw0d07lTkUS5FN1EaBoTbdti6xwfF4wGPMuS_ytGYoAs0j0VcdxQ_HCNh0vu69lPfrjG-utVhszGFiNfwPKGsqIHBqtL4B2Lao1iFqj33PYLyUhLkJgeXT1U0-lIQreOrguJrmxtGLgh6P05aP0ruK1jHsBZ1m26SYLrIbp3BJkY5BorUgSir5NvKzJZn5ZlgYTqHf0IAVWVnDvvOP-ilcLNQsNV6RKu0ClUjUBOEds13bE1iyBVlKoAi0Uox1KJqs6Ot_yQrfvki54bfefOUrzNhptxjlrj2jK0lY3nPJto-tJqJLd-MwSQW607jhRr92G16aAfyXukXJEqkA1DtfqCLK9HS29I6riyLmWW_f1PSsPDz_op5xin9cs9s7rFlL-NChXeYSuSLy_g25-CySR9uy48iwptV4pY6ORPbNvXOcJbt8ks5xW_1VIeHkQQMOt_YgW4jH19R0eUye-EWv4gppDxO5wzVkHF6yf-pvJna7dwQNHO_xOsa4uuix5rpQ1U7CrRle4mb_scmCQByFHAnl48yAcUtL1TE4paw0HrifKMmU0y9u_nyhcQ2xJvXlTcR8tug8aS3eVfLPgEsrnpLp1t1UKXyePRwvDA3Qx_1RzbkL9b3mEzqm8sGhB9PXY8fmU-mq3EZWJ2jExloRARpo8XKV-mgHehib3yY95W8m-hxGj2qP2Vdlr-bA-1ZENVNekyNs6cW7LZQuAxUqToTrFONSQYhxTYW1v6axIYMs01H3d89H4t9qxHkDQRQ3OpqPEpwxyKVYqR2vNYQ6bR0cuRtV-lV8Hc1FPR281j3OwA6uf5hMsSlj4ueefhp-vt493gBjU97komCJIw4tZ-Zjo1cSU9aBV7AwhCYAYg9LTlfN1Zi3Om9mn3EO09dMh6Q0yzYKwmEtD04Zpm5qFcB0mbEBtMd1YRKi9MPW6L59ewyiDretaa3gnW1Lflv3PH6CWbcOtuR6XwgeJFN1n3M4zuJBY-VzhoR0teGXtp__TgqI_kia2xAfgV1NeXPwa7_JOIU8jZolLMdAqY9-3Mo1L-32i42HdijZ20BwBo6hk9cEYIeVKT79LL1hevo8pG1Xm3wAqfe1D2OOl1j-IAwiRsa1aJ65NfoukuNLV9BSJ1Lt6WXXIaN9803P92QupEXjuUxAHApEbPciS_rsVNN0RfGEMwVxaifUJyWyK8jSCM9X76uIxw7I5kMI8vbhAfA5HAjAxdBQq5hwA_Vlg1k1sRJxNeVwZNuUcAjnEdkZzn61pMS9_cp9iUEQXAzn_Zm2ua2mNe0Som8JRi3swknaRZ3W31wr7AW7-Dqs2eztUQXmVvhch_QflRmhziJOkorxdpJeLSA60qWN_D81bK86t7qeVNhO5HYvyJxuvcg2XlrabvmLZLGmxsHDc_GlAErTCTXBpp_VraNpF45l_U9WJdQuuKah7vizr0e6w1XtoYVUhvMB1N5LkfnWTyjcI-0H_cKKDikwf98E2xbSCfGjzLf95UbZVX0HXe5Ra_b2BNI5R9J8LkuPId3Sxy3PRGR6LxuUp2UQMGb0XbBuL5aOR0h5R3S0tZF9A1EQ5NvZIFMwnmt6wLMWCfcbkdVj2w73Q4f8fmBo15QETi98-hjSxTiRj73IC8xFD82girvPzbPPLdLLf3Z4RakVyLrIHimmsSZCpvVlndvvCUsj-wEJ3rz6LFEG91P6VHQs1RmktF_3Kv-UcFb8fWTiAdToPNi7J7BawNxWq-_xJu-L_jXGuqnT9bW_AtNk_7f7JnBYbwGzUTePySfMb_yc6tALN877HQ0ZWTZWqZHl7pUVtx_HiKOIYn8GS4v60QPA5gxoLfd6uleqaGO47NVn1SdxDZmd6nlXCJq9--TcahpwQGVB17amdLoyvpVj1cIBiHSbFG5kyL-MUsVpX4PAM0SlmSIUu_Sc5gE1QB4FiH3R88H-BIVOJeEqf3kqi0CsDsiuX_94jbYBBVvCiBmxbB88LdQ9_OjwIw-nHD0-VduRnqpVDw3QyWm5MEnU-c5cfYOgvBfzAikB0r93WMVu2rhwspaFdNiOYAKSk6uNn6TPjp92TgAy4ankBNCI1ryO_7Ik2C-AavrpTEVLmZKYxwh1NFh9AvAiOzXuMccFj0AAujgKU59jWr9RfaPlEiu0xHM76czvq-1ZI2qGahCwATDDxqolAALiHMTTWHOO81oU-iLPaUlLO4YjtbIu82Nli67T0zcMTuYSiYPzqJPVmdz170tx9Ue_fOel4efHDgkZQwGpXVeVKL5oNJE0bctzEVb7_W-pvIpmPmia5LzI_GVpsqRQvgmKDq4clUFlbCLkv-M9hEfgxCNrznz8W5LREUM0QYjr3otNPVuTMAWfcOtnuAOEHAdK6y1TXRfHXQe7khppiik8q5mi8W5uzVC6X3A8FWXd7VYzqVxXtzFAK_t4cg8PfAAX3K_Q8Vy3pKwrcK2KKSR_xcgDBF-RmL7rloPzPAaDsVW83rc6ZAsQYB1qZMJuLVzf7UGcpwnydt2Kt8PbaT144kd1IxNTwRdl8McsBcsxiNVxdM28TQ&cid=CAASJ-Ropf6i0vkJr2o9idl0Hp2zUfQD_eVhjTaRMVT746cgmcXm4ZSCmA&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:03:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame 8CB0 30 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11825
x-xss-protection: 0
server: cafe
etag: 9647346768486398696
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:05:27 GMT

GET
H2 200 player.js Show response
player.aniview.com/script/6.1/ 28 KB
10 KB 551ms
20ms Script
application/javascript 2a02:26f0:ea:4a5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/player.js
Requested by: Host: tg1.selectmedia.asia
URL: https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=618143eedaf7e149fd14cf49&AV_PUBLISHERID=59c90be728a061224b14efc8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ea:4a5::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6a26f472970788e1b9638b18961c8932d2c4c400b9d2c258e6c562ca770ba14c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:02 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtmmUL65Mt4VAajgrfgC4tCleTWkqQIHL06GtHXmwq6nLOyCWhQXqWfDQpkkFv5z3kHhD-zZ2sIYoBusOzEyh44AGddhBnv
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9902
last-modified: Sun, 07 Aug 2022 13:33:59 GMT
server: UploadServer
etag: "d53cdd7a78033fb87e44a85e2bf6cbd6"
vary: Accept-Encoding
x-goog-hash: crc32c=Q3cm9w==, md5=1TzdengDP7h+RKheK/bL1g==
x-goog-generation: 1659879239336880
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9902
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 09 Aug 2022 13:14:02 GMT

GET
H2 200 track
track1.aniview.com/ Frame 1149 0
71 B 626ms
96ms Image
text/plain 3.216.238.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=59c90be728a061224b14efc8&cid=61814395a7c8681364723669&cb=1660050542358&r=www.viva.co.id&stagid=618143eedaf7e149fd14cf49&stplid=617fa77dd82e8945417e5095&d35=&e=playerLoaded
Requested by: Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.238.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-238-203.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 0781
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBVveeA6mUhSpAC_DBiANcw&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBVveeA6mUhSpAC_DBiANcw&google_cver=1&__user_check__=1&sync_id=70bdffa1-17e4-11ed-bbcd-124172220506

43 B
548 B

16ms
15ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBVveeA6mUhSpAC_DBiANcw&google_cver=1&__user_check__=1&sync_id=70bdffa1-17e4-11ed-bbcd-124172220506
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY-eD4xgEwAQ&v=APEucNWcUmxVDyTfaSjWHKlIDjdVy7luBZJO0LEluO_6eEJTTparq-f2fIbBhvu0jrF9xC1RHSj50JOwpN2cfssNFd42EQTUKJG9cZWAU8LNctHEDY-iRiyNo1Axt7nzzaJqKJ1rJ_7ReuDnRdZ-SvtAePEQMHsSHL_E0uvC5-_GWO8fr6Yy7Wk
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:09:03 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 19
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 09 Aug 2022 13:09:02 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEBVveeA6mUhSpAC_DBiANcw&google_cver=1&__user_check__=1&sync_id=70bdffa1-17e4-11ed-bbcd-124172220506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 70
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0781
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzBiZGZmMzQtMTdlNC0xMWVkLWJiY2QtMTI0MTcyMjIwNTA2

170 B
188 B

23ms
20ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzBiZGZmMzQtMTdlNC0xMWVkLWJiY2QtMTI0MTcyMjIwNTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY-eD4xgEwAQ&v=APEucNWcUmxVDyTfaSjWHKlIDjdVy7luBZJO0LEluO_6eEJTTparq-f2fIbBhvu0jrF9xC1RHSj50JOwpN2cfssNFd42EQTUKJG9cZWAU8LNctHEDY-iRiyNo1Axt7nzzaJqKJ1rJ_7ReuDnRdZ-SvtAePEQMHsSHL_E0uvC5-_GWO8fr6Yy7Wk

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 Aug 2022 13:09:03 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzBiZGZmMzQtMTdlNC0xMWVkLWJiY2QtMTI0MTcyMjIwNTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 56
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0781
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tT2RvOVNaRTJ1SGJ5TnpLNnI1cWROY1VGeFB2alhvLn5B

170 B
188 B

24ms
21ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tT2RvOVNaRTJ1SGJ5TnpLNnI1cWROY1VGeFB2alhvLn5B

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tT2RvOVNaRTJ1SGJ5TnpLNnI1cWROY1VGeFB2alhvLn5B
date: Tue, 09 Aug 2022 13:09:03 GMT
server: ATS/9.1.0.46
age: 1
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2653 170 KB
59 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Origin: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 11:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Aug 2022 11:11:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/ Frame 2653 8 KB
3 KB 22ms
12ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqKmg9noDFqqoj8phwLh8uHbrYw7r0Faf4vmMzHAM4hg3bPJhXmPJFl-8kgQqwZ-FYD21Y1Q94wcvkEmPfgFA6a6Od-fRkwDHOUUUV8NeXFEkYZpDqT3ZuylvrcEZcv1vhXG5isWCYBYmBvJhNwk0EpVg1FA&dbm_d=AKAmf-DaNFlcY4jjhH_WObu7Ju36ciMDm9YBZAg8Qfe9bLIhMaoC557-iyiuPFBp8UN-cIfVJNkI0U-jjxQvan0PNJyshtrZSMrFN5hHMNqFOgSWW0_1Bjr-aZ_B3FaO39EY7QtOL2CvuPZtOGbSKwQ5rHhnFaosh4aAWQV-qU5LT6u9uWs9S0AfbIG9Z6_4iekCFBKnifh_H5Tw8IMEReOsbLpkTQ2DFFJpTET6la1Schxh2mAoGVTEFcv3Cj0nt5pJOhDkyBVpdaZKAOFhxtZyqOuTSFItPpmVtmvfx2ukFDkzO9eH1Cdh5fBhyLtVdZ7BcUeaY76eHEWoajXdWYWUKpJFrIoUBfTMlcMpRND1i7Sk5GzGSNbP7gpDHy1RVNgX-0PX_PAqRFYuflBkO2580YNywORmiLPFR0W5XE2QLOnzquBMhUmnGoofSmDnh-qXqPb1lxHBiUzbsdxhQIev1HkiJfGykXoENubiNhPjhvYFlQLp6SMBjS__D1TqQKzynZ38gSvKrmcMKifR3QhSmojEB-xfwLTRfBOBB_FNSqIIEhIxyYKx02ZA8DUgB7aVwFgigbJ8HSs7OxQSrpQc3MpfBrtC3UGSFZBRFQwI52yddmOyo2DKA6ztNKsTjDwuLXjX1yLXxdoHhZCJeD7Osy3PHmoXLwy3v7k27UKbfdCFeKC5BHSwL8iHTZtYazZalx3JthonkxGV2335GU_qpoF4EDwMeo6ayWosMYkuhJwKoy8g-e26MISRxXrDWEyIf4-mf3nqzuZ_ySLL8aZgnuhGN7rpSHqMKK-AOm2MQnv4cXBupenPhtDGkGwz2SLlRkJItSpFuH1A4zCc-c38HLmO7L_IejPxKgrbcPmn_VJG9kWtiuM5X8bcEj32sd6e91Ij3sc5m06-CnSGPupx4sMW37-Qb74UnEhN3nOm03f8hBSjOJ2BEh6_adC-bfYtCaDustMwZz49IS5iHXdIMW0BwrgkDYOTE4pNvFIcreE1ObEZJUEOOUHVLAqqjTuBqVLv31xJvshX1URj2eimS0lkZkmR_5T1lwdU9YKpz3xYgDysSF0INKZ4jtmnbQn2K5X0MqhcSKG0UoFCYZN5HmBEdgsjMqJ9WMe632buDJxR7YVxk0dFiHg9wC3WF2NMo7AUH64p1rQF-e4JdAN8eaGlEIV5jVcv8IqeoU7kB8_jmMufRt9wOhxUqs5veOxNab7vk9nKdqkzQu97fULrh4lh6w1_UR6B8Y5Qxa1R_wytaFX8B4L6-jkBqn3BVXGK3CXAFJB3iWO5dvXTlC2Rvshnl-q66Re2bly4nTkrH-hg7lnf7bbVparO51wCxwT1TgQeW11g5rI2CcNK8T1xh_x7y3WYgaSzMXPv5fcG1HnEb1i9OGipIXgXJpWO2ZlBVsZdvf3-na3Z63YgSFsOA3yCz3HpTnMbBI6Aop_7tB_aRKnpYQrXAUzFcJaff0u6GUhZt7wBtI16JpGzHIFJltYTBVhyCopdgYtuBeT4bQRm4NJhsugw2_U0AsPzOVp5CwEJOC2CqfleB8ETxbbd2vkUFMcSlgwt7Pp0-IQo_gZ6u3nfu47jfqM20QxjF4HdcdXUvTYHz77gtMTwxam3u4nRjC46VFzYVzw_YGjMMwXhkZvNkYPZfnx3fGw1cjfD2p98eKk7aSLnyr9Upvhjp2whkYiA4q6ZSuvV9wZl_1lOV345aT8ZEgWOmECFGDUiMo3PJyvr3o3wgpz264kwu_ui1ZdmLv_07qDaDlZ__oiIV3XZwS5X9l9ey9HjkA7eGZHTfGKnhEthD0HPJ4E3ydFBko8eNQNhvtlT4WwzOIzaTFE3n48w3fvIt-jswib1dOdDPafvzhyHEJx20eRstTZq7TgaKVFsyCBAiBt1kncJUqtyqe7BOxTn7PIr9jYQNDdkpxABy6bzgLe5Wx9GvAfbfIhfEAnQr44hwOBL80l2Clvloe5tcY0ZuSZzPGqioXHiwNEFIWcfcNBN2lvCzEidP7DSk7p552rRx80hHoHkPL7ySqaAmwk-PEd6PEuDQFS3ZKeZumqMbhjHlVdcIX77PXzozZi-0DIr2gReDf1301YoWhg_yxtAnwfQoQflAJgzQ04o3uty7YEAspSIKv0-zGc10vVRO3o9a1EiVOSd7NDgpDywWopNOH4miNvyYwBm6ZC1-Z5ZZ2TFOPR5MnWhcp_j2wcc-59cA-ju9Aqe9oDApKRi3AoUbB4iTJ7saoDRWVMfaZSRv6p-WYE2aFC2a0RgAuDaRjWU-UeVRdNmqmDj-leC_J6cgl8RJaYYfbt7rOhcFfZCjogbjMiWr3WOEbmMQuj96DS1NoZWxyFw_kuw0qCpVLcAUBiiYJdswb99UVXcE-JIoibRyegP1-oQ41g4PX3IFW2qQvH9wXSj6o_Rw-1SAqBZqDQ37v7wYy6WUgRAsIewuWqr84_h8QQfKrxrDJzquXhMnRlYvs8z_wSL7Ph8rU-mxsyw9cFTeovkHAUgxNz1m8X1616T_vG8N64GwIloCKtT6ZqcfJ6iZm8YiWo6tQlX0zZKYW3lzTY81PYOYBROSkuTxDG5hZobrab76AuqJuNBeH936PbsCBYAUjQxjVh6bdPaty0APOqG7Azfvb3eOSAbtUkL_ypz8C-eD_ohbRl89xujutsAvsXXOxvI0z-l6arGw_Psn-aIy8UWtP1UghIxHeSYkRUhrux7hHBUI7-C2Uio2jP9-eVhmmwylTKA5mDEdGUpp3IWffZ8Yn12y64PMlrHeL6mPt2x3kkwyYEeXV5VYcAgquCASu-galdygyFqEGRlqbLtNtSCSTUDFrDcH26PHv6SRawFPSnP5-KtXvGuKRkCPKyAMnfb64WdIV1NOsxhTdo0e4ReptkOd4iuvI_vlCB-PGKiCvIob0SC0Cx9nr_17u8sdNvfB2gWMxwDg1b76kaa1GPZIPmA9WrpZvx1QVVTSt_8iiccqdCEQnnTlGIk7JFs5Px1JOtQfHh5-Fq-VQsHDtTlg4KuCPxEIMUW5jABCEYeWjZDVV7Hc75jp3elFCUsW_SvqAZvSmIyg54VGFME715v73PPVdcJU179sIQEaTDr6EyJ3h8tG5xYieVEF46PValYP8ze6ei-euQ054ly3WLsl8V-6_cxtquc-CBRVA-INdgmOqrvTA33Nx5uNgKHnB0paEFuEqZXVudsztK3iCU3gXWYldzM6H9cFxfr9ZjrYA8cDCMX2J-8IMQ9KSih2n4yTJfR66roo0PXziYc0fiww2cQt_Q6X1aKzH-v_H6H0Q&cid=CAASJ-Ro8dzn_bzexVuC404q5u0Idnl0X-gBGwz0MUKsPC4G5L8zbgc4yA&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:03:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame 2653 30 KB
12 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11825
x-xss-protection: 0
server: cafe
etag: 9647346768486398696
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:05:27 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 5408
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJHv6STuC3rEGEyVbNOKbJE&google_cver=1

