www.tvonenews.com Open in urlscan Pro
2606:4700:10::6816:31c9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tvonenews.com/liveHidup
Submission: On September 10 via api (September 10th 2023, 4:44:00 pm UTC) from FI — Scanned from FI

Summary HTTP 273 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 64 IPs in 13 countries across 66 domains to perform 273 HTTP transactions. The main IP is 2606:4700:10::6816:31c9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tvonenews.com. The Cisco Umbrella rank of the primary domain is 273033.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 16th 2023. Valid for: a year.

This is the only time www.tvonenews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	2606:4700:10:... 2606:4700:10::6816:31c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
7	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.165.201.38 18.165.201.38	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:a000:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.217.255.105 54.217.255.105	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
22	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	52.95.126.138 52.95.126.138	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
3 3	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	52.71.98.102 52.71.98.102	14618 (AMAZON-AES) (AMAZON-AES)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	72.251.245.181 72.251.245.181	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	35.214.217.220 35.214.217.220	15169 (GOOGLE) (GOOGLE)
5 5	34.253.165.174 34.253.165.174	16509 (AMAZON-02) (AMAZON-02)
8 8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1 1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	63.35.30.113 63.35.30.113	16509 (AMAZON-02) (AMAZON-02)
1 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	34.238.5.208 34.238.5.208	14618 (AMAZON-AES) (AMAZON-AES)
3 4	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3601:7665:e1fe:4dc7:2c74	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2 3	18.196.96.246 18.196.96.246	16509 (AMAZON-02) (AMAZON-02)
2 2	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
20	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
45	2606:4700:1::... 2606:4700:1::6813:814c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:2eaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	34.102.163.6 34.102.163.6	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.164 213.155.156.164	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1 1	141.94.161.158 141.94.161.158	16276 (OVH) (OVH)
2 2	141.94.171.213 141.94.171.213	16276 (OVH) (OVH)
1 1	35.186.154.107 35.186.154.107	() ()
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.88.86.2 23.88.86.2	24940 (HETZNER-AS) (HETZNER-AS)
4 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
1 1	15.235.15.221 15.235.15.221	16276 (OVH) (OVH)
2 2	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1 1	64.227.64.62 64.227.64.62	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
273	64

30 2606:4700:10::6816:31c9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.tvonenews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thumb.tvonenews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i3.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i4.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.201.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-201-38.lhr50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:a000:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.255.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-255-105.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

75fdcefb707fd62ca22644514e2c4741.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.126.138 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.46 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.98.102 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-98-102.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.181 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.217.220 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 220.217.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.253.165.174 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-165-174.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.30.113 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-30-113.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.238.5.208 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-5-208.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.133 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:7665:e1fe:4dc7:2c74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.96.246 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-96-246.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.172 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:1::6813:814c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:2eaa (United States)

ASN13335 (CLOUDFLARENET, US)

js.content-rec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.164 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.161.158 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-1.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.213 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.154.107 (None, ) 1 redirects

ASN- ()

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.122 (Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.15.221 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.243 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)
PTR: ddos.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.64.62 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8780 c.mgid.com — Cisco Umbrella Rank: 5259 cdn.mgid.com — Cisco Umbrella Rank: 11454 servicer.mgid.com — Cisco Umbrella Rank: 8835 s-img.mgid.com — Cisco Umbrella Rank: 8151 cm.mgid.com — Cisco Umbrella Rank: 1410	455 KB
36	pubmatic.com 1 redirects ads.pubmatic.com — Cisco Umbrella Rank: 572 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 565 image6.pubmatic.com — Cisco Umbrella Rank: 869 simage2.pubmatic.com — Cisco Umbrella Rank: 896 image2.pubmatic.com — Cisco Umbrella Rank: 1056 t.pubmatic.com — Cisco Umbrella Rank: 2867 simage4.pubmatic.com — Cisco Umbrella Rank: 1301	381 KB
30	tvonenews.com www.tvonenews.com — Cisco Umbrella Rank: 273033 thumb.tvonenews.com — Cisco Umbrella Rank: 338798	354 KB
28	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net — Cisco Umbrella Rank: 259 googleads.g.doubleclick.net — Cisco Umbrella Rank: 53	208 KB
23	googlesyndication.com 75fdcefb707fd62ca22644514e2c4741.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 115	116 KB
20	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 399	437 KB
10	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 828 id5-sync.com — Cisco Umbrella Rank: 432	154 KB
9	gstatic.com fonts.gstatic.com	164 KB
7	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 49 ssl.google-analytics.com — Cisco Umbrella Rank: 497 region1.google-analytics.com — Cisco Umbrella Rank: 1977	59 KB
6	ytimg.com i3.ytimg.com — Cisco Umbrella Rank: 3563 i1.ytimg.com — Cisco Umbrella Rank: 2126 i4.ytimg.com — Cisco Umbrella Rank: 3948 i2.ytimg.com — Cisco Umbrella Rank: 4104	195 KB
5	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 632	3 KB
5	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2541 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 406 fonts.googleapis.com — Cisco Umbrella Rank: 58	36 KB
4	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1091	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	227 KB
4	adform.net 3 redirects dmp.adform.net — Cisco Umbrella Rank: 3578 c1.adform.net — Cisco Umbrella Rank: 660	3 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2910	3 KB
4	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 455 mug.criteo.com — Cisco Umbrella Rank: 2500 dis.criteo.com — Cisco Umbrella Rank: 633	8 KB
4	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 958 bcp.crwdcntrl.net — Cisco Umbrella Rank: 940 sync.crwdcntrl.net — Cisco Umbrella Rank: 957	13 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	331 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 624	2 KB
3	onaudience.com 3 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 15699 pixel.onaudience.com — Cisco Umbrella Rank: 3243	1 KB
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 369	1019 B
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 279 secure.adnxs.com — Cisco Umbrella Rank: 500	2 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1391 google-bidout-d.openx.net — Cisco Umbrella Rank: 1399	682 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	167 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 770	938 B
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1294	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 962 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5086	562 B
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 991	952 B
2	bumlam.com 2 redirects sync.bumlam.com — Cisco Umbrella Rank: 3871	1 KB
2	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490 ups.analytics.yahoo.com — Cisco Umbrella Rank: 352	551 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 379	529 B
2	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 935	1 KB
2	weborama.fr 1 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 20565	498 B
2	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 778	769 B
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1106	2 KB
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 4338	468 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2801	555 B
1	zeotap.com mwzeom.zeotap.com — Cisco Umbrella Rank: 3456	438 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	527 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 7143
1	gammaplatform.com 1 redirects cm-supply-web.gammaplatform.com	643 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 24751	412 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 6242	279 B
1	ctnsnet.com ipac.ctnsnet.com — Cisco Umbrella Rank: 5824	369 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 982	793 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 3169	308 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1528	552 B
1	content-rec.com js.content-rec.com — Cisco Umbrella Rank: 195025	6 KB
1	dotomi.com pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3625	104 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 730	702 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 617	663 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1063	225 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1513	283 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1767	524 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 773	1 KB
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 933	589 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 653	14 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1130	9 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1537	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1891	3 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 351	1 KB
1	google.no www.google.no — Cisco Umbrella Rank: 25371	408 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1103	7 KB
273	66

	Domain	Requested by
23	www.tvonenews.com	www.tvonenews.com static.cloudflareinsights.com
20	cdn.ampproject.org	securepubads.g.doubleclick.net
16	cdn.mgid.com	www.tvonenews.com jsc.mgid.com
15	securepubads.g.doubleclick.net	www.tvonenews.com securepubads.g.doubleclick.net www.googletagservices.com
13	tpc.googlesyndication.com	www.tvonenews.com securepubads.g.doubleclick.net tpc.googlesyndication.com
12	simage2.pubmatic.com	ads.pubmatic.com
10	image2.pubmatic.com	ads.pubmatic.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
9	fonts.gstatic.com	fonts.googleapis.com
8	cm.mgid.com	jsc.mgid.com
8	jsc.mgid.com	securepubads.g.doubleclick.net jsc.mgid.com
8	cm.g.doubleclick.net	8 redirects
7	thumb.tvonenews.com	www.tvonenews.com
7	ads.pubmatic.com	www.tvonenews.com ads.pubmatic.com jsc.mgid.com
6	s-img.mgid.com	jsc.mgid.com
5	match.prod.bidr.io	5 redirects
5	id5-sync.com	cdn.id5-sync.com
5	cdn.id5-sync.com	securepubads.g.doubleclick.net jsc.mgid.com
4	lb.eu-1-id5-sync.com	cdn.id5-sync.com
4	servicer.mgid.com	jsc.mgid.com
4	www.googletagservices.com	securepubads.g.doubleclick.net
4	fonts.googleapis.com	securepubads.g.doubleclick.net
4	a.audrte.com	3 redirects ads.pubmatic.com
4	www.google-analytics.com	www.tvonenews.com www.google-analytics.com www.googletagmanager.com
4	www.googletagmanager.com	www.tvonenews.com www.google-analytics.com www.googletagmanager.com
3	sync.1rx.io	3 redirects
3	c.mgid.com	www.tvonenews.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	x.bidswitch.net	2 redirects ads.pubmatic.com
3	c1.adform.net	2 redirects ads.pubmatic.com
3	image6.pubmatic.com	1 redirects ads.pubmatic.com
3	i3.ytimg.com	www.tvonenews.com
3	cdnjs.cloudflare.com	www.tvonenews.com cdnjs.cloudflare.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.tvonenews.com www.google-analytics.com
2	pixel-sync.sitescout.com	2 redirects
2	uipglob.semasio.net	1 redirects
2	pixel-eu.onaudience.com	2 redirects
2	d5p.de17a.com	2 redirects
2	simage4.pubmatic.com	ads.pubmatic.com
2	googleads.g.doubleclick.net	www.tvonenews.com
2	ad.turn.com	2 redirects
2	sync.bumlam.com	2 redirects
2	match.adsrvr.org	ads.pubmatic.com
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	cr.frontend.weborama.fr	1 redirects ads.pubmatic.com
2	sync.crwdcntrl.net	1 redirects ads.pubmatic.com
2	sync-tm.everesttech.net	1 redirects ads.pubmatic.com
2	ib.adnxs.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects www.tvonenews.com
2	region1.analytics.google.com	www.googletagmanager.com
2	ssl.google-analytics.com	1 redirects www.googletagmanager.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	mwzeom.zeotap.com
1	sync.targeting.unrulymedia.com	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	cm-supply-web.gammaplatform.com	1 redirects
1	green.erne.co	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	ipac.ctnsnet.com	ads.pubmatic.com
1	p.rfihub.com	1 redirects
1	ad.mrtnsvr.com	1 redirects
1	t.adx.opera.com	1 redirects
1	t.pubmatic.com	ads.pubmatic.com
1	js.content-rec.com	jsc.mgid.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	bh.contextweb.com	1 redirects
1	csync.loopme.me	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	www.tvonenews.com
1	75fdcefb707fd62ca22644514e2c4741.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	hbopenbid.pubmatic.com	ads.pubmatic.com
1	i2.ytimg.com	www.tvonenews.com
1	i4.ytimg.com	www.tvonenews.com
1	i1.ytimg.com	www.tvonenews.com
1	www.google.no	www.tvonenews.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	www.tvonenews.com
1	ajax.googleapis.com	www.tvonenews.com
273	101

This site contains links to these domains. Also see Links.