43 B
163 B

26ms
23ms

Image
image/gif

185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJHv6STuC3rEGEyVbNOKbJE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5eL4xgEwAQ&v=APEucNVWUr2hqLOQSDXDJORy9yPa3fwOMMsc0n4vJj2urTTlsA5kYYgmD7C1CQJ4FD_Tb-ZAxdu7qimyZtFwysIvw_NdXPjXscrJemBsPWeLoX_EcEa6a3ybQZH8RdrmvF6S-KS7uvo51QKzBP2rtTzllx5esFXkLCcn718wDQ2-IXjPbTtb8uU
Protocol: HTTP/1.1
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:02 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJHv6STuC3rEGEyVbNOKbJE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 5408 43 B
163 B 82ms
21ms Image
image/gif 185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5eL4xgEwAQ&v=APEucNVWUr2hqLOQSDXDJORy9yPa3fwOMMsc0n4vJj2urTTlsA5kYYgmD7C1CQJ4FD_Tb-ZAxdu7qimyZtFwysIvw_NdXPjXscrJemBsPWeLoX_EcEa6a3ybQZH8RdrmvF6S-KS7uvo51QKzBP2rtTzllx5esFXkLCcn718wDQ2-IXjPbTtb8uU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:02 GMT
transfer-encoding: chunked
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 00CE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4294dafd76c4bed2decfdcec4910663f6e53570d1e10b7fc7b4eb5fbbc845d29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EA34 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 16:26:05 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D502 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 16:26:05 GMT

GET
DATA 200
OK truncated
/ Frame EA34 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd73fc327f5d12b10b6874cb2ac6fb81cc013c402f761e2804e36b94784c52bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D502 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acc6c0c5b2f3c490bacd236cbf6559dabb1843a5d32cba79014c555b45b63220

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 00CE 20 KB
21 KB 226ms
0ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 572123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 22:13:40 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8150578953634767223/ Frame 1AA4 36 KB
6 KB 55ms
36ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=sgOi1eOOf8&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e2718b4b437edd86140d80891cf912e88267f780c14656e84f27a38b10f48b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:03 GMT
expires: Wed, 09 Aug 2023 13:09:03 GMT
last-modified: Wed, 05 May 2021 19:27:42 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EA34 0
64 B 265ms
57ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshZfqrplXz_OEGRPsWpVh5nuIrLe1uLhS6WMl2t4KQYKVDI-PtjyL-gQXU0fx2WkJPMbKKeyCqKqd7OG_I6kTWzb_KR8ZrMycLLDt6LTyv93Gv-DzfxkHnnc7oKTF8U59aakIYPvMHqTKAbGv8kQgO826kRE39Y_s_1WkiglSSaCnjnSdG1oOaQTQZ70XMB7eTpvxJzAjSp1Mee1AsID0-8hskZRaTMwrmrKWJjEldGdAWo3In3spSSU0jfmEpvaP5ka4mVjS5I7ktcneLS0PLj9ZMEYXAQaktLCjIQ0A4LMXXWcvkGlarbbVi0h_EWhC63jLvWKqjurYTQRoVwcrj51sMXTQhDKJAEpJWg9MYOLvnJd_tlEEUKVflUJkNZmw5vNF630D49Qo25ucaXdua5cpLNmF3hI7p4zDsDKql09K43SX6KQW9RVpz7VA_xM_XXGvH5Li7jN-9zvui1dPm-W4Na1P2722rwnHvx8Ho41E4dpvydAa0OL-3g3FzCxD6sKHx2t9c6RMovgFJl8IUlKYtQOnCAOBOrQvB0bwa45FSHLT1Z7FrZr_RSfoYbZlmBjzuILpozReClZJ_u1F55YWsh2R62S2QfIyNOBFdbVvUk0OXLCty9kYkzZqcZ6mObEwLKPKOG8HsnaWKSOdbQtv3Kt5_7JRr3Dvw_CJI-MTz5qMOIYYBJF3zYGtMAMOhwEUZ09tYtWgdVGCksl0fVMkykvXMw615mKzKblRGVDm_vWW8G3jiQ-lBaSMEC67IOT8xVtm2K9ea0uOos-r95758Wo3yZRmTAcOiM1w6iVuhzDI8kWdcZ7IleZK6tlT40FFMM0s2E8Hj9IImk14AxYb2zPbFeS3Wkdsm9ORWjjVJ2O1PeAljqS6nVnE4g1ohYrXnUT9VHyQPo8sur8BEyajSym32K_WDBDsfBk9c1qU0r1Qtny5Ra-LZjdzZ0GEqGqGeZzZleoIXyploDOB_LqD7KtlNcMAPQ0aAoMqaKkWdcnEGYg7GaI4v0cPR2y3yn5TROS347G-uxhBs7WzYbbxnE6tiHkv9ieNcdJAmV-J9Pa7hvc2ws6O0ZlvJ8VivuI90fvMZ4yeNT2xCvxjviJdcuydCpkb8PdEUWdQEw4Outdxq6uoyOq8TAiAMPJVZyI7sfPLknqylICTPi2bTwzqlxIPXlWqNbJs7P9npHFc8Q7sbIpFwslI&sai=AMfl-YToYSaDKmWS3ZvpvGt3uslfJHwQMXDaaLG7nA7YHf5iZCO58jBcqWWSVGvjiqr10PmdcQqfuW9XlCqaElMe70OBnWJNV-O-yiHv3MxCTgUkNdm0aoBZ8m48AzLldFMztP2JwKKXtBaXQZ5fwCPCzfmwwEjq8b5mcAaZY5wL3Wm_khL4m3nl-4OUsuReet4vxMBVJiYRf7Bign7xwKseg5Ii2xYUsIs&sig=Cg0ArKJSzMIXkgezjDvkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=891&cbvp=1&cstd=881&cisv=r20220804.48263&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 09 Aug 2022 13:09:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame EA34
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=339616878&d_campaign=28017826&d_bust=1176998419&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=339616878&d_campaign=28017826&d_bust=1176998419&gdpr=&gdp...

42 B
965 B

41ms
41ms

Image
image/gif

52.213.150.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=339616878&d_campaign=28017826&d_bust=1176998419&gdpr=&gdpr_consent=

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

52.213.150.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-150-8.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v038-0c27a7d4b.edge-irl1.demdex.com 10 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: mVgzyU+LRbQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcscanary-prod-irl1-1-v044-00dc34f34.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 9lJX8Q7nR3k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=339616878&d_campaign=28017826&d_bust=1176998419&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame EA34 43 B
1 KB 233ms
27ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008209757&extPm=431953135&extCr=17611748104&gdpr=&gdpr_consent=&rnd=1176998419

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 Herrischried, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Di, 09 Aug 2022 01:09:03 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 09 Aug 2022 13:09:03 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8CB0 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 16:26:05 GMT

GET
DATA 200
OK truncated
/ Frame 8CB0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 158ab84bc5d10014123b29208acdc91bf3bf802096c56108177f9733948ccb26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame A8C5 387 KB
110 KB 19ms
19ms Script
application/javascript 2a02:26f0:ea:4a5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59c90be728a061224b14efc8
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ea:4a5::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:03 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvPRuBEND1jFBl9kAWJxvZd0QG8dCVstteZx4Wh5Wi3L-FNsMEuS9dZ6dOlbe-YecKAV2qUr87_e1BobDIBq-i9PIoWq0pS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 111956
last-modified: Sun, 07 Aug 2022 13:33:59 GMT
server: UploadServer
etag: "903f07ee74bf08435b31bae7c312f6d2"
vary: Accept-Encoding
x-goog-hash: crc32c=X2RPuw==, md5=kD8H7nS/CENbMbrnwxL20g==
x-goog-generation: 1659879239099576
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 111956
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 09 Aug 2022 13:14:03 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16970601419685475928/ Frame 534D 15 KB
2 KB 37ms
34ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16970601419685475928/index.html?e=69&leftOffset=0&topOffset=0&c=2XDIhSTYhY&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64731d431c09555e49356dd7f8e691b489ec15b408b226399def54712e80fc22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2283
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:03 GMT
expires: Wed, 09 Aug 2023 13:09:03 GMT
last-modified: Thu, 21 Jul 2022 07:06:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D502 0
64 B 154ms
58ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcsUH7dz2VucNH37F33eq_RAA4lFYzUPQ8x0fmZO_WIX_9mubs87wMp5Kf6YBccB1AHhKXiaQUOpaDTGMSveGS1IdZAaRkrz9Z0osmQUaOv4V6t2bmPvlUnFr1SLfgX3P7YzAyNKcRs-Cf9PlGUfhF3x-PQ4YWF5ABlifUGj16VZyDBJBX3Dg3pow866Zi6aJF4Lp1M-fCalZHbubna7h8DeKKk8vgV8LCg9mwZY5qGu-fGxs0-Dee5luzBBX-fZ2Jo8rrNTpheRosvqnbGziQt9rpIif_6zYDf5hVNq2jqNQBhXKqOUrVqwzWbAmt-RslkPqfoCpsaSCjCDlvSEcjR62KvyVoUqqu0nbye27SCNEdGtBHyv5K18qOEpIVyqLkuhguat1zCkokdcf8VLuX8KXqAOtkM3N1JXIU7p_QU5qKPj7pneS05IJIN_LhDWnfvkvRkbt3j1v04lfpN9ztueujMEAhNDJLxDQDdeRybwN74UbCG88JPXTLpKu0IVirqVFmRzUAh6gBV0fQ7CbyqlyyPadaB5UPqmD02LvcJbfneIum5KpW1LLSMg4N8ddHiygKlTjljWf0iE7oAcUuJs46A-6vZGQM3Hh12kpqYX_Ri47NJVxZD4dM-mVwrElcLfI2BNRfoWpr9paMUmjCbULkIu8Begu1w0ya-00D1iQayBYCcH2CROOsBBCmkzaOwgoCENgsCqT2DlxEL7e2SlwRHmHXrrEJy0TwvMg1pE7BSJprrW2ltbnoqhmBGJVg84_6pp5sqI1qR_9e1xaYQMa_GULbtQr0lQVxbqW2bPA3h3u5Clq2bTQssHGZqgOosiWgufZm6L7kt3ZCXvVnXxuGXt4cph9qF1rOSm6F-HejNOyJUYf4rVTa5sglc1mhRYBFCTbiz5SAbBBV38MD8w7PjM98uQESzvxl7hSL7U1m-4trovn1Z_f8K6pdEHqYtY3BBoMEzzejK2qfZJcp0vMRYBLMh8IjmlRLs60Tn6QcUGc-VWX1Cm-MZYq8YVLCYHWZ4mnrxAZ5M_pIWLGK5hJ8mzBf_eNOieoETDnmS1EjulIpTnr8oVD1-dsfun5QvTRNwGin3CjgNZqV_f1LxWnF6D3spfKBydeBlOaC7CyhDQR4LdLbgfw0JXzvjRN20Z-owbw5VCHLyJZHZ-GN875vuUr05fuZ0nV3jfyHBvioR0QHZyluD8n9T0_EIc52tb4vrlVo96ZTMJ2Bmw&sai=AMfl-YRDKAoScc7Rv6NLrskEP8JHB1V3mQ0dOiGWdRw_Kq-fiUPKA-WpKZoEoHVm98cK3YA51HNRyJ1MaV10bFcAnK1wMmNcIDgiK26hbp56Z9BpygzjBULGyAKEnkXPWjpfcEQB5APK06TqDcld7MkvT6Cgpay5VeOvqUoLB1tm_-IDBjY-jGwzLgxGwHl0BDi28LIjhAVycD_wOLNC-hPq2rzJLqcYlgM&sig=Cg0ArKJSzEbvgGM2njDoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=997&cbvp=1&cstd=991&cisv=r20220804.85413&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 09 Aug 2022 13:09:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12276200816478547214/ Frame F449 15 KB
2 KB 37ms
35ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=c5kpQVAqrH&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73e92096e61cc5ea7df6db98368b62ff1f624918e8cdea8ec8c51022426dbe8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2285
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:03 GMT
expires: Wed, 09 Aug 2023 13:09:03 GMT
last-modified: Thu, 21 Jul 2022 07:09:01 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8CB0 0
622 B 138ms
55ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNuGTaQCOWG2fxc1T4pzCRnOAgxpsOJI1KNSV8y7DVsT8Rf8ZxedNhwYeBRL--guuXCCPPx753LUaThoQZjY6PWe_Khu0RTuX4cy_kIxNhhMNsAQKgipMR4mclIfVLlA7au2wMb7wUKnY8WCy9cmNJWTTvJYMD9wY8XmP4wY9VyMiI5Y_DlX8btNKRBWkPmGL4qvQE817wnTEPT7OOlXTVK8zzYSSTB8CUXdeAUhz5-qeKu0njChFOOba7Sk4__CNmaTHcbeCnmGrs6N3CYdFyUYs0bq2ZGEhekf3R1ZX6fPR5i1kb-IRjvxJ1uDC77GFxivm_mj5_BU8lhRtDp6FcVkGly_IPOYqBsC847F3EvJw0pIThRDcrjib5g1DZF1yPgNRF2Ap_VNgtn0OB55205BldKQhYmP9NCp4-lqK_uJGOOaVTKRUE59WAlgtmWigWbkG-6PkKycFcpSH0-NdCXK38DVbQbglq5jtcLjphOJs1l-tOSPAYqDIxY2EQlQolXmtBfsN0QBkGIpM2_BbGGIXICWO2Y7XxIECpcYPJ4S666zrN9S97BQ5UKsK2JtG3D_v-qPViHBGC6fwJWI8PqERwPsrFt_ONOSeOvDSRQt5B0g13YNE3mwcPu3nD9lBj9eeatoRyKZubXrMZgjJcO6_fNZg9ZltSSHWMrDOa6iJnKCQiN8ae7qtOWJkNZFnn4xR1L5Xg-hLPdhrkiLVOLTw3hDdz-9kbR6ngNa4_4APHCozirSWW27WMY7vsr5-4f-jEujjXP7erBGWb0qoscASMCkxHRpZif3yzxBRRgjakb2CVLLb3ySkBOe2Gh6cJKbW_B3ZNYIWLnK7Kt27W9LgmcC_iR1bFlMgYEy29rRg6vVyOi9CJuZmeSAgKQtR9sYK1syC_J6yCmn8fa5gSYvzE6x53GQVVkVV6zybJ-tvQZsodjh64P-Jb-ylrZe_xyyN2jfT2hEAKDh_y4BC3JDCsBER1gew-xMnf-QpcilyeBsO5IEY-vadOiIAOcwNbTfziB35k-2rpuetxK1DmfOfIzgMtRFkjQJMGq6VI44BdJdMmuKTaF7tVCVqZi4rDuB96jPrKk9J5L1TtlOT2oJ8KdKU8cKwWPcJaHagz4tPXLIU1Lba5HlHCGRk4Gga40n1Y-7_2IJ_JLsEh_PAsOK2ek4eZL_w1qyzAExBbfWUMUTIy9d7YjTMWgUn8y8SYm0yNdZJFslVm&sai=AMfl-YRYyktXVhtDq7DZoIUeqlz4EhKaxhVa4GRBmGll1mieebh512xk-hGfjrj4XGaFp2XexrD-J-xUIocpTOYrzDIVdX4xAmdU07m0er4dRoqMdP6taiZp3ar4N2C9hM80L5PgTwekREIofO8A4gceE6TuVmZryo9dQt30xqGmntAGpfCWlWWoXQsp0GzGeXxA9zI9rEiUrVa9G9oOe1EV_TztZbMTuD0&sig=Cg0ArKJSzMomuiWIPUUsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=915&cbvp=1&cstd=909&cisv=r20220804.41453&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 09 Aug 2022 13:09:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1149 0
0 45ms
44ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDvdHhb3HAbPdOMePhh-DojfSs42ox2ZhbGQ5_R9XLRq-eljGSBj4sSQN5BfH2iWKJ3qQM6xuoJSE2P3DUlwVHOWeuVlcCcqkJyckRmEPst7fyWQ8ANZkHtF191GURioUbLwG01DCjQ6JF8LpmiYG-nRVkmCvTKbkZ6p3BAAxaNd4049UXTPuYT4zgQ2tLdXHmleWd5ind6FSRk6g40AOysbuYChwNn-xC_4rkhbD76P4jmmh94yy8b4nfWlNWGb9mK178PeJEkKL95b3neuAeGUKfc0Y93ddFzsQU7IVVHtn114cwjvM7uFYvg3UHQGoFAw9vt2KD8DDm7NQ&sai=AMfl-YTp68lYU_x0ivMGJqOlE4uXwcI0xufdG1OwZ_PKfiPCkHHeFIAKpgFy2ew8yvVIYkTFBfKPjHMX8-iqCNOtPSEd31x4jEGgHQ76ZjkwLAXMcQmh_Og9xo_bbBYur9vbtA&sig=Cg0ArKJSzESJ5hKJTaN8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 09 Aug 2022 13:09:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 16F2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

63ms
62ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 13:09:03 GMT
expires: Tue, 09 Aug 2022 13:09:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 13:09:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A99 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 06:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14039
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 06:10:13 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10725954732868190736/ Frame A445 15 KB
2 KB 32ms
28ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=UTESbWjBls&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10981f8f2382369aa0e2033491f5b532e3e238719185364406e3891ee7339f4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2285
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 13:09:03 GMT
expires: Wed, 09 Aug 2023 13:09:03 GMT
last-modified: Thu, 21 Jul 2022 06:39:27 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2653 0
64 B 116ms
59ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5j7T6Au7OtsPOr-D9UYTyYTzqF03kj1iBDUCPsOPH6zNRbsYnHj8yjTwPB6L7mgX3OaMJLx-izeCSy9tXAvN_IY6dS3aWvm0ROfV5oksUpKnpnxAO1NSCs5F3m81jCalnup5aIit0wKUIpW1S1_Lq7rq_ulTsjDsY_DMhPd5nJW9MU1o5l3Yn-U643qM5n6w7678aShqeO5EhNP4ox2eLdFmxhS7wSQTQX8XIK2SQfdZInKlvRwBG8A73rLi_U5ZazfWOjnVYFoBI8L6GjAeAeg5XzPaD7lb42qGodd21QmNxKUzjcqMaB4JZoJrsm8Kil6-t6QL7B5QVOa4VjaFcjYeMg5Wm4RyuzGKzM4LqjKEtzGyiKiJdo3r8Bltu1I9vsUGhxeSJ38Lz3EvdhXMbw6BNRflDIi3vhOieYD5SPgdpw2oALM-rXzIwlLeQ0Z1aq7STWHFtQ33gnsRDDGeXUeLGGnBW5yHUmS2mrMDfRUZTo2lmfI6ODoHThUp_bhtu_qbkDGllWgRja12EY2n9uSBJPjTGUiM7pGrtteB4R_DTqaDDhF3b8UknFSRE8Ku7Xz0L1aHDvvHxjlXGyUwo5pJn73UT-H1FevfvPTvPD3_z2nTFLzAywCO55BgOghCYrnm9NLOT2Gnu_W9Fdoc44xRbLse3dg9qT-pHd97yRzK0XfA9TYYjeDlGOXC8vAnELNomP3Y7X94sUONeabw0fa4lUT4Cyees1FWe1gh9fRLIfMfKztjIFH-wWGMxWQSMG8AO84lhr6zs8BVfEQul5fqIc4X92khAzth2fxkJppd-SUVuAViVjZF7IC4X3JD5UASnnFZK8LsPx_l8-aXegzEUA5bkWaA_mciHxOC38_X_dz9d-yqwj-voOPMp70Id1gfnuyd5sbCUxHK-LD9UG4e9nwClwBaszumgAzNrLHjUgRnk8JxqxFqmiT6wJ25g0oQmlJ3BHM9z-eZekxi-3CUozfbGTm1tFdSairhyT_nxxRh028jDdweW6AwX7Om_isb_3aD5NV3w67P_X1bGmq7cOXuFbP77NU25vXMeRuB3Q48gicMkfOpzKy8dekexL6Rfn1BemjEF45M5w2L44anYjolu80rH6a0DmVyCZlTD0vsKYkDVi3wyqj1Qo1vxyCzvDino0VQqP8dPx9WRubu-CymxT5825ZbdxPs6Us_-QsaBwf8ItVGU58YHx8zePdfAaSXOUZ5x9w&sai=AMfl-YTThFBrmibxjE4Qm-7cmM_I1EEf9qW6ve6NYrE94D8NZR4Gte-lqe4Q5cki1gomAVotilddBu48xoTPxA_e7KvMsliUmikhHJp_O0j3E1aHWccPvHGPGUR6_qInkFAohpONJjgvRc6cPQXht4mZJ5Z0zikIFNgWZqJ5dXpnVoZhLi9CsxA-YE6V7VgMo_EKvzNa922MdccDYagh0gBZ5yv2M-ATRhY&sig=Cg0ArKJSzGhPRv-MKhwzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=368&cbvp=1&cstd=362&cisv=r20220804.70616&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 09 Aug 2022 13:09:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
182 B 446ms
40ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=157005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:03 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 71BA 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 420178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 16:26:05 GMT
expires: Fri, 04 Aug 2023 16:26:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2442 22 KB
8 KB 21ms
21ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 420178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 16:26:05 GMT
expires: Fri, 04 Aug 2023 16:26:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2653 41 KB
15 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
URL: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 16:26:05 GMT

GET
DATA 200
OK truncated
/ Frame 2653 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebe6979431babc06b601a53944eb95ad3531366427479effeded90a4fcc75d17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A2D 36 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 06:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14039
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 06:10:13 GMT

GET
H3 200 1657637830060.css
s0.2mdn.net/sadbundle/16970601419685475928/ Frame 534D 9 KB
2 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16970601419685475928/1657637830060.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16970601419685475928/index.html?e=69&leftOffset=0&topOffset=0&c=2XDIhSTYhY&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df73c4328a93031c6ebb5f574b18049d22caea26deb574b9a7e446950b04d376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16970601419685475928/index.html?e=69&leftOffset=0&topOffset=0&c=2XDIhSTYhY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 08:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2341
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 07:06:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 08:51:15 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 534D 118 KB
40 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16970601419685475928/index.html?e=69&leftOffset=0&topOffset=0&c=2XDIhSTYhY&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16970601419685475928/index.html?e=69&leftOffset=0&topOffset=0&c=2XDIhSTYhY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 16:26:05 GMT

GET
H3 200 1657637830060.js Show response
s0.2mdn.net/sadbundle/16970601419685475928/ Frame 534D 34 KB
11 KB 14ms
8ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16970601419685475928/1657637830060.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16970601419685475928/index.html?e=69&leftOffset=0&topOffset=0&c=2XDIhSTYhY&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16970601419685475928/index.html?e=69&leftOffset=0&topOffset=0&c=2XDIhSTYhY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 08:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 07:06:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 08:51:15 GMT

GET
H3 200 1657637830060.css
s0.2mdn.net/sadbundle/12276200816478547214/ Frame F449 10 KB
2 KB 15ms
10ms Stylesheet
text/css 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=c5kpQVAqrH&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d656f49ac878039d3910fd7c6e03b2c56998038a48acc6a57fb83b2eaceef50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=c5kpQVAqrH&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453580
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2417
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 07:09:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Aug 2023 07:09:23 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame F449 118 KB
40 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=c5kpQVAqrH&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=c5kpQVAqrH&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 16:26:05 GMT

GET
H3 200 1657637830060.js Show response
s0.2mdn.net/sadbundle/12276200816478547214/ Frame F449 34 KB
11 KB 24ms
19ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=c5kpQVAqrH&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=c5kpQVAqrH&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453580
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 07:09:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Aug 2023 07:09:23 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8150578953634767223/ Frame 1AA4 6 KB
2 KB 19ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8150578953634767223/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=sgOi1eOOf8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97f6f81b224c70cf2431f07287d287446129697370b4419a9b82838be0ea0174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=sgOi1eOOf8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517961
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1656
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:27:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Aug 2023 13:16:22 GMT

GET
H3 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 1AA4 109 KB
37 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=sgOi1eOOf8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=sgOi1eOOf8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 11:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Aug 2022 11:10:30 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 1AA4 59 KB
22 KB 53ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=sgOi1eOOf8&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1701385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21678
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKl2O3Cs7wM06CAQEcg7lEW7BcvtbJKBJf%2FI7W5%2FN1l%2BYYSd8K1kBM9%2F9ExEPKh3DHJALASaYonlv%2B5gMkChqYafKPI7qjpD8snmpnkHPvj7CsyZMiZsYTZAnaOlZY2fy4jlad8dbD3aBPNgXfPLZaYP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7380b9599b5c9bd7-FRA
expires: Sun, 30 Jul 2023 13:09:03 GMT

GET
H3 200 1657637830060.css
s0.2mdn.net/sadbundle/10725954732868190736/ Frame A445 10 KB
2 KB 21ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=UTESbWjBls&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef0423678b64273b3ed7c54d42b196336fbf0d0114fd7b018fe3848fcc42478d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=UTESbWjBls&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 06:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2409
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 06:39:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Aug 2023 06:40:03 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A445 118 KB
40 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=UTESbWjBls&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=UTESbWjBls&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 16:26:05 GMT

GET
H3 200 1657637830060.js Show response
s0.2mdn.net/sadbundle/10725954732868190736/ Frame A445 34 KB
11 KB 30ms
27ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=UTESbWjBls&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=UTESbWjBls&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 06:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 06:39:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Aug 2023 06:40:03 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C082 22 KB
8 KB 13ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 420178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 16:26:05 GMT
expires: Fri, 04 Aug 2023 16:26:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 851C 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 420178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 16:26:05 GMT
expires: Fri, 04 Aug 2023 16:26:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 97ms
93ms Image
text/plain 3.216.238.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.viva.co.id&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&d36=6.2.41&apppkg=&fv=3&proto=https&clsid=229dae99-d595-4ea3-ba1a-457cf63e6233&rando=35&pid=59c90be728a061224b14efc8&cid=61814395a7c8681364723669&stagid=618143eedaf7e149fd14cf49&stplid=617fa77dd82e8945417e5095&e=inventory&vi=100&cb=1660050543843
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.238.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-238-203.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 740 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 18 KB
4 KB 485ms
254ms XHR
application/json 54.145.157.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_TAGID=618143eedaf7e149fd14cf49&AV_PUBLISHERID=59c90be728a061224b14efc8&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j&AV_CHANNELID=61814395a7c8681364723669&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.viva.co.id&AV_DADPOS=3&AV_PLACEMENT=5&AV_TAG=618143eedaf7e149fd14cf49&AV_TEMPLATE=617fa77dd82e8945417e5095&d36=6.2.41&responsive=1&sver=2&avtoken=543826&omv=1.0.1&clsid=229dae99-d595-4ea3-ba1a-457cf63e6233&rando=35&AV_WIDTH=640&AV_HEIGHT=360&AV_DNT=0&cb=1660050543926
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59c90be728a061224b14efc8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.157.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-157-73.compute-1.amazonaws.com
Software: /
Resource Hash: 09a586f9350bcb33ab0ee67d633e9a4cd92061b87aa3ede6a509b7a2b184d7ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:04 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 28 Jul 2022 23:22:24 GMT

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame 71BA 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 15:59:13 GMT