Domain
sso.vdn.co.id
facebook.com
twitter.com
www.instagram.com
www.youtube.com
play.google.com
www.thevivanetworks.com
jagodangdut.intipseleb.com
www.100kpj.com
www.intipseleb.com
www.viva.co.id
www.vlix.id
www.sahijab.com
www.onepride.net
oneprix.id

Subject Issuer	Validity	Valid
*.tvonenews.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-16` - `2024-01-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.no GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
content-rec.com E1	`2023-09-02` - `2023-12-01`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
*.iprom.net R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
truffle.bid R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh

This page contains 42 frames:

Primary Page: https://www.tvonenews.com/liveHidup
Frame ID: AA621DE3C5FBF8F60242393EF232F5F6
Requests: 76 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.tvonenews.com
Frame ID: 9B4691A3DB15D1050E87B39488635A69
Requests: 2 HTTP requests in this frame

Frame: https://75fdcefb707fd62ca22644514e2c4741.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8FD437D2B960D8280286AE5A70C3E017
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Frame ID: 8E2971B93AAAD38362F087FF7DFF9EDC
Requests: 25 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: C7BC31EC88E74C9DD6222D0C2D51F294
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 0EE24C286ECC21EE09C5C77647EE665A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D384DE40-1725-4B49-89C6-3C3B3834E1B4&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: C87FD026DB3B3040317FC012AF193A3C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6Pvhjbj9s4jz-reI6veqiuf5sN3zq7WN6qvTNjka
Frame ID: 12C14B9361133B2788693BC9AC5C9165
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8665219610485345693&gdpr=0&gdpr_consent=
Frame ID: 4A879515115D68B545356A01F04EF6C0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=q4pJ_v1yVEREb1RgJ7ekJsGKB-Y&gdpr=0&gdpr_consent=
Frame ID: 57FD1AA08E6D70D805B349AD625FA087
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277238972554279066&gdpr=0&gdpr_consent=
Frame ID: 002984C2CA10076FE243409BA9959E07
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DE960F9A27CBF69F4EF326E6210A65C7
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZP3ySgAMHSYCwQA4
Frame ID: D8647C59225EA536A74DADB7A237728B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A03FE133C1616E0DB2B9C346281F115D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADzoU7J--UAACSSin7pmA&gdpr=0&gdpr_consent=
Frame ID: DD28D3A2C32BB05752AA0814F04FDB2F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 531A4CBBDD5896A36E7F25537896D34D
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 6C8C06E713F35F2F6FF0FC1F0B785706
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2K3K-VOF7WfY5uUfooId6AjuHeIclGDQgyFINxow8m4C7JbDPePGptDKS7Cs8-JGqraw8z8RfEtQ3vkJfZy5y5o4SDZresGR59byIwNwYZg7zaWF6-fMZJ3lG1bJHjEK8-EUwVm74czsqi8N1z7dlmYJ1Rt_K3fdoFKpieeXcM7HS0OF9fF8RafIdBhbOIerbHC8idNEOd2vJPjSemFukGJu0CM5YSgy5LcAg8jEs1YP3LSy8Ooay7rr7Hu76PjWv58IiY2uz3jzU4CI03IGzqYuqy4xeD4xLndH_5LJoWtxRxClEj9cXCB7tH0TyBFLQIl-jkZdcwMEVdLo_o4RaxP0rNg90pg&sai=AMfl-YQoC_k09AnFa6TQJZD4tYRCp8KdqdkH7X2p_bmFzZaiaEkR1XjVTdLf6Tw6b8aLE5byfUBTmo8tDYB4kJyiBTgoaSMX0IzMQxuQIEDvGuZql6oaGrJbVx5C7Go8fIrfG-r61bDgRms69uKUIKI1&sig=Cg0ArKJSzKM9ugHK91miEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E9F593576A1E1BBA317C5F758688A620
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzyec69gw1K3O7t2Zwl1neUYYN2w-aVXcvJnpdsrnJVDKi1yguLEP6aUN9Iz4vLKeazzChkYzh29S_hAhMIjf4V20JId0aYxWpKM9OkvwayRnoKSeJ0K7KudTSveCNyrp1nQGLuQnMwywR3q2eMHT2QZNUIWMWlv1h8x32eHXQSR_TWh1F8v1YswJB825YOvGxEC-6JoEQowMmajKABvG2V5yJyMwiIH2X62XvVnCYVmzLeirSnVyBeiKS9hth5T7KzPd4dNnlCDKcnE4qPvBZL-RSJM6S43uQenduSGXO9e2QjY7fYnhRHjgaoxgTGAaR1W8HcsJmKva_Fv_MKq4jl-XIeg&sai=AMfl-YS8SRpf2fFF7Pr5OZOq1eQwh-wTpO_JaPR4y_3-qRXYtDi2FN4EbEzuThFbSi8qtO8O4Pc0I1IEk_JCE3b0Ps5IiYVE8rOxM971Sq791SKRJrnURVINsfhDeCuaq1Jao_u6ronlXeBe-CT-XN3-&sig=Cg0ArKJSzFkiySurd4F5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 735C137286609471E9355D2830E65264
Requests: 26 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 7151DB009CFE0401793C91FFB6CFC4E6
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 966DCEA0D7DF7303DC106961100CF44F
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDwE8E7eXH9oS9ooLWCAkO5ZLJ-sAPo41bq8NQrcOMKHV0zDkj8tdrN0Qi117nxG9Rz6Caqw5sYyJBAj9d8Zh8sXQSb68xg7onkjL5logDS01guUpgoYMIsd6rv6N14qWO1PsXiIhiMPCOkAdMrZ4DkQ6xh0NW393xSpMLamx4FNh3qZR3mMTVrqKnvgkJADuyU8g2pLIUHFO0AYjoMDSB0as8FzZtwArcX9aJZCFJGZ5qBMHiAfjEPcyq_VC4I48FfN2VaME6MGpbJllXOOgtc7XRbCA6Gbv1SBNj4ybDyRQNtkwVS7NRD7O8grG8EhxH507TiPRME5wWb3EuTFsIO-zpqA&sai=AMfl-YQdJQ0eH7ozzf4zk_ZaRLvezpg-GMgO3m9wDFqshE1kFF-AvW6VI3qIpLIeTmoZItopmHTEnP5KKeTXtLX8wz3IZ9IvdtdgdnkvUo6TyIftnS6F-DdsaFX8yPkah-afPZJGNWXXBZaurvn9JGH_&sig=Cg0ArKJSzDWlnTbMDWNSEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 761165FAF59CCE6425503C260A70A583
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsua3rgTT9Fplnx6sIlBPG2OWX5HZBVAaJ0_k-ErEJmRjOWTzZ4pUtavJL06VsI4KRvWDeO4CV79uzFVyyicDo4m1GEy4_98uys7XVGAuYdgc62y_dq5xEtawNa7J1VJqX11uMva7Gd9Lxsg_SXlk9EQozV2ipteLW9H7rnxLv6D9qn9ES02suqMykLeiyerVWa0ph-ciGBM6F_pYsA2QJV5fH35_iPE0PhcZ3MNKvstHW-MeGewYUbnKUVLD72aMADG_lz7saaYYUy3oqx5IUG7fex57_2S8GKSCEVh9KPnaCNr7VcBYQgphSjELfGZckiTzWMumrxSb_WAKgbBd5NAI1XjHQ&sai=AMfl-YQ1LiXp0ljiddjBqp0ItKUFjBXVS0cXwXd-r-0ltDUXptI58GA5VED3q6o8oUlQ4Ff6Ala7kBm15Frmj3HtXosQT1o66XvvTNYeiJnVNC3YOhCPqf9FoTNELNvByTeD--hEtfUQI08U4tKea_X2&sig=Cg0ArKJSzCA6hwU7V5okEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D980D1D4273761DB137A51457C30356C
Requests: 20 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1694364236073577680911
Frame ID: F22D969A64CDBD9943CA296D24FD2B4E
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1694364236110593525920
Frame ID: A93227C4E8C0BB67136D90E0ADC1165E
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1694364236152311915563
Frame ID: 18991001B92893C40C73BD2952C667F6
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1694364236173909851197
Frame ID: 4607B5C59FCE211D1C53BD1CF8DD9006
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8EE9FE35A648A61B6D576B2CBF7A409C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 991B5108CE0693196FC2DB43DE21F3C7
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=D384DE40-1725-4B49-89C6-3C3B3834E1B4&gdpr=0&gdpr_consent=
Frame ID: 2ACD5F074436DBCA329619F7F9CE6A87
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd8a1d2c10aa04881be9ac38f3f5dea82
Frame ID: 356F8E1E7509F6B5F55BC73DD7010929
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=D384DE40-1725-4B49-89C6-3C3B3834E1B4&gdpr=0&gdpr_consent=
Frame ID: CA36E74C814AC89FB85AE3D482A86A9A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084927133677873
Frame ID: 616588DC1595226F7B0047187336DE2B
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 3F22970DDA7282FACD9D6D9D215361F5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4352793277187857271
Frame ID: 6ECD20FC0AF0B765FFEFFE667C963500
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 68D4ECD3B50DBC780A8CEF2BE274BE0A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QnWSQWghbaTjhgTb&gdpr=0&gdpr_consent=
Frame ID: 0DE0A4B1378AFC60B59E3B82ACFFF307
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1r2qfpgqol0g
Frame ID: 3A7FA6163B7E15AADBB8E609C2DC3541
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 68E7AFFA2ADA7FD1BCF11E003F023BBC
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: BFA6C2613A4B77B1578CC989F3A7573B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0908A535C4CA4BA8AAD32E125B943A6D&gdpr=0&gdpr_consent=
Frame ID: 45E449CE24DAE371932C8BBB21471FAF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5538363-ac3f-4014-8a89-51bb5fef8bbe-003
Frame ID: E038B7EA067F707F8ACDC7B56687E0B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Berita Hari Ini liveHidup Terlengkap dan Terpercaya

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

273
Requests

89 %
HTTPS

39 %
IPv6

66
Domains

101
Subdomains

64
IPs

13
Countries

3358 kB
Transfer

8932 kB
Size

95
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://sso.vdn.co.id/?reff=https://www.tvonenews.com/liveHidup

Search URL Search Domain Scan URL

URL: https://facebook.com/tvOneNews

Search URL Search Domain Scan URL

URL: https://twitter.com/tvOneNews

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tvonenews

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/tvOneNews

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.bedigital.tvone

Search URL Search Domain Scan URL

URL: https://www.thevivanetworks.com/
Title: Viva Digital Network

Search URL Search Domain Scan URL

URL: https://jagodangdut.intipseleb.com/

Search URL Search Domain Scan URL

URL: https://www.100kpj.com/

Search URL Search Domain Scan URL

URL: https://www.intipseleb.com/

Search URL Search Domain Scan URL

URL: https://www.viva.co.id/

Search URL Search Domain Scan URL

URL: https://www.vlix.id/

Search URL Search Domain Scan URL

URL: https://www.sahijab.com/

Search URL Search Domain Scan URL

URL: https://www.onepride.net/

Search URL Search Domain Scan URL

URL: https://oneprix.id/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1539030162&utmhn=www.tvonenews.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Berita%20Hari%20Ini%20liveHidup%20Terlengkap%20dan%20Terpercaya&utmhid=635275443&utmr=-&utmp=%2FliveHidup&utmht=1694364232574&utmac=UA-158515037-1&utmgtm=45He3960n81MM6TCTH&utmcc=__utma%3D262966473.1507014758.1694364232.1694364233.1694364233.1%3B%2B__utmz%3D262966473.1694364233.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1528268806&utmredir=1&utmu=qmAgAABAAAGBAAAAAgABAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-158515037-1&cid=1507014758.1694364232&jid=1528268806&_v=5.7.2&z=1539030162