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame 2442 36 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 15:59:13 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/16970601419685475928/ Frame 534D 3 KB
1 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16970601419685475928/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16970601419685475928/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16970601419685475928/1657637830060.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453697
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1365
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 07:06:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Aug 2023 07:07:27 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/12276200816478547214/ Frame F449 3 KB
1 KB 21ms
20ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12276200816478547214/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453581
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1365
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 07:09:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Aug 2023 07:09:23 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/10725954732868190736/ Frame A445 3 KB
1 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10725954732868190736/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 06:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455341
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1365
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 06:39:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Aug 2023 06:40:03 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D502 0
26 B 72ms
50ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcsUH7dz2VucNH37F33eq_RAA4lFYzUPQ8x0fmZO_WIX_9mubs87wMp5Kf6YBccB1AHhKXiaQUOpaDTGMSveGS1IdZAaRkrz9Z0osmQUaOv4V6t2bmPvlUnFr1SLfgX3P7YzAyNKcRs-Cf9PlGUfhF3x-PQ4YWF5ABlifUGj16VZyDBJBX3Dg3pow866Zi6aJF4Lp1M-fCalZHbubna7h8DeKKk8vgV8LCg9mwZY5qGu-fGxs0-Dee5luzBBX-fZ2Jo8rrNTpheRosvqnbGziQt9rpIif_6zYDf5hVNq2jqNQBhXKqOUrVqwzWbAmt-RslkPqfoCpsaSCjCDlvSEcjR62KvyVoUqqu0nbye27SCNEdGtBHyv5K18qOEpIVyqLkuhguat1zCkokdcf8VLuX8KXqAOtkM3N1JXIU7p_QU5qKPj7pneS05IJIN_LhDWnfvkvRkbt3j1v04lfpN9ztueujMEAhNDJLxDQDdeRybwN74UbCG88JPXTLpKu0IVirqVFmRzUAh6gBV0fQ7CbyqlyyPadaB5UPqmD02LvcJbfneIum5KpW1LLSMg4N8ddHiygKlTjljWf0iE7oAcUuJs46A-6vZGQM3Hh12kpqYX_Ri47NJVxZD4dM-mVwrElcLfI2BNRfoWpr9paMUmjCbULkIu8Begu1w0ya-00D1iQayBYCcH2CROOsBBCmkzaOwgoCENgsCqT2DlxEL7e2SlwRHmHXrrEJy0TwvMg1pE7BSJprrW2ltbnoqhmBGJVg84_6pp5sqI1qR_9e1xaYQMa_GULbtQr0lQVxbqW2bPA3h3u5Clq2bTQssHGZqgOosiWgufZm6L7kt3ZCXvVnXxuGXt4cph9qF1rOSm6F-HejNOyJUYf4rVTa5sglc1mhRYBFCTbiz5SAbBBV38MD8w7PjM98uQESzvxl7hSL7U1m-4trovn1Z_f8K6pdEHqYtY3BBoMEzzejK2qfZJcp0vMRYBLMh8IjmlRLs60Tn6QcUGc-VWX1Cm-MZYq8YVLCYHWZ4mnrxAZ5M_pIWLGK5hJ8mzBf_eNOieoETDnmS1EjulIpTnr8oVD1-dsfun5QvTRNwGin3CjgNZqV_f1LxWnF6D3spfKBydeBlOaC7CyhDQR4LdLbgfw0JXzvjRN20Z-owbw5VCHLyJZHZ-GN875vuUr05fuZ0nV3jfyHBvioR0QHZyluD8n9T0_EIc52tb4vrlVo96ZTMJ2Bmw&sai=AMfl-YRDKAoScc7Rv6NLrskEP8JHB1V3mQ0dOiGWdRw_Kq-fiUPKA-WpKZoEoHVm98cK3YA51HNRyJ1MaV10bFcAnK1wMmNcIDgiK26hbp56Z9BpygzjBULGyAKEnkXPWjpfcEQB5APK06TqDcld7MkvT6Cgpay5VeOvqUoLB1tm_-IDBjY-jGwzLgxGwHl0BDi28LIjhAVycD_wOLNC-hPq2rzJLqcYlgM&sig=Cg0ArKJSzEbvgGM2njDoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1876&vt=11&dtpt=879&dett=3&cstd=991&cisv=r20220804.85413&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:09:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EA34 0
26 B 67ms
50ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshZfqrplXz_OEGRPsWpVh5nuIrLe1uLhS6WMl2t4KQYKVDI-PtjyL-gQXU0fx2WkJPMbKKeyCqKqd7OG_I6kTWzb_KR8ZrMycLLDt6LTyv93Gv-DzfxkHnnc7oKTF8U59aakIYPvMHqTKAbGv8kQgO826kRE39Y_s_1WkiglSSaCnjnSdG1oOaQTQZ70XMB7eTpvxJzAjSp1Mee1AsID0-8hskZRaTMwrmrKWJjEldGdAWo3In3spSSU0jfmEpvaP5ka4mVjS5I7ktcneLS0PLj9ZMEYXAQaktLCjIQ0A4LMXXWcvkGlarbbVi0h_EWhC63jLvWKqjurYTQRoVwcrj51sMXTQhDKJAEpJWg9MYOLvnJd_tlEEUKVflUJkNZmw5vNF630D49Qo25ucaXdua5cpLNmF3hI7p4zDsDKql09K43SX6KQW9RVpz7VA_xM_XXGvH5Li7jN-9zvui1dPm-W4Na1P2722rwnHvx8Ho41E4dpvydAa0OL-3g3FzCxD6sKHx2t9c6RMovgFJl8IUlKYtQOnCAOBOrQvB0bwa45FSHLT1Z7FrZr_RSfoYbZlmBjzuILpozReClZJ_u1F55YWsh2R62S2QfIyNOBFdbVvUk0OXLCty9kYkzZqcZ6mObEwLKPKOG8HsnaWKSOdbQtv3Kt5_7JRr3Dvw_CJI-MTz5qMOIYYBJF3zYGtMAMOhwEUZ09tYtWgdVGCksl0fVMkykvXMw615mKzKblRGVDm_vWW8G3jiQ-lBaSMEC67IOT8xVtm2K9ea0uOos-r95758Wo3yZRmTAcOiM1w6iVuhzDI8kWdcZ7IleZK6tlT40FFMM0s2E8Hj9IImk14AxYb2zPbFeS3Wkdsm9ORWjjVJ2O1PeAljqS6nVnE4g1ohYrXnUT9VHyQPo8sur8BEyajSym32K_WDBDsfBk9c1qU0r1Qtny5Ra-LZjdzZ0GEqGqGeZzZleoIXyploDOB_LqD7KtlNcMAPQ0aAoMqaKkWdcnEGYg7GaI4v0cPR2y3yn5TROS347G-uxhBs7WzYbbxnE6tiHkv9ieNcdJAmV-J9Pa7hvc2ws6O0ZlvJ8VivuI90fvMZ4yeNT2xCvxjviJdcuydCpkb8PdEUWdQEw4Outdxq6uoyOq8TAiAMPJVZyI7sfPLknqylICTPi2bTwzqlxIPXlWqNbJs7P9npHFc8Q7sbIpFwslI&sai=AMfl-YToYSaDKmWS3ZvpvGt3uslfJHwQMXDaaLG7nA7YHf5iZCO58jBcqWWSVGvjiqr10PmdcQqfuW9XlCqaElMe70OBnWJNV-O-yiHv3MxCTgUkNdm0aoBZ8m48AzLldFMztP2JwKKXtBaXQZ5fwCPCzfmwwEjq8b5mcAaZY5wL3Wm_khL4m3nl-4OUsuReet4vxMBVJiYRf7Bign7xwKseg5Ii2xYUsIs&sig=Cg0ArKJSzMIXkgezjDvkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1891&vt=11&dtpt=1000&dett=3&cstd=881&cisv=r20220804.48263&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:09:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8CB0 0
26 B 58ms
49ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNuGTaQCOWG2fxc1T4pzCRnOAgxpsOJI1KNSV8y7DVsT8Rf8ZxedNhwYeBRL--guuXCCPPx753LUaThoQZjY6PWe_Khu0RTuX4cy_kIxNhhMNsAQKgipMR4mclIfVLlA7au2wMb7wUKnY8WCy9cmNJWTTvJYMD9wY8XmP4wY9VyMiI5Y_DlX8btNKRBWkPmGL4qvQE817wnTEPT7OOlXTVK8zzYSSTB8CUXdeAUhz5-qeKu0njChFOOba7Sk4__CNmaTHcbeCnmGrs6N3CYdFyUYs0bq2ZGEhekf3R1ZX6fPR5i1kb-IRjvxJ1uDC77GFxivm_mj5_BU8lhRtDp6FcVkGly_IPOYqBsC847F3EvJw0pIThRDcrjib5g1DZF1yPgNRF2Ap_VNgtn0OB55205BldKQhYmP9NCp4-lqK_uJGOOaVTKRUE59WAlgtmWigWbkG-6PkKycFcpSH0-NdCXK38DVbQbglq5jtcLjphOJs1l-tOSPAYqDIxY2EQlQolXmtBfsN0QBkGIpM2_BbGGIXICWO2Y7XxIECpcYPJ4S666zrN9S97BQ5UKsK2JtG3D_v-qPViHBGC6fwJWI8PqERwPsrFt_ONOSeOvDSRQt5B0g13YNE3mwcPu3nD9lBj9eeatoRyKZubXrMZgjJcO6_fNZg9ZltSSHWMrDOa6iJnKCQiN8ae7qtOWJkNZFnn4xR1L5Xg-hLPdhrkiLVOLTw3hDdz-9kbR6ngNa4_4APHCozirSWW27WMY7vsr5-4f-jEujjXP7erBGWb0qoscASMCkxHRpZif3yzxBRRgjakb2CVLLb3ySkBOe2Gh6cJKbW_B3ZNYIWLnK7Kt27W9LgmcC_iR1bFlMgYEy29rRg6vVyOi9CJuZmeSAgKQtR9sYK1syC_J6yCmn8fa5gSYvzE6x53GQVVkVV6zybJ-tvQZsodjh64P-Jb-ylrZe_xyyN2jfT2hEAKDh_y4BC3JDCsBER1gew-xMnf-QpcilyeBsO5IEY-vadOiIAOcwNbTfziB35k-2rpuetxK1DmfOfIzgMtRFkjQJMGq6VI44BdJdMmuKTaF7tVCVqZi4rDuB96jPrKk9J5L1TtlOT2oJ8KdKU8cKwWPcJaHagz4tPXLIU1Lba5HlHCGRk4Gga40n1Y-7_2IJ_JLsEh_PAsOK2ek4eZL_w1qyzAExBbfWUMUTIy9d7YjTMWgUn8y8SYm0yNdZJFslVm&sai=AMfl-YRYyktXVhtDq7DZoIUeqlz4EhKaxhVa4GRBmGll1mieebh512xk-hGfjrj4XGaFp2XexrD-J-xUIocpTOYrzDIVdX4xAmdU07m0er4dRoqMdP6taiZp3ar4N2C9hM80L5PgTwekREIofO8A4gceE6TuVmZryo9dQt30xqGmntAGpfCWlWWoXQsp0GzGeXxA9zI9rEiUrVa9G9oOe1EV_TztZbMTuD0&sig=Cg0ArKJSzMomuiWIPUUsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1793&vt=11&dtpt=878&dett=3&cstd=909&cisv=r20220804.41453&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:09:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EA34 42 B
64 B 62ms
44ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtkeMUhowzWol-6DoDAah6SPoFHbvgei6Se_yJ-RK0vn42Td2HLFBZVjsMyFyH5f47LcR_xm8JzOhkwEmXlOW2bU8DaTspbasJkTFzXTh4q4rcbhyXo0SH1etUHpNSTbTlU86SzJqlIOKBnQ&sai=AMfl-YQ-_u8Qn6NBChjhAnLf0PsK91Us7ZNW90wkFM4rZcYkC_F76psUtn8Pq_rs66zAFUnlpG1lwKSPmwGo9nrQ-e2su8cd37Pk8YUo_T__OAD1adjZkT4sw8vA8fLqsfo&sig=Cg0ArKJSzOOhhdKtB-uiEAE&cid=CAASJ-RojLbkpGCcYSqXZ3RgtKdeHLEBwwnsfKa98GlSpcOQczzm3WGvUQ&id=lidar2&mcvt=1067&p=172,315,422,1285&mtos=1067,1067,1067,1067,1067&tos=1067,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1032522175&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660050541762&rpt=1272&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame C082 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 15:59:13 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2653 0
26 B 49ms
46ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5j7T6Au7OtsPOr-D9UYTyYTzqF03kj1iBDUCPsOPH6zNRbsYnHj8yjTwPB6L7mgX3OaMJLx-izeCSy9tXAvN_IY6dS3aWvm0ROfV5oksUpKnpnxAO1NSCs5F3m81jCalnup5aIit0wKUIpW1S1_Lq7rq_ulTsjDsY_DMhPd5nJW9MU1o5l3Yn-U643qM5n6w7678aShqeO5EhNP4ox2eLdFmxhS7wSQTQX8XIK2SQfdZInKlvRwBG8A73rLi_U5ZazfWOjnVYFoBI8L6GjAeAeg5XzPaD7lb42qGodd21QmNxKUzjcqMaB4JZoJrsm8Kil6-t6QL7B5QVOa4VjaFcjYeMg5Wm4RyuzGKzM4LqjKEtzGyiKiJdo3r8Bltu1I9vsUGhxeSJ38Lz3EvdhXMbw6BNRflDIi3vhOieYD5SPgdpw2oALM-rXzIwlLeQ0Z1aq7STWHFtQ33gnsRDDGeXUeLGGnBW5yHUmS2mrMDfRUZTo2lmfI6ODoHThUp_bhtu_qbkDGllWgRja12EY2n9uSBJPjTGUiM7pGrtteB4R_DTqaDDhF3b8UknFSRE8Ku7Xz0L1aHDvvHxjlXGyUwo5pJn73UT-H1FevfvPTvPD3_z2nTFLzAywCO55BgOghCYrnm9NLOT2Gnu_W9Fdoc44xRbLse3dg9qT-pHd97yRzK0XfA9TYYjeDlGOXC8vAnELNomP3Y7X94sUONeabw0fa4lUT4Cyees1FWe1gh9fRLIfMfKztjIFH-wWGMxWQSMG8AO84lhr6zs8BVfEQul5fqIc4X92khAzth2fxkJppd-SUVuAViVjZF7IC4X3JD5UASnnFZK8LsPx_l8-aXegzEUA5bkWaA_mciHxOC38_X_dz9d-yqwj-voOPMp70Id1gfnuyd5sbCUxHK-LD9UG4e9nwClwBaszumgAzNrLHjUgRnk8JxqxFqmiT6wJ25g0oQmlJ3BHM9z-eZekxi-3CUozfbGTm1tFdSairhyT_nxxRh028jDdweW6AwX7Om_isb_3aD5NV3w67P_X1bGmq7cOXuFbP77NU25vXMeRuB3Q48gicMkfOpzKy8dekexL6Rfn1BemjEF45M5w2L44anYjolu80rH6a0DmVyCZlTD0vsKYkDVi3wyqj1Qo1vxyCzvDino0VQqP8dPx9WRubu-CymxT5825ZbdxPs6Us_-QsaBwf8ItVGU58YHx8zePdfAaSXOUZ5x9w&sai=AMfl-YTThFBrmibxjE4Qm-7cmM_I1EEf9qW6ve6NYrE94D8NZR4Gte-lqe4Q5cki1gomAVotilddBu48xoTPxA_e7KvMsliUmikhHJp_O0j3E1aHWccPvHGPGUR6_qInkFAohpONJjgvRc6cPQXht4mZJ5Z0zikIFNgWZqJ5dXpnVoZhLi9CsxA-YE6V7VgMo_EKvzNa922MdccDYagh0gBZ5yv2M-ATRhY&sig=Cg0ArKJSzGhPRv-MKhwzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1277&vt=11&dtpt=909&dett=3&cstd=362&cisv=r20220804.70616&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:09:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame 851C 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 15:59:13 GMT

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame F449 13 KB
5 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 16:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 16:01:27 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F449 7 KB
5 KB 50ms
50ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1215ff0b47504b87563fc96ac063563a8947f05be82d3b9ce47e447b0195659c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5577
x-xss-protection: 0

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 534D 13 KB
5 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16970601419685475928/1657637830060.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 16:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 16:01:27 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 534D 7 KB
6 KB 51ms
50ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86733d07b26242abc28ae6ec48b96d69a8fb7abb27566e10109e69b5a6879908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5652
x-xss-protection: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 34ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YFFX5TN9EH&gtm=2oe880&_p=198806249&cid=498688345.1660050539&ul=en-us&sr=1600x1200&_eu=AC&_z=ccd.v9B&_s=2&sid=1660050539&sct=1&seg=0&dl=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j&dt=Polri%20Bicara%20Waktu%20Pelaksanaan%20Autopsi%20Ulang%20Jasad%20Brigadir%20J&en=read&ep.event_category=Article&ep.event_label=233bb974-6137-44a0-87ea-9408b4b5d9ac%3A-%26id%3D1500649%26tag%3Dbrigadir-j%20autopsi%20polri%20ekshumasi%20viva-nasional%26channel_id%3D5%26date_access_user%3D2022-08-09%2020%3A08%3A58&_et=32
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YFFX5TN9EH&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame A445 13 KB
5 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 16:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 16:01:27 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A445 7 KB
6 KB 51ms
49ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7738f467c74a594b06e0473992e29b04e2376a56a328dcaf5c99bcca41fc58a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1AA4 7 KB
5 KB 49ms
48ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf864bfbce5f7966b3a66accaaebfa40f91ece92736162376044cdc8592d92d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0

GET
H3 200 blank.png_1621952551211_blank.png
s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/ Frame 1AA4 95 B
120 B 10ms
7ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/blank.png_1621952551211_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=sgOi1eOOf8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 19:01:04 GMT
x-content-type-options: nosniff
age: 583680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Aug 2023 19:01:04 GMT

GET
H3 200 DCO_Engagement_Test_970x250_1.jpg_1621952551211_DCO_Engagement_Test_970x250_1.jpg
s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/ Frame 1AA4 76 KB
76 KB 12ms
9ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/DCO_Engagement_Test_970x250_1.jpg_1621952551211_DCO_Engagement_Test_970x250_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f473bc5ead6849819ffd68a72d9665fb8905fc7f54b9583bb37cd660addaee30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=sgOi1eOOf8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 15:58:51 GMT
x-content-type-options: nosniff
age: 76213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77558
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:22:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 15:58:51 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8CB0 42 B
64 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIHPyetIpFRAb72lR50KbL-UKLQz42e-bC5aDlMq5pjFiEUReWlubVCAL_HfFVFLOT68StF59HBX6vGxYDaMGG9JQ0pTkzWJUS6qfh-JMHHcZClxhqhHWt3ci8qpd71MeljOzU7HpjNFPeUg&sai=AMfl-YRCdy1CCCvk9jnYJDHE004zL9HVasdk2GkemWR7KiFKKVOCy_44vlKkmdsqWPpm1HXJl6eYoIIDwvCgLZCtlT-iaVh57LNxZ8Hto5KYqA4W72O4GtppcD5ZJz-Urlk&sig=Cg0ArKJSzPhLpZzCkcKaEAE&cid=CAASJ-Ropf6i0vkJr2o9idl0Hp2zUfQD_eVhjTaRMVT746cgmcXm4ZSCmA&id=lidar2&mcvt=1067&p=1110,436,1200,1164&mtos=1067,1067,1067,1067,1067&tos=1067,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2821835629&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660050541895&rpt=1308&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 1AA4 27 KB
27 KB 53ms
52ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8150578953634767223/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8150578953634767223/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:01:03 GMT
x-content-type-options: nosniff
age: 481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 13:16:03 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1149 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAQa5DHmRzUE-UVxZDO3nqfMwOULiW5LFNiZRF-LqcFF8X7Vbk8ZvHzW3N5DX3JFAPcEWx2zv7LKTbI0oJ0BCBssxmdmh9ONSfByW9ww7g2zBy1T-0&sig=Cg0ArKJSzM_lCmdndy8QEAE&id=lidar2&mcvt=1034&p=171,315,172,316&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20220808&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3482815306&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660050541900&rpt=1363&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1AA4 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 13:09:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F449 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 13:09:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 534D 17 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 13:09:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A445 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 13:09:04 GMT

GET
H2 404 4157
www.viva.co.id/berita/nasional/ads.pubmatic.com/AdServer/js/pwt/157512/ Frame A8C5 0
0 357ms
355ms Script
text/html 2600:9000:214f:e600:18:d576:df80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viva.co.id/berita/nasional/ads.pubmatic.com/AdServer/js/pwt/157512/4157
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59c90be728a061224b14efc8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e600:18:d576:df80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:04 GMT
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
content-encoding: gzip
x-amz-cf-id: RxBjwXOw4Nkb9bNRqPFAn0ckK4R_1CGF0-I5xkXhAJOY_6jOgDYLqQ==

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 0931 3 KB
2 KB 8ms
8ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59c90be728a061224b14efc8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Aug 2022 13:09:04 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 avpb6.27.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame A8C5 178 KB
54 KB 22ms
19ms Script
application/javascript 2a02:26f0:ea:4a5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59c90be728a061224b14efc8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ea:4a5::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvZgRIjP_zIelaA7Qd1g7HiUpFR0g-chJF5oaDYPvMEf1YSybofZUrEc2MHFWWJBqU4p401BrNnbOxi4NEZxncbaA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 54791
last-modified: Sun, 07 Aug 2022 13:33:59 GMT
server: UploadServer
etag: "4ecda2f032d9e44c338b378388b06251"
vary: Accept-Encoding
x-goog-hash: crc32c=fWN0zQ==, md5=Ts2i8DLZ5EwzizeDiLBiUQ==
x-goog-generation: 1659879239799693
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 54791
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 09 Aug 2022 13:14:04 GMT

GET
H2 200 avpb6.27.0a1.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame A8C5 71 KB
22 KB 27ms
24ms Script
application/javascript 2a02:26f0:ea:4a5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59c90be728a061224b14efc8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ea:4a5::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduoB-bpO1LGLjlAbVkSJv3t_Td5BgCoQEK9tqlkppDPPh1DYMRzYFEoG7r3Kf2ybJ1gkAreVOiWExuIh56tP0L1F_op0wPw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 22126
last-modified: Sun, 07 Aug 2022 13:34:00 GMT
server: UploadServer
etag: "2ae737f175c0550382b15b7d6f5922f5"
vary: Accept-Encoding
x-goog-hash: crc32c=MZYTDg==, md5=Kuc38XXAVQOCsVt9b1ki9Q==
x-goog-generation: 1659879239872223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 22126
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 09 Aug 2022 13:14:04 GMT

GET
H2 200 avpb6.27.0a4.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame A8C5 68 KB
23 KB 28ms
26ms Script
application/javascript 2a02:26f0:ea:4a5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a4.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59c90be728a061224b14efc8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ea:4a5::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e0a6c0a5e14a8e83a6d486d3964d00f445d9843d0ea0ac41274f03f42bd77c9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu2pQdIwYOTUMYlPbLO-PJEtpyH9e-gX4isgV4NHKx9G6-hYYCQQS_rRPtM56D3jshaHJIdDUg7MXA74hp7eTrxDHbOH10n
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 22756
last-modified: Sun, 07 Aug 2022 13:34:00 GMT
server: UploadServer
etag: "4fc7c810f44e0d18dd22b52b209cc520"
vary: Accept-Encoding
x-goog-hash: crc32c=8/PGgw==, md5=T8fIEPRODRjdIrUrIJzFIA==
x-goog-generation: 1659879239920996
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 22756
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 09 Aug 2022 13:14:04 GMT

GET
H2 200 avpb6.27.0a0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame A8C5 73 KB
25 KB 29ms
28ms Script
application/javascript 2a02:26f0:ea:4a5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59c90be728a061224b14efc8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ea:4a5::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtWwHjkNMWU3DmEnP9RVD8yIC0q60b_hr2ZRUUe0VZ5-acDUXN6glCZD8rNuEn3tovYivfIrENXNCcCZL_UpcPVm4vaj9c2
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 24663
last-modified: Sun, 07 Aug 2022 13:34:00 GMT
server: UploadServer
etag: "d5b1db6426eefd06f3020f82c67c78bb"
vary: Accept-Encoding
x-goog-hash: crc32c=ssQAQw==, md5=1bHbZCbu/QbzAg+Cxnx4uw==
x-goog-generation: 1659879239877609
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 24663
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 09 Aug 2022 13:14:04 GMT

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
687 B 234ms
22ms Fetch
application/xml 3.125.91.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=20598&site_id=255230&zone_id=1845736&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12&p_aso.video.maxduration=30&p_aso.video.api=2&p_aso.video.playbackmethod=6&p_aso.video.api=2
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59c90be728a061224b14efc8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.91.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-91-92.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:04 GMT
server: nginx/1.21.4
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: application/xml
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 98ms
97ms Image
text/plain 3.216.238.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.viva.co.id&rs=www.viva.co.id&sid=24926&t=1660050544&cip=81.95.5.36&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=59c90be728a061224b14efc8&test=&aafaid=&proto=https&uid=1660050544268-942408671995-008325-011-000789&cha=0.05&stagid=618143eedaf7e149fd14cf49&stplid=617fa77dd82e8945417e5095&d35=&d36=6.2.41&cb=79674550307&apppkg=&d9=1000&prbdres=Data%20Center&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=416&AV_HEIGHT=234&&ppid=59c90be728a061224b14efc8&nid=58fcbed1073ef420086c9d08&pcid=61814395a7c8681364723669&ncid=6181431f05bc9a7d8219d178&pasid=61814354b76e7d340a3c5017&e=request&cb=1660050544495&asid=620508aed8a92460fc7a7254%2C611e999e5f711c0601794560%2C62ea3418c26cba2e2a2f1fd4%2C62d7dc5b5b693547ef57f2c5%2C62c597a6b8d5cd2bb37d4304%2C5eb14f492ea88e1d167f7a04%2C5f3bd7a90d44f3132c6eb169%2C62c6a0e0aedf2f2ee43ed1fe%2C62d66aa0fd33f968415df1d4%2C628106aa4feafd44041e4e37&ofpr=0.65%2C%2C%2C%2C0.7%2C0.68%2C1.81%2C1.15%2C0.5%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.238.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-238-203.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 534D 98 KB
98 KB 27ms
23ms Font
font/woff2 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16970601419685475928/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16970601419685475928/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:59:18 GMT
x-content-type-options: nosniff
age: 586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 13:14:18 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 534D 57 KB
57 KB 30ms
26ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16970601419685475928/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16970601419685475928/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:59:42 GMT
x-content-type-options: nosniff
age: 562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 13:14:42 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame F449 98 KB
98 KB 25ms
23ms Font
font/woff2 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:59:18 GMT
x-content-type-options: nosniff
age: 586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 13:14:18 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame F449 57 KB
57 KB 28ms
27ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:59:42 GMT
x-content-type-options: nosniff
age: 562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 13:14:42 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 00CE 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9wCxoVeLE-7MLOXA6AD41eWy2tHR9OT6VRZWutUXlwBtB3abEaD1zVETnXyqfHgrF1wkZgfo7UNLn8rNpHBsWZ1vM2cUDcApU2SjrhoaF132hcjdu-lHHsimbKyioe3U0UrpP9twYfaRDqQ&sai=AMfl-YQ5zpFcw6LqaEDtvCrNuJ9yviEOAp20yzRcz_D5oLbILCfi6VvrpKOHtooGjqwaUnw7Prm32t_vCvJMGmyKbUf3CZWWrXRWPTGyKcrEbLpjI-XhbGQjwi85b_8JQ8Y&sig=Cg0ArKJSzFdzrGHEWKG3EAE&id=lidar2&mcvt=1080&p=59,140,659,300&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1411660821&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660050541925&rpt=1523&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2653 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyqhKmvSQ4b9TfpI0VnUUT0jH5M1Gd21xzvpql0etmg7LxCakKiAq2szgaLuA34BFgAMVMY-IyZsFKofuSDJ1ltREDodBKfvdqBRHJiWVQbU0JQySYF428z9tvcyimFyKNkzKaQLHzed-bFg&sai=AMfl-YTAF4W-zhhB4YE8FY7WQWf16kSD1JpYic6bL5MUg7fCqB5dDRYgv5V3Z1IU4sfBtHjC0dBPh9sdjuEtJ_VO_aAR5JLKOeI91QzXH9vdQW8buXKtP8cKhxHu0fe_NTs&sig=Cg0ArKJSzO-o5Pe2Wl9MEAE&cid=CAASJ-Ro8dzn_bzexVuC404q5u0Idnl0X-gBGwz0MUKsPC4G5L8zbgc4yA&id=lidar2&mcvt=1083&p=59,1300,659,1460&mtos=1083,1083,1083,1083,1083&tos=1083,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3481637858&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660050541933&rpt=1491&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame A445 98 KB
98 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:59:18 GMT
x-content-type-options: nosniff
age: 586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 13:14:18 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame A445 57 KB
57 KB 10ms
10ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:59:42 GMT
x-content-type-options: nosniff
age: 562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 13:14:42 GMT

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame 32D2 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 15:59:13 GMT

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame 1796 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 15:59:13 GMT

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D06 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 15:59:13 GMT

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E1B 36 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 15:59:13 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 838C 1 KB
2 KB 69ms
50ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9311a4e9fd3ebb8e7e7b99925032194780f611adcf0ecbb92666393109fc3e27

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7380b960c8da9bf5-FRA
content-encoding: br
content-type: text/html
date: Tue, 09 Aug 2022 13:09:04 GMT
dropped-udsids: 73|46|206|130|31|51|8|39
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHf3APBQjW9M%2FFHBLZwN58yQaIRy4amyS5KLkidgCCLm2h7qbTx8QTklVTvtH9TzO33zmJ%2FTYmViLJlqVziz5wecS6L93CcnpVqmSv9oiYpBDt589hlpZZym5l5EHj2cgwCmDOtD04nuZw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H3 200 l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame 534D 35 KB
35 KB 10ms
9ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92131580be33adc0f7f3e63a86eb2fda7a504d599e1347cef2dba0ddb5ffa45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16970601419685475928/index.html?e=69&leftOffset=0&topOffset=0&c=2XDIhSTYhY&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 13:19:21 GMT
x-content-type-options: nosniff
age: 85783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36233
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 13:19:21 GMT

GET
H3 200 m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png
s0.2mdn.net/4528404/ Frame 534D 157 B
187 B 10ms
9ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c32d94582973c620eee44273526d176fdbca5b8b36505c6142ed3c90c71882b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16970601419685475928/index.html?e=69&leftOffset=0&topOffset=0&c=2XDIhSTYhY&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:00:30 GMT
x-content-type-options: nosniff
age: 76114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 13:08:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 16:00:30 GMT

GET
H3 200 m18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png
s0.2mdn.net/4528404/ Frame F449 12 KB
12 KB 12ms
12ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/m18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c13e7d4ca5f849cc56ca5f3bfec462d21e7726759ed48ae54975a2a4f8c8a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=c5kpQVAqrH&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 21:17:23 GMT
x-content-type-options: nosniff
age: 57101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12529
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 21:17:23 GMT

GET
H3 200 m5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame F449 11 KB
11 KB 14ms
13ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/m5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4450ea25a2cd96ef28f12b921b645248e76d4fc7389dbed6c183cc91cadef186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=c5kpQVAqrH&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:05:41 GMT
x-content-type-options: nosniff
age: 3803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10927
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Aug 2022 12:05:41 GMT

GET
H3 200 lv_700x1605_2207-anf-s-liebe0963119f-6c90-4a07-8443-e783c7906658.png
s0.2mdn.net/4528404/ Frame A445 157 KB
157 KB 14ms
13ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/lv_700x1605_2207-anf-s-liebe0963119f-6c90-4a07-8443-e783c7906658.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c095218a41f63c1fc5a108346fa31503577aa41fc00a9fb99bcd6e942b2ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=UTESbWjBls&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 17:05:03 GMT
x-content-type-options: nosniff
age: 72241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160522
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 09:10:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 17:05:03 GMT

GET
H3 200 lstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png
s0.2mdn.net/4528404/ Frame A445 29 KB
29 KB 11ms
10ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/lstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43eee97b916f7cae9cac6a504204f9b845ccb1c760f882bebd36fd6138948fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=UTESbWjBls&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:06:10 GMT
x-content-type-options: nosniff
age: 21774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29864
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:03:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Aug 2022 07:06:10 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 122ms
31ms Preflight 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.viva.co.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.viva.co.id
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 09 Aug 2022 13:09:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 121ms
32ms Preflight 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.viva.co.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.viva.co.id
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 09 Aug 2022 13:09:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 137ms
52ms Preflight 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.viva.co.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.viva.co.id
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 09 Aug 2022 13:09:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 86ms
13ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.viva.co.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.viva.co.id
access-control-max-age: 600
age: 0
content-length: 0
date: Tue, 09 Aug 2022 13:09:04 GMT
server: ATS/9.1.10.25

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
408 B 145ms
84ms XHR
text/plain 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:05 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
408 B 119ms
59ms XHR
text/plain 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:05 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 36 B
609 B 52ms
39ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=485509&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22582ee88a38aac6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226d1b9e640fb0b6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22485509%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22placement%22%3A3%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A120%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B416%2C234%5D%5D%2C%22w%22%3A416%2C%22h%22%3A234%7D%2C%22bidfloor%22%3A0.68%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22sid%22%3A%2259c90be728a061224b14efc8%22%2C%22asi%22%3A%22selectmedia.asia%22%2C%22hp%22%3A1%7D%5D%2C%22ver%22%3A%221.0%22%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92b779397147c125472f7c857ef7dfd9a0bd59125910e5616d8940e6ece95be1