Request Chain 61

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&rid=esp&cc=1

Request Chain 68

https://gum.criteo.com/sid/json?origin=publishertagids&domain=tvonenews.com&sn=ChromeSyncframe&so=0&topUrl=www.tvonenews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=sj_Oz3xEeXd6QVUrckhCcm40OTZQaThTdHE3eDFtcW4yTy9sZWpNOWlnZDJibkczQ0ZGRHRyS3F2ejJBOWJxakY3UDNqdHF3cHlxcUIrcHhyeW1wQUZIYmlWM3h1TVNJMG1QZnJVclQxVisySEdKY1Y3d0paNjdVbGx5dVVMTEs0ZG5ZMkIzK2p1N2Z5RjdlNGlhK0w5YmRXelZkbWtUNzRldWpDZmU0bXFEVFJRTHpPVGRvdkl3MW1jcXdJTHBKRWlNQllEcUxxcFVFUkVXcWlXTnNkclN1Z2dkSkVkdnhiZ2t2ZWF2ckZCb2dvNUdBTDhpZ3ZyUmhoYmxHaGlDeFVBN1pJNi9WNFdWUG9iMUF3clBmbUxRMDZ3Zz09fA&cppv=2

Request Chain 70

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 71

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D384DE40-1725-4B49-89C6-3C3B3834E1B4&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D384DE40-1725-4B49-89C6-3C3B3834E1B4&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 72

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6Pvhjbj9s4jz-reI6veqiuf5sN3zq7WN6qvTNjka

Request Chain 73

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8665219610485345693&gdpr=0&gdpr_consent=

Request Chain 74

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=q4pJ_v1yVEREb1RgJ7ekJsGKB-Y&gdpr=0&gdpr_consent=

Request Chain 75

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277238972554279066&gdpr=0&gdpr_consent=

Request Chain 77

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZP3ySgAMHSYCwQA4

Request Chain 78

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 79

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEem9VN0otLVVBQUNTU2luN3BtQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AADzoU7J--UAACSSin7pmA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADzoU7J--UAACSSin7pmA&pid=558502&do=add&gdpr=0 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AADzoU7J--UAACSSin7pmA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6888054011910581167&gdpr=0&gdpr_consent= HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADzoU7J--UAACSSin7pmA&gdpr=0&gdpr_consent=

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=04TeQBclS0mJxjw7ODThtA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=04TeQBclS0mJxjw7ODThtA%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 82

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4204656996

Request Chain 83

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=D384DE40-1725-4B49-89C6-3C3B3834E1B4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZGRoamJuVEVjNWpRREtFTk0zV0doZXhUUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=298268992888683655&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDM4NERFNDAtMTcyNS00QjQ5LTg5QzYtM0MzQjM4MzRFMUI0&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDM4NERFNDAtMTcyNS00QjQ5LTg5QzYtM0MzQjM4MzRFMUI0&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOM6fCNYOfQ4NSx3QscqJxk&google_cver=1

Request Chain 87

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=298268992888683655

Request Chain 91

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=fb4a22dc-f660-4835-b1d4-b4efa8040a77&gdpr=0&gdpr_consent= HTTP 302
https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjL5PenBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEDs-pSBP-RHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJGZiNGEyMmRjLWY2NjAtNDgzNS1iMWQ0LWI0ZWZhODA0MGE3Nw** HTTP 302
https://x.bidswitch.net/sync?dsp_id=476&user_id=3b3ea520-4ff9-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=fb4a22dc-f660-4835-b1d4-b4efa8040a77

Request Chain 93

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7671775173584101106&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 173

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 174

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 261

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd8a1d2c10aa04881be9ac38f3f5dea82

Request Chain 262

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=D384DE40-1725-4B49-89C6-3C3B3834E1B4&gdpr=0&gdpr_consent=

Request Chain 263

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084927133677873

Request Chain 265

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4352793277187857271

Request Chain 267

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QnWSQWghbaTjhgTb%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DEcv7Kmx8QnWSQWghbaTjhgTb%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QnWSQWghbaTjhgTb&gdpr=0&gdpr_consent=

Request Chain 268

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1r2qfpgqol0g

Request Chain 269

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 271

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0908A535C4CA4BA8AAD32E125B943A6D&gdpr=0&gdpr_consent=

Request Chain 272

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1694364237156 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1236420508 HTTP 302
https://sync.1rx.io/usersync/turn/7671775173584101106?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b5538363-ac3f-4014-8a89-51bb5fef8bbe-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b5538363-ac3f-4014-8a89-51bb5fef8bbe-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5538363-ac3f-4014-8a89-51bb5fef8bbe-003

Request Chain 274

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D384DE40-1725-4B49-89C6-3C3B3834E1B4&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D384DE40-1725-4B49-89C6-3C3B3834E1B4&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 275

https://pixel.onaudience.com/?partner=214&mapped=D384DE40-1725-4B49-89C6-3C3B3834E1B4&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 276

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3b9404f4-42b1-4c23-aee7-661c9d7f194c-64fdf24d-4e4f&gdpr=0&gdpr_consent=

Request Chain 277

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:66b285fb-9cb7-4e1a-a7a4-8a84af14cf23&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 278

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8665219610485345693

273 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request liveHidup Show response
www.tvonenews.com/ 66 KB
12 KB 532ms
383ms Document
text/html 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

219c0b1df147ce7bae684ae2c15ddb5b50b38bc780e1f87ea3c336f77aba1620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=300
cf-cache-status: MISS
cf-ray: 804921de3d330b55-OSL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Sep 2023 16:43:51 GMT
last-modified: Sun, 10 Sep 2023 16:43:51 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jqw16WXh0pg.woff2
www.tvonenews.com/appasset/responsive/fonts/montserrat/ 12 KB
12 KB 292ms
290ms Font
font/woff2 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/fonts/montserrat/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jqw16WXh0pg.woff2?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c902bf6562cea98de5eefe7caf99fcec89d6535b5934b648884c2fece815c13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tvonenews.com/liveHidup
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
alt-svc: h3=":443"; ma=86400
content-length: 12432
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: "64d4493a-3090"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 804921e0ae470b55-OSL

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
www.tvonenews.com/appasset/responsive/fonts/montserrat/ 30 KB
30 KB 328ms
326ms Font
font/woff2 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/fonts/montserrat/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tvonenews.com/liveHidup
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
alt-svc: h3=":443"; ma=86400
content-length: 30928
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: "64d4493a-78d0"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 804921e0be4c0b55-OSL

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
www.tvonenews.com/appasset/responsive/fonts/roboto/ 15 KB
16 KB 273ms
271ms Font
font/woff2 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4.woff2?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tvonenews.com/liveHidup
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
alt-svc: h3=":443"; ma=86400
content-length: 15816
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: "64d4493a-3dc8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 804921e0be4d0b55-OSL

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
www.tvonenews.com/appasset/responsive/fonts/roboto/ 15 KB
15 KB 289ms
287ms Font
font/woff2 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/fonts/roboto/KFOlCnqEu92Fr1MmYUtfBBc4.woff2?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edcdf3f60252a5987bedc9c86b5422d972ba509bbbe60d58925310c744a33e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tvonenews.com/liveHidup
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
alt-svc: h3=":443"; ma=86400
content-length: 15712
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: "64d4493a-3d60"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 804921e0be4e0b55-OSL

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
www.tvonenews.com/appasset/responsive/fonts/roboto/ 15 KB
16 KB 263ms
261ms Font
font/woff2 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/fonts/roboto/KFOmCnqEu92Fr1Mu4mxK.woff2?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tvonenews.com/liveHidup
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
alt-svc: h3=":443"; ma=86400
content-length: 15736
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: "64d4493a-3d78"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 804921e0be4f0b55-OSL

GET
H2 200 sso.js Show response
www.tvonenews.com/appasset/responsive/js/ 715 B
425 B 288ms
286ms Script
application/javascript 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/js/sso.js?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

815e3a80505bdf58d262139984097f760b1306b8393afb825a6e4be806b9dc4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
cf-polished: origSize=1342
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: W/"64d4493a-53e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 804921e0be500b55-OSL

GET
H2 200 base.css
www.tvonenews.com/appasset/responsive/css/ 12 KB
3 KB 301ms
300ms Stylesheet
text/css 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/css/base.css?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca1e7fb6db84480f0acada20277962fd758ac0f2d95f04a3f0565bdcdc85ee8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
cf-polished: origSize=13425
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: W/"64d4493a-3471"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 804921e0be480b55-OSL

GET
H2 200 base-desktop.css
www.tvonenews.com/appasset/responsive/css/ 2 KB
924 B 279ms
278ms Stylesheet
text/css 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/css/base-desktop.css?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

237bd407ce4d3e196c6626a94b1a156d150009aa60d7529a71f5603b0a5e9b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
cf-polished: origSize=2514
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: W/"64d4493a-9d2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 804921e0be490b55-OSL

GET
H2 200 core.css
www.tvonenews.com/appasset/responsive/css/ 10 KB
2 KB 826ms
825ms Stylesheet
text/css 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/css/core.css?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2be8ea153b73fe6c2562db8007a52b6124e8a57d35d14b7cf379b80571855ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
cf-polished: origSize=10557
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: W/"64d4493a-293d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 804921e0be4a0b55-OSL

GET
H2 200 core-desktop.css
www.tvonenews.com/appasset/responsive/css/ 2 KB
747 B 273ms
272ms Stylesheet
text/css 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/css/core-desktop.css?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c238c0d4fe296abdfd59382595c7e1da4b7efc6f0e7c63875a4470817876f828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
cf-polished: origSize=1921
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: W/"64d4493a-781"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 804921e0be4b0b55-OSL

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 277ms
90ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 12:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Sep 2024 12:15:48 GMT

GET
H2 200 icon-profile.png
www.tvonenews.com/appasset/responsive/img/login/ 286 B
442 B 336ms
334ms Image
image/webp 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvonenews.com/appasset/responsive/img/login/icon-profile.png?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a83ca962066ee0c9dd16b1777c34f30495097e4cb99d3ccbca2ab93e21349fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
cf-polished: origFmt=png, origSize=517
content-disposition: inline; filename="icon-profile.webp"
alt-svc: h3=":443"; ma=86400
content-length: 286
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: "64d4493a-205"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 804921e11e800b55-OSL