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Aug 2022 13:09:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYVEOlWmAHgmhCqSwLDYMpGwQ9jOr189%2FUEw6T7PRJ2uY8jgofDHBGi1doILXnuZZxLjPpuFwTUeOUrKeCs%2FpvSbO17GFX97CMjiZv%2BekYA%2BUXMi%2BcIEkdOje3GGlm2TwjZARFXF"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7380b9617ec15c85-FRA
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
409 B 99ms
58ms XHR
text/plain 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:05 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 tag Show response
cguke-9h64o.ads.tremorhub.com/ad/ 55 B
418 B 897ms
217ms XHR
application/json 2600:1f18:612b:4216:6ea2:7e37:6642:1ce8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cguke-9h64o.ads.tremorhub.com/ad/tag?adCode=cguke-2x5lz&playerWidth=416&playerHeight=234&srcPageUrl=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j&supplyCode=cguke-9h64o&mediaId=VideoId&schain=1.0,1!selectmedia.asia,59c90be728a061224b14efc8,1,,,&transactionId=93c99b8d-27d9-4a9e-a66c-076b8a698a3d&floor=USD:1.81&referrer=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j&hb=1&fmt=json
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:6ea2:7e37:6642:1ce8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 1d2d7bfeedfb8ef436e0dbc770e4b153c523e5f90cf640dbdb0c0aa047338553

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:05 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: application/json;charset=UTF-8

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
195 B 133ms
107ms XHR
text/plain 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.viva.co.id/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.viva.co.id
date: Tue, 09 Aug 2022 13:09:05 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

GET
H3 200 l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame 534D 35 KB
35 KB 11ms
10ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92131580be33adc0f7f3e63a86eb2fda7a504d599e1347cef2dba0ddb5ffa45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16970601419685475928/index.html?e=69&leftOffset=0&topOffset=0&c=2XDIhSTYhY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 13:19:21 GMT
x-content-type-options: nosniff
age: 85783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36233
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 13:19:21 GMT

GET
H3 200 m18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png
s0.2mdn.net/4528404/ Frame F449 12 KB
12 KB 8ms
8ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/m18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c13e7d4ca5f849cc56ca5f3bfec462d21e7726759ed48ae54975a2a4f8c8a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=c5kpQVAqrH&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 21:17:23 GMT
x-content-type-options: nosniff
age: 57102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12529
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 21:17:23 GMT

GET
H3 200 lv_700x1605_2207-anf-s-liebe0963119f-6c90-4a07-8443-e783c7906658.png
s0.2mdn.net/4528404/ Frame A445 157 KB
157 KB 8ms
8ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/lv_700x1605_2207-anf-s-liebe0963119f-6c90-4a07-8443-e783c7906658.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c095218a41f63c1fc5a108346fa31503577aa41fc00a9fb99bcd6e942b2ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=UTESbWjBls&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 17:05:03 GMT
x-content-type-options: nosniff
age: 72242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160522
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 09:10:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 17:05:03 GMT

GET
H2 200 YvJcbIARC4WgLdt5YaNFkgAABIwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 838C 43 B
983 B 486ms
36ms Image
image/gif 2a05:d018:d29:3601:f3cb:95d1:14be:450d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YvJcbIARC4WgLdt5YaNFkgAABIwAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:f3cb:95d1:14be:450d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 838C 0
0 455ms
12ms Image
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 838C 0
38 B 12ms
10ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YvJcbIARC4WgLdt5YaNFkgAABIwAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:05 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 838C 43 B
430 B 535ms
167ms Image
image/gif 52.213.154.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.154.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-154-120.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 09 Aug 2022 13:09:05 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 838C
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7133369451404983512&uid=Q7133369451404983512&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

19ms
18ms

Image
image/gif

104.96.159.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 104.96.159.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-159-65.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:09:05 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Tue, 09 Aug 2022 13:09:05 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 838C 43 B
220 B 347ms
8ms Image
image/gif 3.125.77.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.77.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-77-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:09:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 838C
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=05e3d5c7-5b7c-427b-b29c-37b5d3785a64&expiration=1691586545

43 B
910 B

31ms
30ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=05e3d5c7-5b7c-427b-b29c-37b5d3785a64&expiration=1691586545
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7380b9667a0c9b33-FRA
pragma: no-cache
date: Tue, 09 Aug 2022 13:09:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrAMffUnLvlH6ofaSKeiJMIyYcKLC2nsA%2Bo8xJenUbFfZgw5%2BSaH3n7twtrhGsH7XuV3eTKB3sbnjCAbP%2F93b83o%2F0sStTj%2Behq6f2OWYLhklov8B6kDJfQ4%2FoWXOzTUaejHvTUtfJq2vg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=05e3d5c7-5b7c-427b-b29c-37b5d3785a64&expiration=1691586545
date: Tue, 09 Aug 2022 13:09:05 GMT
server: Kestrel
content-length: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 838C 70 B
264 B 35ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 838C 43 B
153 B 16ms
15ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YvJcbIARC4WgLdt5YaNFkgAA%261164
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:05 GMT
cf-cache-status: HIT
age: 204
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "902a3d-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7380b9639e879250-FRA
expires: Tue, 09 Aug 2022 17:09:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71BA 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZMCRblzyYortAcaYx_AP7a2EuA0AAAAAOAHgBAI&bg=!PD-lP3vNAAZGjrx1Zo47ACkAdvg8WkUpuP3gz_9HXRfFy4XS6F9Jh7nxRCwSsL2_SFC-O1NDT5uQKQIAAAQ6UgAAAANoAQeZAyLWQbp73SuYO5orsctt0zCIzhTjk_W-LK78qd-ULgYJwgfL9NgHYD4OMUFQHcPNODuji3HLgeeE588v_wK-xSbMlaNXIQHQbBCgplhFRDJgCCVOdKNcDIO6mbOkAp1yt7xKYUBEsc-DcOpJ4lHpUO1ItvjcUZcGbfuZ66HEPGs211P7WTvqmEXhbD_989Uuk8L8dmUuQvwMc8X2VCSZcjQqLt7qhrgnKTjU7dJ8X3WD6-4hC804IxiGGVB90ZwF2PXN6xPdbJcunO0jmGWIVcCEQ63WpRYXr47cbHfOy1mDBlZ3FM2enZSSwMhthoX7IG5q9Rw-JMblgc5UOmdzuLP0ga6Jeb_4Qce4XPf7KP2x7vSI34OArrLHbDs1H5plUswociaNMCDQsBezc-miQ3EoUjJy3o9opLq9gnM1W0ePLNY4e6Kh8kGpVCnPJy72U6CcynIbCSYKF-Ly-8-2HsxzZLVaBnZlqFWsboN1NwfCRyG6gPJwIrtE5L3VVZWmGXEPkEj63FU0YZflCobzl-VKNyIs-524mV2f0o8NLCHjwAuWzQ4rUAHkf7Q5U-0jq1nY7jPSfIvw-pLOXMcZ2AAaRL7tjQUnfH6-S7lsBT5Zmhs25BM5tAsbfgQgJtSShZQD_40DUmOhgRl_es0CEQLbd-0LU20C17uXXWdY7-g1Cpc9EJ2N5dQvwjjuMDKmMiD5ItZFrSkWZChE7mZjrpwk-V3zcNxQooljoXqtQN9AV9CDbUHL716YpxehRp4gQt5d2qZTkfVp1n85By6AHyAvz3Gvtq8t8V8XiAiGvlDxdfqkblPdI7jQvzFa4k1Mg4Vpf90RJ6U0ZQzwwRBykvotjbkbch80wy6fKWJtw5LimO3ACidkMppX81JccJ12ZhJNhrdA8ye3KZ12pdh48uILSfiW0Y9GKPITHsPsDpuO9aOyeQGqS_hNT9bQQUE0bV8nEFn9fiooe4OylpaGdBrdl3FEej_wFVlKwMCR5fmXIQnY7KaA_n2TMENcKP7ykF6JykIXdKfhvtHWu8xLns8nRzzhmJFv8hWO03atboTFNetr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2442 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Ba5giblzyYpv1AYKs3gPmwpPIBwAAAAA4AeAEAg&bg=!sbKlsvbNAAZGjrx1Zo47ACkAdvg8Ws1zRlHLPucnzq-ZWv0sRgdNh8wiPiuwydtAdR7TkUfQt1nQSgIAAAQpUgAAAANoAQeZAzjx2WAAEAuQGFXwy0t8KK1HhRPrP3lzkuZ-HYdCx6vA6_pTnlZ0f60Urlj3fpv39WitItsQmNaihBK4IVlHrMJtH7UCH0u6RkfVAJYiLREtBLrypKDwFQELC3b7QJSyHQOxY_g6IYeOQpit5MxjvjAGwVUWnauC6htDFUAWFZABPO4lFqa5KeI6KwgkGISFvvm-azuO7UDM3UxY44g57FjZBrrCTZxZUfccQHgoGh3-3WlxA6TTNoKJ-ruVOWm9NtAqHzu3sPoXYFvejmb122hqwGaIIIB4RfmDSGk6LWmW9Um5D5HgQwjX41obVzlXNkwIa5mqIjRj-RLg-K9kblPjYzKgkAfKV_bPRPwf1S1m1RuidZMMkwMvI-at098GlNp7mkmT362VwcmWLPyKXIXQZv0wYq9EILtZmEmdSCNd8lJbRsK5gcW9-wTXupZrhQ6CqxRqHpeAPIX0zkW38HQP6jscXE5A6V5fYN1704iQ9jrKqmnUU7xxQqeHyp42gkyzdzdvWbDT0Vwz25WfDScIVu8_4bl0NZx-1OVV_oudsUe2Zdl7mDas8xbMirVrK9uG5Q6UmXErOrFOSfS2x0AbBq59B1bTi79ryY4HBjtmBqT5rDS1HHDQBWi3E-BjRjmiUq6jgMfTWkRlxw9Dhyk6nFAXZ-Xl65Dyb4a6_YPgSb62F7PdqUgcBB7rvVkzUIRUZV2MbfuGESvKVtxG30bA2ovHNX9EDR2YLncASdUxaGrFMrXnRCHgCWJJRnLvLe7BFO540_IDbCyf4vsq0Sm8puPRghYRNwNowznetNGZGml56r4nbUs5tgJqWjgnQgo2kNlTR28wTn6tcGDUEap0EmGaVz9mG6f7kYc9GIOVKsaUasqngocdgoHfIuk5WLImNSoAAz4CgOXvyXDBOvegli0rCXrD4kJSb1Hya-N8-n3eZD03yHkFTqsTvgQqV4GuS2rK6f7qbnyxj1Ugy6c-i9Qyf7FJLaZIuJWYXNrnS5AJ5oSWotyycYU4jmyvrleTfJCiBaiE88KLgurfxs-A5DsjDp7Q_gojkwNoH4F2L0MW2HILhRcDAd_knn2tYTgD6Ol7M8PBoQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 851C 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BN-RNblzyYu6GD-_L7_UP1sKFsAIAAAAAOAHgBAI&bg=!5-Sl5KDNAAZGjrx1Zo47ACkAdvg8WoHPHLn_vPv8KtXZ2jNhiJbokfDbVsBr4JbYOJmOFDRKGuWwegIAAAPmUgAAAAJoAQeZAxZOId-hkwZ0FN7XEqFoTeorR-1pbMlqdD4diaIdcx27zAzh3GuDUiX1OYGyuAW7wodRuGJiLcKIshaLYMwIeM78eCTmn7ZWIkPBWjiEXkhTrFOkOjXzkKoJ09W1TqyzdED7VddcWlWX7ocGvKbEuMntFZPHRpdZzmtAl2-JgV4kemgoLlZboYJNUEXKmNX4f4fW9oxCdY8c_uc8sfEsVjxrIPDXLKHUB64BTvNta6Xxw0pz4Cz4AbM3yAtpcxGFCKbvXvzyDOokhh7QOW6sU1j9W4L5uUgMgA_PnX_rRC96pSgkNSIW7XwWsvE0XsCLQbX7MWfXQlagL-el_hcCwBekDxXauCG0fCfz7XLa2U22urJWGRDL6bj17FrQ92V8x3i0kpHRHLJ8SZiIoYZ8Y-YQhPA0wuF06mywwpLN197wSDjn_KRyNSHPCWCA2WCqL5I6YW-NnCEcxuZrTIdpVkh6gB3_W-o8Cn-ED1bSZC8_jZaVWTK1mne4f0dLSsIVOwLCdiC4v-WY67ExeaY90CuhxiztUz15rGwxh63S1NxlyAyxC9Ldp0d4U7dvV4hzzm_gI2zHhM5qE6GoFrw2lHS9bhEw8R4SMtSNbIjLmPXPKdKIXxbF24f24GdyNCMnKeA-IXC1QQw-xC7gmtc6oaoIEcbIVIHft3n1_KHKS01IoIu0Fb_HactV-bTEzrj_-5vXmhpKrjXTKJTLSU_4vCgZ229ir6SQ4jC6ie5_-3JAzZ6gFYQySpV-2NZkS-0N2fHDVPizdS92Dx2W9Z19mhmHtTjE7kftTEEWloPa0FUe8zui17_kW96X2oDEdSeCTCMeyAvZbH2bo7Bt5ulR2dWjzLdV3FkVNYIq7jy5saovNxE_XfEONl1kHLk03P475oa4h4dZSWEnETybsM-2oZG87pagXB3VVA5Tslqqq0RpTiki1MAFc4I6LpWNZCegXMTRfe2Exap80dxiS-YgZ8Rs1_T8ptK7Y4MMZZVcc0EbwW6WUXFR4v56SifEV6JaQytdA6whf02YFuZy07M0YvjWyn6UFsHP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C082 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrSNfblzyYpq8C4eigQfsjpCgAwAAAAA4AeAEAg&bg=!OjmlOX3NAAZGjrx1Zo47ACkAdvg8Wtgbkjktz8O_0tMS5d33JvUhxK3xAlTOsi14T5PbZnY3Nh-7bAIAAAQ9UgAAAAJoAQeZAyIKZqREsFGhM1Dpb3hyluGArixnX75pnad9_uYDoIzr1AsoiwvksEt895FuwTTpGl07Bd9HXosuKoeBYJYR1Fqdw7e6HWuafmPdyTQLrOONQbh4QOSWAQ0Y4LCLixlkcoX8-CvwP2ykaiRMEAFyV_pGWVt872leC2mmK0IsDFDJl0MjPXluL2rRjndsPmUFIJ0YIqGGEzJMpppHHyWMW5_NQqHcQKAl6o6VVHv0rCwVu9VTA4s35sh8roHfWZKtaFOmlWsLDUiIIYkvneeQsKhrLxQP6orzFKCUlZkdo-Gt2wpW1W8WlYKlfI2jzuvSUVZsP0IfZDGisgtVCmKU0x91Z_vK-xgeimnpZEpX9hlTj8aCVyPnqs4HrApJOWmlzAEtCCnGDFtpHQp_a3_EjxvXllkDWTvnzzrFyVpQSSrsHJgOMSqGcv8mWUF_0_V66wgjPP1drEtMcw7G3AJxsc08XxgSeUcnCbdCY9DHGaz7yLEk3goS7GYwWfdq2GrZGoIjytG2RwbjdNiyDwl2JkIDfoF-NXw7fZ7Fulm8lLh4LDPsk_lqWaMlLs0mBap_jkA62r0KhtWwzHxpbRejrmT-Oh3CfH6MpJ55rzhRfCQR2svGNrE5JiIdrFNDOaJJ17o3O83Chm7gk60O-D2e1kci2386lvvOri4FQ1ovd1HYtrg0hOIlaFrhbwHyD2EdbEuRDBy6z9JRJrQnTZFJjfTDpBEARnOkPffowuNBPFJRQVU1DtD-rz897DvLv3k0Ipf8mj3GB5rjkfanWEvoweqizk96YXsYgaprX1lnwRbU_ePMq-KQGl-sYkGtUwudsbIp9SPLheBT2ptS4PRM0K0iD9t6-GZiYU7V1uxdNmgvus7jTFceT4vuS8CL4YceCl4hDpouaCbLxphzBho98BB-aLXlRduQeGP8CdvhDBh2Pk8S55r1wMORTntmLKqwLHIokxS5IEr-Qv1Wl76pIOrx8oZbbdpKmTv8L5tQtLS9rx0JoVNo6DdUPPp8jFi8dsETzpbixUWl6FCGUzrnQFzmnft32Z1mkCMWcAx_xmeLGpUf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 97ms
96ms Image
text/plain 3.216.238.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.viva.co.id&rs=www.viva.co.id&sid=24926&t=1660050544&cip=81.95.5.36&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=59c90be728a061224b14efc8&test=&aafaid=&proto=https&uid=1660050544268-942408671995-008325-011-000789&cha=0.05&stagid=618143eedaf7e149fd14cf49&stplid=617fa77dd82e8945417e5095&d35=&d36=6.2.41&cb=79674550307&apppkg=&d9=1000&prbdres=Data%20Center&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=416&AV_HEIGHT=234&&ppid=59c90be728a061224b14efc8&nid=58fcbed1073ef420086c9d08&pcid=61814395a7c8681364723669&ncid=6181431f05bc9a7d8219d178&pasid=61814354b76e7d340a3c5017&e=bid&cb=1660050545780&asid=611e999e5f711c0601794560%2C62ea3418c26cba2e2a2f1fd4%2C628106aa4feafd44041e4e37&ofpr=%2C%2C&fpo=%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.238.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-238-203.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:05 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame CF8E 3 KB
2 KB 11ms
10ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Aug 2022 13:09:06 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 11B3 1 KB
2 KB 33ms
32ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e19fbff61c66ead0b50ab6259523d4fe594cf043a4f86658427a746cccc6d59a