GET
H2 200 logo-2023.svg
www.tvonenews.com/appasset/responsive/img/ 6 KB
3 KB 328ms
327ms Image
image/svg+xml 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvonenews.com/appasset/responsive/img/logo-2023.svg?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ba97c8d01dce3efeba7ec724a0c9100372479c375f02be810611bbaa5570090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
x-permitted-cross-domain-policies: none
server: cloudflare
content-encoding: br
etag: W/"64d4493a-19ee"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 804921e11e810b55-OSL
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 box-yt.svg
www.tvonenews.com/appasset/responsive/img/ 555 B
438 B 325ms
324ms Image
image/svg+xml 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvonenews.com/appasset/responsive/img/box-yt.svg?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20be5d0b31fc4a59b6774aebe57a1228caecaf5b2e48f3a12bba0d7a7705eab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
x-permitted-cross-domain-policies: none
server: cloudflare
content-encoding: br
etag: W/"64d4493a-22b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 804921e11e820b55-OSL
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 base.js Show response
www.tvonenews.com/appasset/responsive/js/ 5 KB
2 KB 354ms
353ms Script
application/javascript 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/js/base.js?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

467d74baf1096e7312ed5ea7753b68906f17a12e7fc5a32a6f87a8c19166ac1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
cf-polished: origSize=5117
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: W/"64d4493a-13fd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 804921e11e830b55-OSL

GET
H2 200 load-more-article.js Show response
www.tvonenews.com/appasset/responsive/js/ 3 KB
1014 B 921ms
919ms Script
application/javascript 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/js/load-more-article.js?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdfc13461d0b079895673e83c9523b10dee372dc8c70ab82b7ac11d8f01670bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
cf-polished: origSize=5389
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: W/"64d4493a-150d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 804921e11e7e0b55-OSL

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 241ms
97ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://www.tvonenews.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:51 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 804921e1ba01568e-OSL

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
75 KB 291ms
105ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MM6TCTH

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b052132f00b40c7ca44299a1e6afd7700c82f3b6ecaf981871c95c9241731e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75956
x-xss-protection: 0
last-modified: Sun, 10 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Sep 2023 16:43:52 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157005/9000/ 326 KB
95 KB 272ms
83ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/9000/pwt.js
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 23146adc0d1c0af60f35829db7e60cd006e81abd5a6241458db6dacc554b3387

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 10:41:47 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=101900
accept-ranges: bytes
content-length: 96426
expires: Mon, 11 Sep 2023 21:02:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 276ms
89ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Sep 2023 15:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3569
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 10 Sep 2023 17:44:23 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 97ms
96ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=635275443&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&ul=en-us&de=UTF-8&dt=Berita%20Hari%20Ini%20liveHidup%20Terlengkap%20dan%20Terpercaya&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=821005180&gjid=1990324678&cid=1507014758.1694364232&tid=UA-233744373-1&_gid=628265870.1694364232&_r=1&_slc=1&z=478689541

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc50c4ff75fc5ffb0b5ed8aaa95ffcde0481c935e3bccb19146874f8e6db07c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tvonenews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 base-mobile.css
www.tvonenews.com/appasset/responsive/css/ 2 KB
890 B 288ms
287ms Stylesheet
text/css 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/css/base-mobile.css?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33b8edb9f1f6161aeec76590d815d9ddcd889a37d95644f8d17e97825bc2fa01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
cf-polished: origSize=1743
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: W/"64d4493a-6cf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 804921e2dbd3b4fa-OSL

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 105ms
105ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SKS0GZ01Z9&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a12d641f0cb6007158ac022a6e02971ed7c0c268ef503a7f15b3736544e39dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82455
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Sep 2023 16:43:52 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 273ms
88ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM6TCTH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Sep 2023 15:51:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3134
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sun, 10 Sep 2023 17:51:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
87 KB 104ms
104ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1F8KC7SHMP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM6TCTH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53f53ecca49bb8632a60ddb843fc2afd29f18ca885f8c3012e27c76edf119b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88926
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Sep 2023 16:43:52 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 343ms
155ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f5109fb15e04d38687ee9bf4aa586d829537bede0925fd5bbd9002a7ab88c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29362
x-xss-protection: 0
server: cafe
etag: 2 / 19610 / m202309050101 / config-hash: 18345592501010170579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:43:52 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 198ms
69ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SKS0GZ01Z9&gtm=45je3960&_p=635275443&ul=en-us&sr=1600x1200&cid=1507014758.1694364232&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&dt=Berita%20Hari%20Ini%20liveHidup%20Terlengkap%20dan%20Terpercaya&sid=1694364232&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SKS0GZ01Z9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tvonenews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 204ms
68ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1F8KC7SHMP&gtm=45je3960&_p=635275443&_gaz=1&cid=1507014758.1694364232&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1694364232&sct=1&seg=0&dl=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&dt=Berita%20Hari%20Ini%20liveHidup%20Terlengkap%20dan%20Terpercaya&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1F8KC7SHMP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tvonenews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 264ms
87ms Ping
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1F8KC7SHMP&cid=1507014758.1694364232&gtm=45je3960&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1F8KC7SHMP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tvonenews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.no/ads/ 42 B
408 B 321ms
123ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1F8KC7SHMP&cid=1507014758.1694364232&gtm=45je3960&aip=1&z=1966275360

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1539030162&utmhn=www.tvonenews.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Be...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-158515037-1&cid=1507014758.1694364232&jid=1528268806&_v=5.7.2&z=1539030162

35 B
192 B

87ms
87ms

Image
image/gif

2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-158515037-1&cid=1507014758.1694364232&jid=1528268806&_v=5.7.2&z=1539030162

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 10 Sep 2023 16:43:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:52 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-158515037-1&cid=1507014758.1694364232&jid=1528268806&_v=5.7.2&z=1539030162
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 372
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 core-mobile.css
www.tvonenews.com/appasset/responsive/css/ 2 KB
892 B 280ms
280ms Stylesheet
text/css 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/css/core-mobile.css?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c40642b5ccbe293bee5d10bf6a195f9788f4b69032310c36ce620c600242ed5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
cf-polished: origSize=2205
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: W/"64d4493a-89d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 804921e5de3db4fa-OSL

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1b352ee7484a73eff1be0df5af18b8780e2306a52e0df18cb088f843f02f022

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontdefault.css
www.tvonenews.com/appasset/responsive/css/ 1 KB
503 B 284ms
283ms Stylesheet
text/css 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/css/fontdefault.css?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5fbdc5c72aa7784f1b5c8ad97e45bdc0e6f967a44335d346eb82417f2a5d364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: W/"64d4493a-413"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 804921e62e73b4fa-OSL

GET
H3 200 footer-canonical.css
www.tvonenews.com/appasset/responsive/css/ 1 KB
745 B 881ms
880ms Stylesheet
text/css 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/appasset/responsive/css/footer-canonical.css?v=1.32

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

337ac2ef6e45db582c135323416d4720d6574c87b06d11c34b820ae9a75c2431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 02:19:38 GMT
server: cloudflare
etag: W/"64d4493a-5dc"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 804921e62e74b4fa-OSL

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 58 KB
11 KB 211ms
75ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 873718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10491
last-modified: Thu, 22 Jun 2023 11:02:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3b-28fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrWO%2BuCri21PyIjJ7yanqqYqXJ8orvqo3gX5%2Bjka1n5U%2F%2BfQ9KX0TEQ1F4SxrqplNjmBIQOmSNFs9O59TrPz1EV3ci2Hj1KFvmRsSnr%2FeDaSGdI8QBskyN5GY8f6gnpEiMxFooM%2BZEm2jxy57tdHNS%2Bb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 804921e7082256c5-OSL
expires: Fri, 30 Aug 2024 16:43:52 GMT

GET
H2 200 hqdefault.jpg
i3.ytimg.com/vi/2MTtaCzXVtI/ 26 KB
26 KB 389ms
198ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.ytimg.com/vi/2MTtaCzXVtI/hqdefault.jpg

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf0fd0701c15ea8c2f1ab233caf2eecb2d7919b5f260d45ada5dec19492a9189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26188
x-xss-protection: 0
server: sffe
etag: "1694173127"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 10 Sep 2023 16:48:52 GMT

GET
H2 200 hqdefault.jpg
i1.ytimg.com/vi/HX5g9T9Ef7k/ 27 KB
27 KB 373ms
99ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/HX5g9T9Ef7k/hqdefault.jpg

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bbf0d66038aa78a09d50176e61e7de0dd93cca29fca59d1ed199b7a11a3925f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27192
x-xss-protection: 0
server: sffe
etag: "1694173164"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 10 Sep 2023 16:48:53 GMT

GET
H2 200 hqdefault.jpg
i4.ytimg.com/vi/gj7GDb_RjGg/ 30 KB
31 KB 287ms
97ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i4.ytimg.com/vi/gj7GDb_RjGg/hqdefault.jpg

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a9bb6b4466ddb5e8137fdb8d115b867f5aad86ccf330366aa6d657db15f553f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31218
x-xss-protection: 0
server: sffe
etag: "1694321945"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 10 Sep 2023 16:48:52 GMT

GET
H2 200 hqdefault.jpg
i3.ytimg.com/vi/bK01sKjgFCQ/ 34 KB
34 KB 289ms
98ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.ytimg.com/vi/bK01sKjgFCQ/hqdefault.jpg

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a37b42ea89ca11b54f54a69322c6d519206e6f4a4b1f5fe44420b208b2a3101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34475
x-xss-protection: 0
server: sffe
etag: "1694173178"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 10 Sep 2023 16:48:52 GMT

GET
H2 200 hqdefault.jpg
i3.ytimg.com/vi/2asevCi43ZA/ 38 KB
38 KB 433ms
242ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.ytimg.com/vi/2asevCi43ZA/hqdefault.jpg

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbbabe1567cc93d456fe61efdd28ede190c77960afea9fde4649755a963da4ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38440
x-xss-protection: 0
server: sffe
etag: "1694324927"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 10 Sep 2023 16:48:52 GMT

GET
H2 200 hqdefault.jpg
i2.ytimg.com/vi/MOtHMChY7O8/ 39 KB
40 KB 414ms
98ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.ytimg.com/vi/MOtHMChY7O8/hqdefault.jpg

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c03549811aa68974a8d767b7f010c5073c65e365bfcfdfa11624acc07bb61414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40412
x-xss-protection: 0
server: sffe
etag: "1694322595"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 10 Sep 2023 16:48:53 GMT

GET
H2 200 64fd21ccef25b-elkan-baggott_375_211.jpg
thumb.tvonenews.com/thumbnail/2023/09/10/ 8 KB
9 KB 384ms
300ms Image
image/webp 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.tvonenews.com/thumbnail/2023/09/10/64fd21ccef25b-elkan-baggott_375_211.jpg
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e39a23c890e3408d660b29e7808b220e36282414b78e9f9d93509ea8d40e2a4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=19794
x-obs-request-id: 0000018A7FF5D07DB0D36339EC4F626D
content-disposition: inline; filename="64fd21ccef25b-elkan-baggott_375_211.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8648
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSflHTh7kIgxG37Kydx0hl4J9v5dxSlu
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Sep 2023 01:54:21 GMT
server: cloudflare
etag: "82408aedfe1a53294bde84fcdf80ff98"
vary: Accept
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 804921e739d10b55-OSL

GET
H2 200 64fd3fe78f03f-shin-tae-yong-pelatih-timnas-indonesia_375_211.jpg
thumb.tvonenews.com/thumbnail/2023/09/10/ 14 KB
14 KB 377ms
293ms Image
image/webp 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.tvonenews.com/thumbnail/2023/09/10/64fd3fe78f03f-shin-tae-yong-pelatih-timnas-indonesia_375_211.jpg
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7b1871959cc590db15796700aa36472b88b3f0ed7c6064e69f470b7a88d9eab