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7380b96aaa899bf5-FRA
content-encoding: br
content-type: text/html
date: Tue, 09 Aug 2022 13:09:06 GMT
dropped-udsids: 4|88|3|64|17|81|188|190
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pH67sKzRGPHe2TKZnNvzIGJFiPvc1qkIMNRYfb1GpIZc4MokteUBpdNUM76k9u64Hq3Vxh6%2FhbawtN4gvLTHQt2RIzx8UxPsXqWBAiqjrVEAo77ku%2BZ2dS95vaNvQgWxZ5oUkI5WAqxLfw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 11B3
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7515551589395905908

43 B
910 B

34ms
32ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7515551589395905908
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7380b96b99249b33-FRA
pragma: no-cache
date: Tue, 09 Aug 2022 13:09:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqdLs%2FBta3tf5OVU%2FjWZBR%2BGfEU8gRaEBKXhhPaEwoGmblB7R7Azw6B3snCSziL3mVXdAqGAPMtXf1Awj5ArF%2BuONfiKFvw8Wc0rdW7Uqj6Qc6QsQB2Fk6PWZ2XqhDcc5eGpNJTdmDqYBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7515551589395905908
pragma: no-cache
date: Tue, 09 Aug 2022 13:09:05 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 11B3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YvJccgAFKfypkwAK
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvJccgAFKfypkwAK&gdpr=1&_test=YvJccgAFKfypkwAK

43 B
905 B

42ms
41ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvJccgAFKfypkwAK&gdpr=1&_test=YvJccgAFKfypkwAK
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7380b96bf9bd9b33-FRA
pragma: no-cache
date: Tue, 09 Aug 2022 13:09:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rznAgGppm4z3M273NN86y43YOnintekcuGLTmzxarTOeqgmqrUs50URj9RFVeC%2Fu0XHQAI3dsuVIi4kOs05os9sDpFZ6NrO2%2FQnI491xCyEyjflFpleT892wgXhWq3FgrjFJQx1DCg7BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660050547.540335,VS0,VE0
x-served-by: cache-hhn4054-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvJccgAFKfypkwAK&gdpr=1&_test=YvJccgAFKfypkwAK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 11B3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=073362f2-5c72-4100-a91e-c7848ba6ffe3&gdpr=1&gdpr_consent=

43 B
912 B

26ms
25ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=073362f2-5c72-4100-a91e-c7848ba6ffe3&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7380b96ece6a9b33-FRA
pragma: no-cache
date: Tue, 09 Aug 2022 13:09:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rA4rrNiK5J5%2Bx8AMu6oRkq5YGwP6KP%2FlqxR%2F1XQuDqCwIjrE66FnoP9ZRj2f2cgl6b0Rd21X%2BJDD1UbhMIxM6q3Z5LhiVZTyqZGLb8Escqu4BOEErOyUC16odIXZHLFF25ZE%2FU70mUGuLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Tue, 09 Aug 2022 13:09:06 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x8 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=073362f2-5c72-4100-a91e-c7848ba6ffe3&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 Aug 2022 13:09:05 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 11B3 0
191 B 6193ms
3893ms Image
text/plain 66.155.71.25

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 -, , ASN (),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:12 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 11B3
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

43 B
913 B

26ms
24ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7380b96b99299b33-FRA
pragma: no-cache
date: Tue, 09 Aug 2022 13:09:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FZpC1AZqldnuiD6PzYgsEwmG4MKOCM748x9biGbsSW3B21Or5BpgJ5ME8iX4wHmoYaukYEHLDqEjBq8M%2F56J8z3l%2B486aV0mYGx2T%2BAYNGPY8dyBBsxfIxt7FsD53UD%2B3Ua0hvhENn%2B%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma: no-cache
Date: Tue, 09 Aug 2022 13:09:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 106
Content-Type: text/html; charset=utf-8

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 11B3
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=0mqyIdE74yHJbrclgW35KodstyLJb-Qrgm1uj0yQ

43 B
911 B

29ms
28ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=0mqyIdE74yHJbrclgW35KodstyLJb-Qrgm1uj0yQ
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7380b96b68ec9b33-FRA
pragma: no-cache
date: Tue, 09 Aug 2022 13:09:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RfZes7Qc4mI7%2FrSHrbyAnkOLk9KADyW%2FQwYmA9PmHMY%2B1%2FexvWe6Q5qVleGehcshkFz93L%2B0RFG8jeDEQxiKlS2162%2FJHMMl6U45Gg8VYH28dbwswGa2VYOeW1H6Vdj36ONJM2NrKr3cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=0mqyIdE74yHJbrclgW35KodstyLJb-Qrgm1uj0yQ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 CookieIndex
rtb.adentifi.com/ Frame 11B3 0
35 B 335ms
100ms Image
text/plain 54.160.109.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.109.218 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-109-218.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:06 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 11B3 0
0 43ms
42ms Image
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 11B3 43 B
153 B 15ms
15ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YvJcbIARC4WgLdt5YaNFkgAA%261164
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:09:06 GMT
cf-cache-status: HIT
age: 205
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "902a3d-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7380b96b0ed69250-FRA
expires: Tue, 09 Aug 2022 17:09:06 GMT

GET
H3 200 m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png
s0.2mdn.net/4528404/ Frame 534D 157 B
188 B 8ms
7ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c32d94582973c620eee44273526d176fdbca5b8b36505c6142ed3c90c71882b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16970601419685475928/index.html?e=69&leftOffset=0&topOffset=0&c=2XDIhSTYhY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:00:30 GMT
x-content-type-options: nosniff
age: 76117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 13:08:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Aug 2022 16:00:30 GMT

GET
H2 200 dc_oe=ChMIm-T3luq5-QIVApZ3Ch1m4QR5EAAYACC6vfdKQhMItv-jluq5-QIVhZL9Bx1QbQKf;stragg=1;&timestamp=1660050547971;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame D502 42 B
494 B 211ms
44ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIm-T3luq5-QIVApZ3Ch1m4QR5EAAYACC6vfdKQhMItv-jluq5-QIVhZL9Bx1QbQKf;stragg=1;&timestamp=1660050547971;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame F449 11 KB
11 KB 8ms
7ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/m5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4450ea25a2cd96ef28f12b921b645248e76d4fc7389dbed6c183cc91cadef186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=c5kpQVAqrH&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:05:41 GMT
x-content-type-options: nosniff
age: 3807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10927
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Aug 2022 12:05:41 GMT

GET
H3 200 lstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png
s0.2mdn.net/4528404/ Frame A445 29 KB
29 KB 10ms
9ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/lstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43eee97b916f7cae9cac6a504204f9b845ccb1c760f882bebd36fd6138948fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=UTESbWjBls&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:06:10 GMT
x-content-type-options: nosniff
age: 21778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29864
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:03:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Aug 2022 07:06:10 GMT

GET
H2 200 dc_oe=ChMImquBl-q5-QIVB1HgCh1sBwQ0EAAYACC03uxKQhMIvv-jluq5-QIVhZL9Bx1QbQKf;stragg=1;&timestamp=1660050548162;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 8CB0 42 B
107 B 47ms
44ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImquBl-q5-QIVB1HgCh1sBwQ0EAAYACC03uxKQhMIvv-jluq5-QIVhZL9Bx1QbQKf;stragg=1;&timestamp=1660050548162;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI7vWEl-q5-QIV7-W7CB1WYQEmEAAYACCQvfdKQhMIvf-jluq5-QIVhZL9Bx1QbQKf;stragg=1;&timestamp=1660050548164;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 2653 42 B
107 B 45ms
45ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7vWEl-q5-QIV7-W7CB1WYQEmEAAYACCQvfdKQhMIvf-jluq5-QIVhZL9Bx1QbQKf;stragg=1;&timestamp=1660050548164;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:09:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 288ms
96ms XHR
text/plain 3.216.238.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?r=www.viva.co.id&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&d36=6.2.41&apppkg=&fv=3&proto=https&clsid=229dae99-d595-4ea3-ba1a-457cf63e6233&rando=35
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59c90be728a061224b14efc8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.238.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-238-203.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 09 Aug 2022 13:09:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.viva.co.id/	1970-01-20 05:10:23	Name: vivID-article Value: {"content":["1500649"]}
.viva.co.id/	1970-01-20 05:10:23	Name: _vivaSectionCounters Value: {"berita":1}
.viva.co.id/	1970-01-20 05:08:56	Name: _gid Value: GA1.3.1659064428.1660050539
.viva.co.id/	1970-01-20 05:07:30	Name: _gat Value: 1
.viva.co.id/	1970-01-20 14:43:30	Name: _ga_YFFX5TN9EH Value: GS1.1.1660050539.1.0.1660050539.60
.viva.co.id/	1970-01-20 05:07:34	Name: AMP_TOKEN Value: %24NOT_FOUND
.viva.co.id/	1970-01-20 14:43:30	Name: _ga Value: GA1.3.498688345.1660050539
.viva.co.id/	1970-01-20 05:07:30	Name: _dc_gtm_UA-85211792-1 Value: 1
www.viva.co.id/	1970-01-20 05:50:42	Name: _pbjs_userid_consent_data Value: 3524755945110770
.viva.co.id/	1970-01-20 09:26:42	Name: _pubcid Value: 14889352-fedd-4fd7-980f-cf2564401141
www.viva.co.id/	1970-01-20 14:29:06	Name: cto_bidid Value: dnjSaV9uV0NXVWwzdmw4aXdKV1pyYUs3SXR4NWxBZVoxY3NQZHV2ZDd6WW1ack9wZUZLeVF0Z0ZKYUNxRkRiaDk4T3ZTTFJpQjhDUU1pN05ibDdoMnVRdTVSQSUzRCUzRA
www.viva.co.id/	1970-01-20 14:29:06	Name: cto_bundle Value: JU34cF9kNU15UzJ2NENjdjc3JTJCTVFPTDJhdE0lMkI5RGl4JTJCcWZjRGpMazBubUpJSjhNMUZ0V2k1ZXQyZXB3d2p4JTJCaEslMkJkcW5KNmMyNkprYjlZMG43S1ZPOW1aVGdnVWVBT3hzem9hZXdOM1Q2QjBGTHdVN3Z3MjElMkYlMkJ1YW5UMUpQUmYlMkJDVUc
.casalemedia.com/	1970-01-20 13:53:06	Name: CMID Value: YvJcbIARC4WgLdt5YaNFkgAA
.casalemedia.com/	1970-01-20 07:17:06	Name: CMPS Value: 1213
.casalemedia.com/	1970-01-20 07:17:06	Name: CMPRO Value: 1164
.doubleclick.net/	1970-01-20 14:29:06	Name: IDE Value: AHWqTUkYFmAwh24CEZ8t79uO80RnepFV1f7iXkAz5iobaqF-cRDjK-RiLBO2GHmtkVY
www.viva.co.id/	1970-01-20 05:07:34	Name: _lr_retry_request Value: true
www.viva.co.id/	1970-01-20 05:50:42	Name: _lr_env_src_ats Value: false
www.viva.co.id/	1970-01-20 06:33:54	Name: pubmatic-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-09T13%3A09%3A01%22%7D
.viva.co.id/	1970-01-20 14:29:06	Name: __gads Value: ID=57b8802168109f88-22ebef1febcd00af:T=1660050540:S=ALNI_MZxnDfYLeLqt-3tzF5l9nZSENM1dQ
.viva.co.id/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1660136941786
.adnxs.com/	1970-01-20 07:17:06	Name: uuid2 Value: 4267687402089528498
.adnxs.com/	1970-01-20 07:17:06	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?do1zC4!]tbPl1M>e)ZlrFUfJ+tGXxp)<[%EzX<C0h@*]%JU[sCM[11:0Q<9dH0eA>F3If)y3KL9D3I?+B9Te/p
.yahoo.com/	1970-01-20 13:53:28	Name: A3 Value: d=AQABBG5c8mICEK2UCpOxYhxc29xNYMC87P0FEgEBAQGt82L8YgAAAAAA_eMAAA&S=AQAAAuwSwgk4qf5DA506c_8hMzw
.spotxchange.com/	1970-01-20 05:47:49	Name: audience Value: 70bdff34-17e4-11ed-bbcd-124172220506
.analytics.yahoo.com/	1970-01-20 13:53:06	Name: IDSYNC Value: 18yl~26hp
m.exactag.com/	1970-01-20 07:17:06	Name: exactag_new_gk Value: 16406de60f454c889a1c804584f73202%7c08.10.2022+13%3a09%3a03
m.exactag.com/	1970-01-20 09:26:42	Name: exactag_new_uk Value: 780415c302244b6391010a6788ebfd6b%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: a0e43cd646cc40b186dfece5
.demdex.net/	1970-01-20 09:26:42	Name: demdex Value: 25673986239843702770759959756568163337
.doubleclick.net/	1970-01-20 05:07:34	Name: DSID Value: NO_DATA
.skydeutschland.demdex.net/	1970-01-20 09:26:42	Name: skydeutschland Value: 25673986239843702770759959756568163337
.rubiconproject.com/	1970-01-20 13:53:06	Name: khaos Value: L6M78E38-C-F8VJ
.rubiconproject.com/	1970-01-20 13:53:06	Name: audit Value: 1\|hLZGFuTafB2sbNU1qJO/igrDf4jKkIRTCr8ECAz8qItlCPMVQ38XGnqqOOBO/LP8Injqxjv/0DDjXijoh3MD7gBTHIvgcKZu
.owneriq.net/	1970-01-20 14:43:30	Name: si Value: Q7133369451404983512
.owneriq.net/	1970-01-20 05:21:54	Name: p2 Value: cc
beacon.lynx.cognitivlabs.com/	1970-01-20 13:53:06	Name: UID Value: 05e3d5c7-5b7c-427b-b29c-37b5d3785a64
beacon.lynx.cognitivlabs.com/	1970-01-20 13:53:06	Name: ss Value: gQKH%2FeqwNmJ8xvqEMaYWPUnMc3I2uDRuxr197CW6wlT10Khh50G5MBc%2FAag4YpzAE5SMcAjBSLZKHKEPkES%2FvA%3D%3D
.casalemedia.com/	1970-01-20 05:08:56	Name: CMST Value: YvJcbWLyXHIA
.casalemedia.com/	1970-01-20 13:53:06	Name: CMRUM3 Value: 2762f25c700b40&4962f25c7005a0&bc62f25c7205a00&5162f25c7205a0&4162f25c6d05a00&ce62f25c7005a0&6f62f25c6d05a0&2d62f25c6e05a0CAESEBWLPGH0jIFBvFvracYvcaE&be62f25c7205a0&2e62f25c7005a0&0862f25c71276005e3d5c7-5b7c-427b-b29c-37b5d3785a64&0462f25c7205a0&5862f25c7205a0&0362f25c7205a0&f162f25c6d05a0&4062f25c7205a0&1f62f25c7005a00&1162f25c7205a0&e662f25c6d2760&8262f25c70a8c0&3362f25c7005a0
.quantserve.com/	1970-01-20 07:17:06	Name: d Value: EDUBDQHoJrjvsQA
.quantserve.com/	1970-01-20 14:37:44	Name: mc Value: 62f25c72-6c6e5-9c4c1-708f5
.turn.com/	1970-01-20 09:26:42	Name: uid Value: 7515551589395905908
.everesttech.net/	1970-01-20 13:53:06	Name: everest_g_v2 Value: g_surferid~YvJccgAFKfypkwAK
.mathtag.com/	1970-01-20 14:33:25	Name: uuid Value: 073362f2-5c72-4100-a91e-c7848ba6ffe3
.casalemedia.com/	1970-01-20 07:17:06	Name: CMTS Value: 1161

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.viva.co.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j Message: The resource https://thumb.viva.co.id/media/frontend/thumbs3/2022/06/04/629ae1b5f0f33-kadiv-humas-polri-irjen-dedi-prasetyo_375_211.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://www.viva.co.id/berita/nasional/ads.pubmatic.com/AdServer/js/pwt/157512/4157 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
javascript	warning	URL: https://www.viva.co.id/berita/nasional/1500649-polri-bicara-waktu-pelaksanaan-autopsi-ulang-jasad-brigadir-j Message: The resource https://thumb.viva.co.id/media/frontend/thumbs3/2022/06/04/629ae1b5f0f33-kadiv-humas-polri-irjen-dedi-prasetyo_375_211.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7d59ac299cb4e7b324f7cfd6a7eeb729.safeframe.googlesyndication.com
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
api.rlcdn.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
c1.adform.net
c2shb.pubgw.yahoo.com
casale-match.dotomi.com
cdn.indexww.com
cdnjs.cloudflare.com
cguke-9h64o.ads.tremorhub.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hitlog.viva.co.id
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
image6.pubmatic.com
js-sec.indexww.com
m.exactag.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.quantserve.com
player.aniview.com
pr-bh.ybp.yahoo.com
prg-apac.smartadserver.com
public.viva.co.id
px.owneriq.net
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.adentifi.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
skydeutschland.demdex.net
sso.thevivanetworks.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
t.pubmatic.com
tg1.selectmedia.asia
thumb-jagodangdut.intipseleb.com
thumb.intipseleb.com
thumb.viva.co.id
tpc.googlesyndication.com
track1.aniview.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.viva.co.id
x.bidswitch.net
api.rlcdn.com
104.111.242.245
104.18.18.126
104.18.19.126
104.96.159.65
142.250.185.226
142.250.186.66
151.101.66.49
172.217.18.98
178.250.0.157
18.140.153.200
185.29.132.241
185.64.189.112
185.64.190.78
185.64.190.82
185.86.137.17
185.86.139.114
185.94.180.126
2.21.184.200
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
209.54.182.161
213.202.235.8
216.58.212.130
23.35.236.247
2600:1f18:612b:4216:6ea2:7e37:6642:1ce8
2600:9000:214f:9c00:8:48e:53c0:93a1
2600:9000:214f:e600:18:d576:df80:93a1
2606:4700:10::6814:9670
2606:4700:20::681a:a69
2606:4700:20::ac43:4677
2606:4700:3035::ac43:87f6
2606:4700::6811:180e
2606:4700::6812:c4c
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2006
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9b
2a00:1450:400e:800::200a
2a02:2638::1c
2a02:26f0:3500:c::5c7b:6843
2a02:26f0:ea:4a5::2c79
2a02:fa8:8806:12::1400
2a05:d018:d29:3601:f3cb:95d1:14be:450d
3.125.77.13
3.125.91.92
3.126.56.137
3.209.155.158
3.216.238.203
34.251.71.171
35.157.246.167
35.244.159.8
35.71.131.137
37.157.2.238
37.157.6.248
37.252.172.250
37.252.172.37
52.213.150.8
52.213.154.120
54.145.157.73
54.160.109.218
54.220.95.67
64.202.112.159
66.155.71.25
99.86.4.3
09a586f9350bcb33ab0ee67d633e9a4cd92061b87aa3ede6a509b7a2b184d7ec
0b7e453f56b14780317e486bfe8714241b2b58cc97274a319ceaee663911b88d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c55beaa8e467c49ffe62125e2bc5e503470c88838a90a309765d210d5086de3
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0dd2c416c3dfcdc1f48962dfd1310e72467d51990916eaf20ef26297106b685f
10981f8f2382369aa0e2033491f5b532e3e238719185364406e3891ee7339f4e
1215ff0b47504b87563fc96ac063563a8947f05be82d3b9ce47e447b0195659c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
158ab84bc5d10014123b29208acdc91bf3bf802096c56108177f9733948ccb26
17dd14b958beeb8ed240f79dd382925473680c8ae527badf403326bd61f1dfe0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1d2d7bfeedfb8ef436e0dbc770e4b153c523e5f90cf640dbdb0c0aa047338553
1e521500863df6e0d7720de7fbc7f19d2ca5c38ecabf84c89d3e2401b10ac994
1eb0b5ea52088e86fc2e048e4033c97f37703060079555ec9d11451e10292275
24affc17276fd2ddc409767414d0e21558be763f5ffa5fd112e261bc3323caaa
24fe63307e2903b2a4b2d80c28383d91861dc9ade1b28feac920e9f5f7b7dddd
2754ea4be826ac173d67f7a3bdde928f64a4b1ad7cea6074313fd148164e130f
2810489196e07113ef9b90fbac0e50eb46b9fd5881840a467ce0d3116bf4f8d0
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a8f634b20c7756e085237bfa16fdcf66430d049ab8239a89ff21a22d82e0e63
2c430d789b604e2db2f843b495b687bf0008c7e30b352da6fa89111d8f3755ad
2d1282f3fab624b88c76dc91d5057a5938b37c504e2f08bde57db6e72ef7b249
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3598904c37872028224c7b16ad66bb8950619a34fc75c6e90a6034fb7c65cb65
36c13e7d4ca5f849cc56ca5f3bfec462d21e7726759ed48ae54975a2a4f8c8a2
3789e705e8d28714755ed298479b5711dab64746d48231eeb638be4ba7d0b1f6
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
386006b955e18d0248291f11eed65331eddeaa81b94326c4c5e24443946ea480
388bf997e8dd4892f6050913eeb084d6d89fd183da52e41b01b25ddd44ea07d6
3a88ea7c27c4e99a4114c3a490bc1c59c51f7ccb6a8a5f13c37d35005b7af2a6
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
428c8958a3ad90a31a88c8ea0334d583cf8ccad65a2424e6798d3dbe559c9971
4294dafd76c4bed2decfdcec4910663f6e53570d1e10b7fc7b4eb5fbbc845d29
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
43eee97b916f7cae9cac6a504204f9b845ccb1c760f882bebd36fd6138948fca
4450ea25a2cd96ef28f12b921b645248e76d4fc7389dbed6c183cc91cadef186
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edd1d4becaa5835f632c8ed70af24ae3d974e85ce293da7abb7748b37597c36
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e2718b4b437edd86140d80891cf912e88267f780c14656e84f27a38b10f48b6
5fb18c3b3a0a27087792102ed11ebf664ae6fff2591c2a66068045fe2a93d117
615424e847264fd984685b881aa14b995a5f0ffcfb84ce22acc9da2fc54f1ffa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a82ed499909e2232b1bdc3807b4d81bb6497115338abc33d60472c8f0f7bfd
64731d431c09555e49356dd7f8e691b489ec15b408b226399def54712e80fc22
691129c7486134cdb3d888a1edbf9db4bdc3decfd8220ec633806f1459de7dd2
69c095218a41f63c1fc5a108346fa31503577aa41fc00a9fb99bcd6e942b2ee8
6a26f472970788e1b9638b18961c8932d2c4c400b9d2c258e6c562ca770ba14c
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c32d94582973c620eee44273526d176fdbca5b8b36505c6142ed3c90c71882b
6d656f49ac878039d3910fd7c6e03b2c56998038a48acc6a57fb83b2eaceef50
6deba70872d53206707dea7ba2d4c35204312df08e042b3ad3de3fd5ad2f2e34
727711e56af2bae60b9f1c96a71d7a1b806e0f3d887e29374f010edcc44a975b
73a69cf2a641205f7113f570db28ad9c33d2e517fa9a0f37cca7d8c46ad3e8c5
73e92096e61cc5ea7df6db98368b62ff1f624918e8cdea8ec8c51022426dbe8c
766550f9e927fbfb19c49aced320ac65894807ddfb8956dbcc61ed3b5d3800c5
7738f467c74a594b06e0473992e29b04e2376a56a328dcaf5c99bcca41fc58a9
793b562180e95ad56b9da560740baf2eacc9577ffd386ad95df5fe03d1bdd85d
7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7c67232fe516ae269b33b069828112b46fb7c1db1f58c84c6aed6040bbc68f32
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82abce0fe71054b83fd78d28aeea185d5423e823a6a3c556daed054ffa8ec0d9
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f99f8a0d8dab1f2bb81a8cf28d62cac63e85844d5d2778800c84a7a1a6d13
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84714fb67f035a8801213a5623d70a6b8ff162d57b8649f21711e40456594422
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
86041deaeb10616b1102766fa83a40f8a044e2fb830ff126fb8ddc8c69e2eecd
86733d07b26242abc28ae6ec48b96d69a8fb7abb27566e10109e69b5a6879908
897b0eda2eb5e7df39acd929ba9f3f0b30d84594239cef6874c91aabff9e3f98
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5
8cf9cf1a777791f780843d27b7ba52d23dd1b6521baabbdfce3f8110dbeac2f9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da1c86cece1ee47fbd06909f849d756ca6fd365ad8f25d4c18763afa609689f
9198fbbbaca75f4e78447e8e5b6990797c9523d5ed46989bdd6da7918f44daae
92b779397147c125472f7c857ef7dfd9a0bd59125910e5616d8940e6ece95be1
9311a4e9fd3ebb8e7e7b99925032194780f611adcf0ecbb92666393109fc3e27
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97f6f81b224c70cf2431f07287d287446129697370b4419a9b82838be0ea0174
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99f9762cd613e0d36e9bb53f8c51d5e4c5393d3452e34e9dd532348fe3489475
9c47430da76da0209f1165ec842295831babdcf9ede29c951b01016dd846cba7
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0bb7323b5dd23e9e6158fce17af9d02401aeb1a620f2cabf19fc96fff4aa121
a0c3853f05c428e1d3fe0e62a49f24d0f8c93cae351ed04a4ba96ec6c943c515
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9b0999f439d6fc07e37171f45a1cef5a75c419dcfcc28321ec6f2ce12011b07
ab04eb1a2b7dffe87d2bb199a46e89b23cd2e679a605e18508141150f959b712
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acc6c0c5b2f3c490bacd236cbf6559dabb1843a5d32cba79014c555b45b63220
ae5f2df856109a86820c1a9a5599f89ea22884b247fd8bcaa46a53e30c624fce
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b00b23df1ba3482972e5ac3fdc7da3a84030bd46d7b1b3e6a36d57bcb0fb8d05
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5cbe56185a635568a0463252c97c707019192d1d2f8862598807d6bfbca2565
b8d673259d0bfc678aacef4e63f8ea06ec4b8694faa22927ec51e4a79ee5976c
bc5e335fe3571dbab8bca01a367f3876191db95264692139b626c80bff6dc39d
bd9e672799f3e908f9ae536c42eabb6b4300c935f5d80bed2a5a77509918578f
bda036a0ea2e4700d72fd4ea5c7b2d12373e821bfc84d042d77f8d4ad53a1e64
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
bf864bfbce5f7966b3a66accaaebfa40f91ece92736162376044cdc8592d92d7
c0808f662793f22610594d4a8c6d5421215c2931348fdb4357465b2672964a55
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c405bcd8f92036855018ea498b39743853763006f991c0c152d92029c38ba827
c8aecaf0910df9ab7bb964aad82d5baece1ef8e73339f0c47d810fa82ac6b9a2
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d7a4044c362844a24d59f4a9a9cee9ecdfee4a80c659009f51b7216cf31b26d2
d8825e6c38403c234f6228f6cbeb88c276f0e62cbab1900d044cb8f5c2d0472b
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd73fc327f5d12b10b6874cb2ac6fb81cc013c402f761e2804e36b94784c52bb
ddbead4c3777bf55f3c9b842f5ab629388e31a5f15c7e63ed14604e5b431fff6
df73c4328a93031c6ebb5f574b18049d22caea26deb574b9a7e446950b04d376
e022cd8e03c742cafe5434dacc2b17df5af506391fcca7623780fab53d6e2a73
e0a6c0a5e14a8e83a6d486d3964d00f445d9843d0ea0ac41274f03f42bd77c9f
e19fbff61c66ead0b50ab6259523d4fe594cf043a4f86658427a746cccc6d59a
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4028bb95dc9f5b5f35f011f1fb6343a96fd8fd3cb4c53737216ba3206e00fef
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5a0c18d3f6cd54b3473615fb71782d6778ffaace573e65adadd1972b2416299
e60ff093b0ed7c01c5af9b1a10cc7493b53fc2d2ed0fa12420fbf1a62d00d3e1
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e92131580be33adc0f7f3e63a86eb2fda7a504d599e1347cef2dba0ddb5ffa45
e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3
eb0ed266df6b43907c5ec8effd1d4aa79ee8462f6635f1a25d259502ae60ecba
ebe6979431babc06b601a53944eb95ad3531366427479effeded90a4fcc75d17
ec15f98604211de09a04020860148a98124296e8ce00c461f5fded4eb0ff9d47
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef0423678b64273b3ed7c54d42b196336fbf0d0114fd7b018fe3848fcc42478d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f0f8be4a2ca2e2c750fb1df86aba77c6466ff803172b6f755ff53086f48386e8
f473bc5ead6849819ffd68a72d9665fb8905fc7f54b9583bb37cd660addaee30
f4783048d046dd9f29d821a83bc0317ffa15af2820ce34d9dfac7d4355b353ac
f6cf6d5639ffcd747e54049ad4bdcca846425e4def6279d2f012c497b2bc2521
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
fbf0af2030686af9c2b66c8db72742c57530aae9b91b7ae8e3700a24e32578b0
febbd9b8b248dddea8c720b35214fa6fae44c4b868eba6f77fdfdbf082dc0629
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff393d6091ca6df956a189411d7f152ec4957f71b09ab2a0ae3d6089c7a5ce16

www.viva.co.id Open in urlscan Pro 2600:9000:214f:e600:18:d576:df80:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

346 Requests

92 %HTTPS

48 %IPv6

49 Domains

88 Subdomains

76 IPs

11 Countries

3990 kBTransfer

8546 kBSize

46 Cookies

38 Outgoing links

Redirected requests

346 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.viva.co.id Open in urlscan Pro
2600:9000:214f:e600:18:d576:df80:93a1 Public Scan

Screenshot
Live screenshot

Full Image

346
Requests

92 %
HTTPS

48 %
IPv6

49
Domains

88
Subdomains

76
IPs

11
Countries

3990 kB
Transfer

8546 kB
Size

46
Cookies

346 HTTP transactions
14 data transactions