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=28328
x-obs-request-id: 0000018A7FF5CDC0B01326CC96B8C0AF
content-disposition: inline; filename="64fd3fe78f03f-shin-tae-yong-pelatih-timnas-indonesia_375_211.webp"
alt-svc: h3=":443"; ma=86400
content-length: 13956
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSdOf3aO1hhAPGNZ0zQk1PyEo+Yvn211
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Sep 2023 04:02:47 GMT
server: cloudflare
etag: "25468e5e1f27a11a188ec5f5ad405c65"
vary: Accept
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 804921e739d30b55-OSL

GET
H2 200 64fcba676f8c8-stadion-manahan-solo_375_211.jpg
thumb.tvonenews.com/thumbnail/2023/09/10/ 24 KB
25 KB 355ms
287ms Image
image/jpeg 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.tvonenews.com/thumbnail/2023/09/10/64fcba676f8c8-stadion-manahan-solo_375_211.jpg
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eca9eb02f32914946e6f24ee290b66f4bcc23dad20ca2d94e39f2f86bed4501

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
cf-cache-status: HIT
cf-polished: degrade=85, origSize=44453, status=webp_bigger
x-obs-request-id: 0000018A7FF5D290B0D69FCEB4E7C2F2
alt-svc: h3=":443"; ma=86400
content-length: 24925
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSvRR+cJUMSPj4XMkTIcR0IsMQqFhiHQ
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Sep 2023 18:33:11 GMT
server: cloudflare
etag: "b9cb5db04fa42afa5c811a827bed66ed"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 804921e739d00b55-OSL

GET
H2 200 64fd5404ecc50-sesi-latihan-timnas-indonesia-u-23-tiba-tiba-tanpa-elkan-baggott-sampai-ivar-jenner-shin-tae-yong-kasih-penjelasan_375_211.jpg
thumb.tvonenews.com/thumbnail/2023/09/10/ 15 KB
15 KB 297ms
288ms Image
image/webp 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.tvonenews.com/thumbnail/2023/09/10/64fd5404ecc50-sesi-latihan-timnas-indonesia-u-23-tiba-tiba-tanpa-elkan-baggott-sampai-ivar-jenner-shin-tae-yong-kasih-penjelasan_375_211.jpg
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb907560a34f0b253c3affe22120f04c266b90be9cf766c8e9d460657db5e4e1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=28562
x-obs-request-id: 0000018A7FF5DA5BB016A7212B7EBB0F
content-disposition: inline; filename="64fd5404ecc50-sesi-latihan-timnas-indonesia-u-23-tiba-tiba-tanpa-elkan-baggott-sampai-ivar-jenner-shin-tae-yong-kasih-penjelasan_375_211.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15444
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSNJDNvuEugYQ5E+aD+AHmF0m69UGnCe
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Sep 2023 05:28:37 GMT
server: cloudflare
etag: "924f81959e24428d8a91a74905620fed"
vary: Accept
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 804921e739cf0b55-OSL

GET
H3 200 64fd6df2f0ed8-dr-cahyono-kulit-glowing-awet-muda-tanpa-skincare-krim-malam_375_211.jpg
thumb.tvonenews.com/thumbnail/2023/09/10/ 11 KB
11 KB 361ms
359ms Image
image/webp 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.tvonenews.com/thumbnail/2023/09/10/64fd6df2f0ed8-dr-cahyono-kulit-glowing-awet-muda-tanpa-skincare-krim-malam_375_211.jpg
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3c931f4e4737bc3b7b01f9ef299e29e1bbc7202488ffeb87097cd3bb83d0e94

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=24347
x-obs-request-id: 0000018A7FF5CCB4B0D68AD8FDF82992
content-disposition: inline; filename="64fd6df2f0ed8-dr-cahyono-kulit-glowing-awet-muda-tanpa-skincare-krim-malam_375_211.webp"
alt-svc: h3=":443"; ma=86400
content-length: 11270
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSXk/i8twU9qbTl5eG01TIVOYsEhvSI6
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Sep 2023 07:19:15 GMT
server: cloudflare
etag: "83b17c54d5113d1e92812d2aaf587137"
vary: Accept
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 804921e90904b4fa-OSL

GET
H3 200 64fd99c1c0e0c-marselino-ferdinan-usai-laga-lawan-taiwan-di-kualifikasi-piala-asia-u-23-sabtu-992023_375_211.jpg
thumb.tvonenews.com/thumbnail/2023/09/10/ 11 KB
11 KB 294ms
293ms Image
image/webp 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.tvonenews.com/thumbnail/2023/09/10/64fd99c1c0e0c-marselino-ferdinan-usai-laga-lawan-taiwan-di-kualifikasi-piala-asia-u-23-sabtu-992023_375_211.jpg
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adf806d67b7e6b48d19ab3d68361df308295a123d34ed98971f5414bf999ae7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=24696
x-obs-request-id: 0000018A7FF5CC79B0D70E985CD3C5BF
content-disposition: inline; filename="64fd99c1c0e0c-marselino-ferdinan-usai-laga-lawan-taiwan-di-kualifikasi-piala-asia-u-23-sabtu-992023_375_211.webp"
alt-svc: h3=":443"; ma=86400
content-length: 11086
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSveyW9QBq79bxqT9NFJmZPAzAUpbliM
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Sep 2023 10:26:10 GMT
server: cloudflare
etag: "85a6964c3aeb01ef1a4af6578689a27d"
vary: Accept
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 804921e90905b4fa-OSL

GET
H3 200 64fcaeca8c8b2-ustaz-adi-hidayat-terangkan-manfaat-mengamalkan-surat-ali-imran_375_211.jpg
thumb.tvonenews.com/thumbnail/2023/09/10/ 17 KB
17 KB 360ms
359ms Image
image/webp 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.tvonenews.com/thumbnail/2023/09/10/64fcaeca8c8b2-ustaz-adi-hidayat-terangkan-manfaat-mengamalkan-surat-ali-imran_375_211.jpg
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b7a7ae8cb62bb889fe4fe91526892865915b99bc6047960c3f33f65a92f0444

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=29388
x-obs-request-id: 0000018A7FF5F984B0D45733971F0E44
content-disposition: inline; filename="64fcaeca8c8b2-ustaz-adi-hidayat-terangkan-manfaat-mengamalkan-surat-ali-imran_375_211.webp"
alt-svc: h3=":443"; ma=86400
content-length: 17378
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCScJECfziff8u+CdxJvGU5ehX3sm/VwF
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Sep 2023 17:43:38 GMT
server: cloudflare
etag: "9871499810b66569fee67c8c6f1e7587"
vary: Accept
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 804921e90906b4fa-OSL

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ 404 KB
127 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1164
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129878
x-xss-protection: 0
server: cafe
etag: 7992010681825974757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 09 Sep 2024 16:24:28 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 78 KB
79 KB 155ms
74ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 876835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80300
last-modified: Thu, 22 Jun 2023 11:02:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3b-139ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJr3BOHzED6Vp4d4pzr%2BDJUkFZ7FeDe%2FB3coBFCU1SmzLCdNt%2FQlmcmCPJKR9D1qK4rBwZoTp5Z%2ByVsKxGd3zaLf7POs%2F2MkXr%2B4nKGW6Iti1KnJqh2ht0lxgXRCcwuonmbB7QuWE3PoEMYc1fGKcEh2"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 804921e8196556a2-OSL
expires: Fri, 30 Aug 2024 16:43:52 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 77 KB
77 KB 352ms
271ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:52 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 876835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78460
last-modified: Thu, 22 Jun 2023 11:02:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3b-1327c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLc63WzSP%2F332tSnST6dojuuQNu0c%2BUKOpUhzRyqSQqJHYiIjvW5KD2O4VKC7R2WzOSf%2Bwmej9OJ4mtb6BVxqqw2Dx9V4kwJr2Vwk04KxuT40nJP86vjoUqzBEwwAzchpwGazCZnfW2%2F1zLnxBPJEZJV"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 804921e8196956a2-OSL
expires: Fri, 30 Aug 2024 16:43:52 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 429ms
87ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/9000/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tvonenews.com
date: Sun, 10 Sep 2023 16:43:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 271ms
92ms Script
text/javascript 18.165.201.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.201.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-201-38.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:15:11 GMT
content-encoding: gzip
via: 1.1 19d5615c4d307c11803beb015d8f6562.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-P3
age: 1723
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: CIzTHPW79norOAomGdY4pGhxp3pb-Vng9vmr23BDGzVS915UrHbGcw==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 216ms
79ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15201
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uni5lXeKEcu2yFRVOKTKVqkWGUPQu6wUwbjnDGvOKtI%2BT87ZflZDYiQfQq8tFSrx9RvvOBw688T4szRFJ9MmSdiB9vu3CP3KD82mdO1fxChLHmNFHdj6ZSTkyjJvWSDrNY%2F2%2BFMB30RIXgQD1Gg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 804921ea0e805688-OSL

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 437ms
85ms Script
text/javascript 2600:9000:2250:a000:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a000:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Sun, 10 Sep 2023 03:41:04 GMT
Via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 46970
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: _-VG_xB8dGOA5l_VD6BXE2wK92CuhuqubbHXZ1rXnKvvOYAmx-HyTQ==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 139 KB
31 KB 235ms
88ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: PWFVXNHQ8G1GNHQ3
age: 1671
etag: W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 804921ea1a340b02-OSL
x-amz-id-2: +ACj8He+LhwdBpxbuT9pa6XeWKFRWtyUslgT7sAGLIDrmu/x+J8T1u2zQ8cjrukuzXMwXSuVRZI=

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 255ms
60ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:22:49 GMT
content-encoding: gzip
age: 1149664
x-guploader-uploadid: ADPycdtXfNdKUNo5GXKLvTkpUR8gtkXT-pzKVrrr1OdXaSKcRKowbDYJR_yxBhL7HQsDv5YEV0tlCET1_dmumdnTWTtLNg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 27 Aug 2024 09:22:49 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 40 KB
9 KB 200ms
63ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:49 GMT
server: cloudflare
age: 259759
etag: W/"64cd45b9-a13f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 804921e9fa85376e-HEL
expires: Wed, 13 Sep 2023 16:43:53 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 262ms
98ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Sep 2023 16:43:53 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
326 B 336ms
86ms XHR
text/plain 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tvonenews.com
date: Sun, 10 Sep 2023 16:43:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&rid=esp&cc=1

85 B
202 B

180ms
179ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&rid=esp&cc=1
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 2f6ae40fd6f3f52419068924f298b04383fcda7765a3b3dc7833cc7ea97a51c7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:53 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-naYIIC/fzEDjlyc2cHwGOjl75eY"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tvonenews.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 10 Sep 2023 16:43:53 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.tvonenews.com
location: /esp?url=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
337 B 364ms
96ms XHR
application/json 54.217.255.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.255.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-255-105.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 6b9ce67b2eeac84230f988eb68eae90fd9f8071338a7a126f8b98397500352af

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:53 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.tvonenews.com
cache-control: no-cache
x-server: 10.45.22.187
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9B46 15 KB
6 KB 265ms
92ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.tvonenews.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tvonenews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:43:52 GMT
server: Kestrel
server-processing-duration-in-ticks: 362859
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 373 KB
49 KB 728ms
727ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3062136417851325&correlator=3084660818859590&eid=31075591%2C31076771&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fifs&iu_parts=11225321%2CTVONENEWS.COM%2CLiveHidup%2CHome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F3&prev_iu_szs=728x90%2C975x200%2C300x250%2C300x250%2C300x250%2C160x600%2C160x600%2C728x90%2C320x100%7C320x50%2C320x480%2C320x100%2C640x360%2C320x180&ifi=1&didk=448557249~3421888634~3701212228~3701212229~3701212230~2034924552~1059785318~3353032748~4011368107~4195794552~3294772958~3825821426~2130379765&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694364233569&lmt=1694353431&adxs=557%2C-9%2C985%2C985%2C985%2C140%2C1300%2C436%2C-12245933%2C-9%2C-12245933%2C-9%2C-9&adys=77%2C-9%2C170%2C1210%2C1533%2C66%2C66%2C1115%2C-12245933%2C-9%2C-12245933%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C0%7C1%7C2%7C0%7C0%7C0%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&vis=1&psz=728x21%7C0x-1%7C300x0%7C300x0%7C300x0%7C160x-1%7C160x-1%7C728x-1%7C0x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=728x0%7C0x-1%7C300x0%7C300x0%7C300x0%7C160x-1%7C160x-1%7C728x-1%7C0x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=0%2C2%2C512%2C512%2C512%2C512%2C512%2C512%2C128%2C2%2C640%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1507014758.1694364232&ga_sid=1694364233&ga_hid=635275443&ga_fc=true&dlt=1694364231762&idt=1304&prev_scp=pos%3Dleaderboard%7Cpos%3Dbillboard%7Cpos%3Drectangle_1%7Cpos%3Drectangle_2%7Cpos%3Drectangle_3%7Cpos%3Dskin-left%7Cpos%3Dskin-right%7Cpos%3Dbottomframe%7Cpos%3Dtop%7Cpos%3Dgiant-banner%7Cpos%3Dbottom%7C%7C&adks=113487036%2C3491936101%2C1139648248%2C1139648255%2C1139648254%2C4112494481%2C1780359647%2C1608458976%2C1235074377%2C2248871960%2C817397233%2C4067006444%2C294096746&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f564e2964e6dd6040926cf82740f36887c9e2993261a6799a89bb85a3d4c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50055
x-xss-protection: 0
google-lineitem-id: -1,-2,-1,6370572410,-2,6370572410,-1,-1,6370572410,-2,6370572410,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1,138444223472,-2,138445444367,-1,-1,138444224924,-2,138444220155,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tvonenews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
75fdcefb707fd62ca22644514e2c4741.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8FD4 6 KB
3 KB 307ms
95ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://75fdcefb707fd62ca22644514e2c4741.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvonenews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:43:53 GMT
expires: Mon, 09 Sep 2024 16:43:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8E29 15 KB
6 KB 84ms
84ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/9000/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://www.tvonenews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=95781
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Sun, 10 Sep 2023 16:43:53 GMT
expires: Mon, 11 Sep 2023 19:20:14 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8E29 4 KB
4 KB 401ms
90ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43924140&p=157005&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 631b9627743bd4d17ce04a6c113185213123a5f4902d169157a1c1ff463030cb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 10 Sep 2023 16:43:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9B46
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=tvonenews.com&sn=ChromeSyncframe&so=0&topUrl=www.tvonenews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=sj_Oz3xEeXd6QVUrckhCcm40OTZQaThTdHE3eDFtcW4yTy9sZWpNOWlnZDJibkczQ0ZGRHRyS3F2ejJBOWJxakY3UDNqdHF3cHlxcUIrcHhyeW1wQUZIYmlWM3h1TVNJMG1QZnJVclQxVisySEdKY1Y3d0paNjdVbGx5dV...

428 B
649 B

326ms
95ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sj_Oz3xEeXd6QVUrckhCcm40OTZQaThTdHE3eDFtcW4yTy9sZWpNOWlnZDJibkczQ0ZGRHRyS3F2ejJBOWJxakY3UDNqdHF3cHlxcUIrcHhyeW1wQUZIYmlWM3h1TVNJMG1QZnJVclQxVisySEdKY1Y3d0paNjdVbGx5dVVMTEs0ZG5ZMkIzK2p1N2Z5RjdlNGlhK0w5YmRXelZkbWtUNzRldWpDZmU0bXFEVFJRTHpPVGRvdkl3MW1jcXdJTHBKRWlNQllEcUxxcFVFUkVXcWlXTnNkclN1Z2dkSkVkdnhiZ2t2ZWF2ckZCb2dvNUdBTDhpZ3ZyUmhoYmxHaGlDeFVBN1pJNi9WNFdWUG9iMUF3clBmbUxRMDZ3Zz09fA&cppv=2

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f8b11f49d7cc9e9b3b017ce20a2ab7b41e9de8227aa81d62c3934870733612a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1504763
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=sj_Oz3xEeXd6QVUrckhCcm40OTZQaThTdHE3eDFtcW4yTy9sZWpNOWlnZDJibkczQ0ZGRHRyS3F2ejJBOWJxakY3UDNqdHF3cHlxcUIrcHhyeW1wQUZIYmlWM3h1TVNJMG1QZnJVclQxVisySEdKY1Y3d0paNjdVbGx5dVVMTEs0ZG5ZMkIzK2p1N2Z5RjdlNGlhK0w5YmRXelZkbWtUNzRldWpDZmU0bXFEVFJRTHpPVGRvdkl3MW1jcXdJTHBKRWlNQllEcUxxcFVFUkVXcWlXTnNkclN1Z2dkSkVkdnhiZ2t2ZWF2ckZCb2dvNUdBTDhpZ3ZyUmhoYmxHaGlDeFVBN1pJNi9WNFdWUG9iMUF3clBmbUxRMDZ3Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 315511
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame C7BC 0
176 B 260ms
84ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvonenews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 10 Sep 2023 16:43:54 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0EE2
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

266ms
87ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:43:54 GMT
expires: Sun, 10 Sep 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1051202
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame C87F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D384DE40-1725-4B49-89C6-3C3B3834E1B4&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D384DE40-1725-4B49-89C6-3C3B3834E1B4&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

257ms
257ms

Document
image/gif

52.95.126.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D384DE40-1725-4B49-89C6-3C3B3834E1B4&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 10 Sep 2023 16:43:54 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: V0TM65PZTVGTCB6B3QEV

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 10 Sep 2023 16:43:54 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D384DE40-1725-4B49-89C6-3C3B3834E1B4&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 7DYCV6FEAKE7N0ZDJBAS

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 12C1
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6Pvhjbj9s4jz-reI6veqiuf5sN3zq7WN6qvTNjka

42 B
567 B

312ms
89ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6Pvhjbj9s4jz-reI6veqiuf5sN3zq7WN6qvTNjka
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sun, 10 Sep 2023 16:43:54 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6Pvhjbj9s4jz-reI6veqiuf5sN3zq7WN6qvTNjka
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4A87
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8665219610485345693&gdpr=0&gdpr_consent=

42 B
298 B

185ms
85ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8665219610485345693&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 11414b6a-8931-4d2c-894e-fa24a8ec9f98
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 10 Sep 2023 16:43:54 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8665219610485345693&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 193.138.7.230; 193.138.7.230; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 57FD
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=q4pJ_v1yVEREb1RgJ7ekJsGKB-Y&gdpr=0&gdpr_consent=

42 B
299 B

83ms
82ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=q4pJ_v1yVEREb1RgJ7ekJsGKB-Y&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Sun, 10 Sep 2023 16:43:54 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=q4pJ_v1yVEREb1RgJ7ekJsGKB-Y&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0029
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277238972554279066&gdpr=0&gdpr_consent=

42 B
448 B

273ms
82ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277238972554279066&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Sun, 10 Sep 2023 16:43:54 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277238972554279066&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame DE96 43 B
283 B 348ms
86ms Document
image/gif 72.251.245.181
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Sun, 10 Sep 2023 16:43:54 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-8

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame D864
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

153ms
152ms

Document
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZP3ySgAMHSYCwQA4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Sun, 10 Sep 2023 16:43:54 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hel1410031-HEL
x-timer: S1694364235.547018,VS0,VE98

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Sun, 10 Sep 2023 16:43:54 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZP3ySgAMHSYCwQA4
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hel1410031-HEL
x-timer: S1694364234.394577,VS0,VE97

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A03F
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
93 B

246ms
83ms

Document
text/html

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 10 Sep 2023 16:43:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Sun, 10 Sep 2023 16:43:54 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame DD28
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEem9VN0otLVVBQUNTU2luN3BtQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?ev=AADzoU7J--UAACSSin7pmA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADzoU7J--UAACSSin7pmA&pid=558502&do=add&gdpr=0
https://rtb-csync.smartadserver.com/redir?partneruserid=AADzoU7J--UAACSSin7pmA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6888054011910581167&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADzoU7J--UAACSSin7pmA&gdpr=0&gdpr_consent=

42 B
278 B

88ms
87ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADzoU7J--UAACSSin7pmA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 10 Sep 2023 16:43:55 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADzoU7J--UAACSSin7pmA&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8E29
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=04TeQBclS0mJxjw7ODThtA%3D%3D&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=04TeQBclS0mJxjw7ODThtA%3D%3D&gdpr=0&gdpr_consent=&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

86ms
86ms

Image
text/html

23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=95780
accept-ranges: bytes
content-length: 5606
expires: Mon, 11 Sep 2023 19:20:14 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 8E29 49 B
265 B 357ms
98ms Image
image/gif 63.35.30.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D384DE40-1725-4B49-89C6-3C3B3834E1B4&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.30.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:54 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.13
content-length: 49
expires: 0

GET
H2

204

cr
cr.frontend.weborama.fr/ Frame 8E29
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4204656996

0
45 B

104ms
85ms

Image
text/plain

34.111.129.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4204656996
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Server: 34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.129.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:54 GMT
via: 1.1 google
last-modified: Sun, 10 Sep 2023 16:43:54 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:53 GMT
via: 1.1 google
last-modified: Sun, 10 Sep 2023 16:43:54 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4204656996
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200

p
a.audrte.com/ Frame 8E29
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=D384DE40-1725-4B49-89C6-3C3B3834E1B4
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZGRoamJuVEVjNWpRREtFTk0zV0doZXhUUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=298268992888683655&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

160ms
159ms

Image
image/png

34.238.5.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: HTTP/1.1
Server: 34.238.5.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-5-208.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sun, 10 Sep 2023 16:43:55 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 10 Sep 2023 16:43:55 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8E29
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDM4NERFNDAtMTcyNS00QjQ5LTg5QzYtM0MzQjM4MzRFMUI0&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDM4NERFNDAtMTcyNS00QjQ5LTg5QzYtM0MzQjM4MzRFMUI0&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

87ms
87ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:53 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8E29
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOM6fCNYOfQ4NSx3QscqJxk&google_cver=1

42 B
348 B

87ms
87ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOM6fCNYOfQ4NSx3QscqJxk&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOM6fCNYOfQ4NSx3QscqJxk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 8E29 43 B
610 B 331ms
75ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 09 Sep 2023 16:43:54 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8E29
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=298268992888683655

42 B
242 B

161ms
84ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=298268992888683655
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:53 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=298268992888683655
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8E29 70 B
265 B 368ms
110ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 10 Sep 2023 16:43:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 D384DE40-1725-4B49-89C6-3C3B3834E1B4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8E29 43 B
426 B 435ms
101ms Image
image/gif 2a05:d018:d29:3601:7665:e1fe:4dc7:2c74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/D384DE40-1725-4B49-89C6-3C3B3834E1B4?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:7665:e1fe:4dc7:2c74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame 8E29 0
125 B 346ms
93ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D384DE40-1725-4B49-89C6-3C3B3834E1B4&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
x.bidswitch.net/ Frame 8E29
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=fb4a22dc-f660-4835-b1d4-b4efa8040a77&gdpr=0&gdpr_consent=
https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjL5PenBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEDs-pSBP-RHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJGZiNGEyMmRjLWY2NjAtNDgzNS1iMWQ0LWI0ZWZhODA0MGE3Nw**
https://x.bidswitch.net/sync?dsp_id=476&user_id=3b3ea520-4ff9-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=fb4a22dc-f660-4835-b1d4-b4efa8040a77

43 B
145 B

88ms
87ms

Image
image/gif

18.196.96.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=476&user_id=3b3ea520-4ff9-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=fb4a22dc-f660-4835-b1d4-b4efa8040a77
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Server: 18.196.96.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-96-246.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

Date: Sun, 10 Sep 2023 16:43:55 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://x.bidswitch.net/sync?dsp_id=476&user_id=3b3ea520-4ff9-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=fb4a22dc-f660-4835-b1d4-b4efa8040a77
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 8E29 0
104 B 376ms
161ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D384DE40-1725-4B49-89C6-3C3B3834E1B4&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8E29
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7671775173584101106&gdpr=0&gdpr_consent=&us_privacy=

1 B
175 B

83ms
83ms

Image
text/html

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7671775173584101106&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 10 Sep 2023 16:43:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7671775173584101106&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 10 Sep 2023 16:43:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 531A 222 KB
62 KB 285ms
85ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 531A 15 KB
5 KB 638ms
439ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 531A 94 KB
28 KB 614ms
415ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 531A 5 KB
2 KB 634ms
435ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 531A 40 KB
13 KB 635ms
436ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 531A 14 KB
1 KB 279ms
96ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Sep 2023 16:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Sep 2023 14:44:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Sep 2023 16:43:54 GMT

GET
H2 200 id_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 531A 3 KB
3 KB 438ms
243ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id_bl.png

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ae13b71858a87ad4bc380bdef4e898ac788c7718f7d2d0179d98654336e4e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 15:41:19 GMT
x-content-type-options: nosniff
server: cafe
age: 3755
etag: 15001402165733243786
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3015
x-xss-protection: 0
expires: Mon, 11 Sep 2023 15:41:19 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 531A 344 B
402 B 369ms
174ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 13:47:11 GMT
x-content-type-options: nosniff
server: cafe
age: 10603
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 11 Sep 2023 13:47:11 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 6C8C 222 KB
61 KB 352ms
193ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 6C8C 15 KB
5 KB 440ms
439ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 6C8C 94 KB
28 KB 441ms
440ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 6C8C 5 KB
2 KB 451ms
450ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 6C8C 40 KB
13 KB 452ms
451ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6C8C 4 KB
1 KB 238ms
96ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Sep 2023 16:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Sep 2023 16:10:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Sep 2023 16:43:54 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6C8C 344 B
714 B 247ms
89ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 13:47:11 GMT
x-content-type-options: nosniff
server: cafe
age: 10603
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 11 Sep 2023 13:47:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E9F5 0
0 126ms
126ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2K3K-VOF7WfY5uUfooId6AjuHeIclGDQgyFINxow8m4C7JbDPePGptDKS7Cs8-JGqraw8z8RfEtQ3vkJfZy5y5o4SDZresGR59byIwNwYZg7zaWF6-fMZJ3lG1bJHjEK8-EUwVm74czsqi8N1z7dlmYJ1Rt_K3fdoFKpieeXcM7HS0OF9fF8RafIdBhbOIerbHC8idNEOd2vJPjSemFukGJu0CM5YSgy5LcAg8jEs1YP3LSy8Ooay7rr7Hu76PjWv58IiY2uz3jzU4CI03IGzqYuqy4xeD4xLndH_5LJoWtxRxClEj9cXCB7tH0TyBFLQIl-jkZdcwMEVdLo_o4RaxP0rNg90pg&sai=AMfl-YQoC_k09AnFa6TQJZD4tYRCp8KdqdkH7X2p_bmFzZaiaEkR1XjVTdLf6Tw6b8aLE5byfUBTmo8tDYB4kJyiBTgoaSMX0IzMQxuQIEDvGuZql6oaGrJbVx5C7Go8fIrfG-r61bDgRms69uKUIKI1&sig=Cg0ArKJSzKM9ugHK91miEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 16:43:54 GMT

GET
H2 200 viva.co.id.1502504.js Show response
jsc.mgid.com/v/i/ Frame E9F5 3 KB
2 KB 222ms
75ms Script
text/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/v/i/viva.co.id.1502504.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d52fe1e91f101463bd33b85c8ad466633a02acbd84ad18544c4d565452d63ff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
x-amz-version-id: MRyMGTYoJRPG4boqnXtuTDo3b1eAd32B
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: AG3J2VH4GSJZVQZN
age: 2718
cf-polished: origSize=2682
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tEXw0PshGuhSZ14R/0eW06hKEQRZItmu8INfCqjVeJzVnjknRuaWUnjl3UO2f6OHlOHLQimJREc=
cf-bgj: minify
last-modified: Wed, 30 Aug 2023 09:39:04 GMT
server: cloudflare
etag: W/"30c084eac8a19d9f295460c4201c1275"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 804921f2786db50b-OSL
expires: Sun, 10 Sep 2023 19:43:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9F5 181 KB
57 KB 291ms
102ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:43:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 735C 0
0 127ms
126ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzyec69gw1K3O7t2Zwl1neUYYN2w-aVXcvJnpdsrnJVDKi1yguLEP6aUN9Iz4vLKeazzChkYzh29S_hAhMIjf4V20JId0aYxWpKM9OkvwayRnoKSeJ0K7KudTSveCNyrp1nQGLuQnMwywR3q2eMHT2QZNUIWMWlv1h8x32eHXQSR_TWh1F8v1YswJB825YOvGxEC-6JoEQowMmajKABvG2V5yJyMwiIH2X62XvVnCYVmzLeirSnVyBeiKS9hth5T7KzPd4dNnlCDKcnE4qPvBZL-RSJM6S43uQenduSGXO9e2QjY7fYnhRHjgaoxgTGAaR1W8HcsJmKva_Fv_MKq4jl-XIeg&sai=AMfl-YS8SRpf2fFF7Pr5OZOq1eQwh-wTpO_JaPR4y_3-qRXYtDi2FN4EbEzuThFbSi8qtO8O4Pc0I1IEk_JCE3b0Ps5IiYVE8rOxM971Sq791SKRJrnURVINsfhDeCuaq1Jao_u6ronlXeBe-CT-XN3-&sig=Cg0ArKJSzFkiySurd4F5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 16:43:54 GMT

GET
H2 200 viva.co.id.1518407.js Show response
jsc.mgid.com/v/i/ Frame 735C 3 KB
1 KB 245ms
113ms Script
text/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/v/i/viva.co.id.1518407.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6077c60418bb7ad5d44d83ab10ae0c0add571202e2c67ca7974ed2f12b951f1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
x-amz-version-id: QKh56NDRJ.KHJ06T6XEj7lX2QOEyxrTk
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: E479E99PNZ40V0X1
cf-polished: origSize=2682
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eiJCPxrIPCvCTPXsnWGWe8+3NjsQTyBgaJ6gGyRSQGvgv3joYyxIpplDlhzKEedFsRA46qowRXY=
cf-bgj: minify
last-modified: Thu, 07 Sep 2023 08:49:04 GMT
server: cloudflare
etag: W/"8ebd9664c52c7241dc2a8b1e486a1463"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 804921f2786fb50b-OSL
expires: Sun, 10 Sep 2023 19:43:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 735C 181 KB
57 KB 418ms
243ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:43:54 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 7151 222 KB
61 KB 379ms
264ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 7151 15 KB
5 KB 456ms
455ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 7151 94 KB
28 KB 459ms
458ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 7151 5 KB
2 KB 469ms
467ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 7151 40 KB
13 KB 470ms
469ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7151 14 KB
1 KB 200ms
103ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Sep 2023 16:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Sep 2023 16:09:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Sep 2023 16:43:54 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7151 344 B
402 B 288ms
175ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 13:47:11 GMT
x-content-type-options: nosniff
server: cafe
age: 10603
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 11 Sep 2023 13:47:11 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 966D 222 KB
61 KB 404ms
302ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 966D 15 KB
5 KB 473ms
472ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 966D 94 KB
28 KB 474ms
473ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 966D 5 KB
2 KB 484ms
483ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 966D 40 KB
13 KB 484ms
483ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 210003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 966D 14 KB
1 KB 184ms
100ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Sep 2023 16:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Sep 2023 16:14:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Sep 2023 16:43:54 GMT

GET
H2 200 id_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 966D 3 KB
3 KB 318ms
267ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id_bl.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ae13b71858a87ad4bc380bdef4e898ac788c7718f7d2d0179d98654336e4e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 15:41:19 GMT
x-content-type-options: nosniff
server: cafe
age: 3755
etag: 15001402165733243786
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3015
x-xss-protection: 0
expires: Mon, 11 Sep 2023 15:41:19 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 966D 344 B
402 B 317ms
266ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 13:47:11 GMT
x-content-type-options: nosniff
server: cafe
age: 10603
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 11 Sep 2023 13:47:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7611 0
0 127ms
127ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDwE8E7eXH9oS9ooLWCAkO5ZLJ-sAPo41bq8NQrcOMKHV0zDkj8tdrN0Qi117nxG9Rz6Caqw5sYyJBAj9d8Zh8sXQSb68xg7onkjL5logDS01guUpgoYMIsd6rv6N14qWO1PsXiIhiMPCOkAdMrZ4DkQ6xh0NW393xSpMLamx4FNh3qZR3mMTVrqKnvgkJADuyU8g2pLIUHFO0AYjoMDSB0as8FzZtwArcX9aJZCFJGZ5qBMHiAfjEPcyq_VC4I48FfN2VaME6MGpbJllXOOgtc7XRbCA6Gbv1SBNj4ybDyRQNtkwVS7NRD7O8grG8EhxH507TiPRME5wWb3EuTFsIO-zpqA&sai=AMfl-YQdJQ0eH7ozzf4zk_ZaRLvezpg-GMgO3m9wDFqshE1kFF-AvW6VI3qIpLIeTmoZItopmHTEnP5KKeTXtLX8wz3IZ9IvdtdgdnkvUo6TyIftnS6F-DdsaFX8yPkah-afPZJGNWXXBZaurvn9JGH_&sig=Cg0ArKJSzDWlnTbMDWNSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 16:43:54 GMT

GET
H2 200 viva.co.id.1502516.js Show response
jsc.mgid.com/v/i/ Frame 7611 3 KB
1 KB 173ms
107ms Script
text/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/v/i/viva.co.id.1502516.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d4d49e704b4eca0b9d538be405efa78287fcba705adbdcd1e05f9b3a31d1a0b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
x-amz-version-id: giRyEbwNx4hDXQC.iig_mEqkz.APMPtV
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: HBS4HB6Q3XBQ66MB
cf-polished: origSize=2682
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: zU2xFVaMnNVX9XLa5GPzkDulburFR6Jk8OTRYU8d+xFGt6FJaFuFAXJH5wsmKXP23oqFbA7FGvEReky2shTovrbnuKd6FDEoMl2VDMSgdZE=
cf-bgj: minify
last-modified: Wed, 30 Aug 2023 09:38:49 GMT
server: cloudflare
etag: W/"a43d2752885f41d972e794e4a7ef7138"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 804921f27871b50b-OSL
expires: Sun, 10 Sep 2023 19:43:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7611 181 KB
57 KB 492ms
357ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:43:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D980 0
0 126ms
126ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsua3rgTT9Fplnx6sIlBPG2OWX5HZBVAaJ0_k-ErEJmRjOWTzZ4pUtavJL06VsI4KRvWDeO4CV79uzFVyyicDo4m1GEy4_98uys7XVGAuYdgc62y_dq5xEtawNa7J1VJqX11uMva7Gd9Lxsg_SXlk9EQozV2ipteLW9H7rnxLv6D9qn9ES02suqMykLeiyerVWa0ph-ciGBM6F_pYsA2QJV5fH35_iPE0PhcZ3MNKvstHW-MeGewYUbnKUVLD72aMADG_lz7saaYYUy3oqx5IUG7fex57_2S8GKSCEVh9KPnaCNr7VcBYQgphSjELfGZckiTzWMumrxSb_WAKgbBd5NAI1XjHQ&sai=AMfl-YQ1LiXp0ljiddjBqp0ItKUFjBXVS0cXwXd-r-0ltDUXptI58GA5VED3q6o8oUlQ4Ff6Ala7kBm15Frmj3HtXosQT1o66XvvTNYeiJnVNC3YOhCPqf9FoTNELNvByTeD--hEtfUQI08U4tKea_X2&sig=Cg0ArKJSzCA6hwU7V5okEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 16:43:54 GMT

GET
H2 200 viva.co.id.1502517.js Show response
jsc.mgid.com/v/i/ Frame D980 3 KB
1 KB 142ms
76ms Script
text/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/v/i/viva.co.id.1502517.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fcb6e71f614583adf37832324893e33b955b5a16134730d04c14a49130a9621

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
x-amz-version-id: l3O3f_x2h8x4CLU7UJ6CWL2UXlUBkZXC
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: PQKE74FX3E27W8SD
age: 4134
cf-polished: origSize=2682
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: EaNwoOdmf9v8ItJ6m/DtOYFQw/2m7/4OASPl/J0/Qw7vjOp6RGMfSDQdfT4hbVj570JcK/nwPNewRhuWNnORYcHKrJlXZM/pUwwF1poQsEA=
cf-bgj: minify
last-modified: Wed, 30 Aug 2023 09:38:48 GMT
server: cloudflare
etag: W/"ba85d5c409fb97fd148756167302ce19"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 804921f27872b50b-OSL
expires: Sun, 10 Sep 2023 19:43:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D980 181 KB
57 KB 440ms
314ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:43:54 GMT

GET
H2 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6C8C 3 KB
3 KB 151ms
90ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:12:08 GMT
x-content-type-options: nosniff
server: cafe
age: 37906
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Mon, 11 Sep 2023 06:12:08 GMT

GET
H2 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7151 3 KB
3 KB 229ms
176ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:12:08 GMT
x-content-type-options: nosniff
server: cafe
age: 37906
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Mon, 11 Sep 2023 06:12:08 GMT

GET
DATA 200
OK truncated
/ Frame 531A 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 531A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 406c0373a9c589659d1380a89f00e975262acf8c1d412ede9d971bc57eca2e8b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1868866822745859979/ Frame 6C8C 45 KB
45 KB 244ms
179ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1868866822745859979/14763004658117789537?w=400&h=209&tw=1

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4eadc0d16dd1095a58bfdc5ef0f296da63dea0dfb0e62ef822339ba082d4be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 09:22:21 GMT
x-content-type-options: nosniff
age: 199293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46410
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 10:47:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Sep 2024 09:22:21 GMT

GET
DATA 200
OK truncated
/ Frame 6C8C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6C8C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a32c00feaecc217d2fc108d5d13d616f10d17ceb81b06efa7a2c16dd84451ad6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13319547442022061798/ Frame 7151 15 KB
16 KB 149ms
95ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13319547442022061798/14763004658117789537?w=195&h=102&tw=1

Requested by

Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d214e2275413d796e8c4f3d4fa72cd0ae92f190284c4f8b943d8a2c4b7492d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:31:51 GMT
x-content-type-options: nosniff
age: 166323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15672
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 10:39:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Sep 2024 18:31:51 GMT

GET
DATA 200
OK truncated
/ Frame 7151 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7151 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7151 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88aa8698a8785d662c70258f7a4dbbc1639a7b6f511da83c022e8f11ce1b6249

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 966D 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 966D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f96a2ea3f0d57334fedabf2fd88c5725765513569cb298dba38fbb9784786fe

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 viva.co.id.1502504.es6.js Show response
jsc.mgid.com/v/i/ Frame E9F5 315 KB
96 KB 87ms
86ms Script
text/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/v/i/viva.co.id.1502504.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502504.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8578d5685b7f7d59663f65545acc754334b86cf272568f786d30029765c08805

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
x-amz-version-id: Jn6Mh9FFjDKIjY91iv4Mtr2eNJSeMcWD
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BFTVJ2TEXSWGSA53
age: 2718
cf-polished: origSize=322881
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gzhncJOHgCpgNpwE+qQAP5csNztoIHUNirFA1Y0qSxs8YLhLCj9dNsCKbGw0A9zatkIbpanDcCMi9MUVr3A5h5wzSmg5lqaA
cf-bgj: minify
last-modified: Wed, 30 Aug 2023 09:39:04 GMT
server: cloudflare
etag: W/"179f7009c81a996c67888e8e95c35988"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 804921f2f905b50b-OSL
expires: Sun, 10 Sep 2023 19:43:54 GMT

GET
H2 200 viva.co.id.1502517.es6.js Show response
jsc.mgid.com/v/i/ Frame D980 308 KB
95 KB 151ms
149ms Script
text/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/v/i/viva.co.id.1502517.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502517.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 902db84c9eca1d0f1feba25ce174d9ab0f01635723b878ba538bc1c2e2583a24

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
x-amz-version-id: m2aqCpu7R8XTMsHpculPQZpALuiBXfK5
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: GP350WDTYSFTDG9S
age: 4134
cf-polished: origSize=315630
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SH5C++CorL+DVEHgXsWwc5+0HtUuT11H0xUNPMhyD6qyPZi3fu919MsDv3kLmreqsJ4hHHylS4mWNseyt+PA6A==
cf-bgj: minify
last-modified: Wed, 30 Aug 2023 09:38:48 GMT
server: cloudflare
etag: W/"2cea6f7fb459fe4b4f2a67429ae2be0d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 804921f2f907b50b-OSL
expires: Sun, 10 Sep 2023 19:43:54 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 531A 33 KB
33 KB 366ms
182ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 128393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 05:04:01 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjEUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 531A 8 KB
9 KB 431ms
248ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjEUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46db770dbf6ef751fb2774a62943c97bc007b3508771f3a07f2221bfa5d89bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:45:11 GMT
x-content-type-options: nosniff
age: 449923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8608
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Sep 2024 11:45:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6C8C 16 KB
16 KB 268ms
86ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 137325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 02:35:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6C8C 7 KB
7 KB 496ms
314ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713780d8b30bda5583052ea847cdcb4f2956c2ac5ff38a7e538ba8f14ad1043e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:57:25 GMT
x-content-type-options: nosniff
age: 254789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7016
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Sep 2024 17:57:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6C8C 15 KB
15 KB 288ms
107ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 218222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 04:06:52 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7151 33 KB
33 KB 503ms
324ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 128393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 05:04:01 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjEUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7151 8 KB
8 KB 485ms
306ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjEUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46db770dbf6ef751fb2774a62943c97bc007b3508771f3a07f2221bfa5d89bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:45:11 GMT
x-content-type-options: nosniff
age: 449923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8608
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Sep 2024 11:45:11 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 966D 33 KB
33 KB 435ms
259ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 128393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 05:04:01 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjEUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 966D 8 KB
8 KB 472ms
296ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjEUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46db770dbf6ef751fb2774a62943c97bc007b3508771f3a07f2221bfa5d89bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:45:11 GMT
x-content-type-options: nosniff
age: 449923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8608
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Sep 2024 11:45:11 GMT

GET
H2 200 viva.co.id.1502516.es6.js Show response
jsc.mgid.com/v/i/ Frame 7611 314 KB
96 KB 246ms
245ms Script
text/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/v/i/viva.co.id.1502516.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502516.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebca8c9c04858bf97fd85df0605c2e78629439fce623b49aefdb4b943e8e8441

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
x-amz-version-id: QHKbcGmA66ICZrfJtPmbDBM6djaoA2oR
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 1NGP3HNPSA533P1A
cf-polished: origSize=321332
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5i+qxg2MPDPC4Rhq3klgL6m15cL0d8Sjen89wzkxyGwITNk4q91aafmETlrcqWCHBgDSaCloNBQ=
cf-bgj: minify
last-modified: Wed, 30 Aug 2023 09:38:49 GMT
server: cloudflare
etag: W/"0e34e8d78f56588ce11b5a3c9e3dd606"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 804921f32920b50b-OSL
expires: Sun, 10 Sep 2023 19:43:54 GMT

GET
H2 200 viva.co.id.1518407.es6.js Show response
jsc.mgid.com/v/i/ Frame 735C 310 KB
95 KB 117ms
117ms Script
text/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/v/i/viva.co.id.1518407.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1518407.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 636eac7480c3d2a450f44d3528bb66b1b700bfd04e95f6da468db49f4d4e1e1f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:54 GMT
x-amz-version-id: .6bwZ5DJIIP6R6g5elRncyF1Pgr.IN7B
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 8NH4F0XGM8MZP81G
cf-polished: origSize=317180
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: QJ0/po1zNvKbhNYlBLnloDa14U4sps0L6uxZm92V0MsnRkyOhE8laVP1mA0tkeAMRd7rEbnGZVMfPons/fpl7sKiTgKc0jTey3/JTkwxzMc=
cf-bgj: minify
last-modified: Thu, 07 Sep 2023 08:49:04 GMT
server: cloudflare
etag: W/"3c2df2095cc823c125d9fb752e775482"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 804921f3292ab50b-OSL
expires: Sun, 10 Sep 2023 19:43:54 GMT

GET
DATA 200
OK truncated
/ Frame E9F5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c32b247e000dda2bb418e98bdd6b7cdd70fdc8fef0696150e4dc9f1f4b8ebd1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 52f53c9f-6498-44a0-abe2-3e001f3eb81e
https://www.tvonenews.com/ Frame E9F5 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvonenews.com/52f53c9f-6498-44a0-abe2-3e001f3eb81e
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK d639b5d7-a399-4096-b752-0533ea2c1d27
https://www.tvonenews.com/ Frame E9F5 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvonenews.com/d639b5d7-a399-4096-b752-0533ea2c1d27
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E9F5 0
0 302ms
128ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtCAtNsOJji8vBs2ETwqq31IUxoLgyha7nws4d3JcijEABA5eTZ1i-PCEOC-FXUDVRWQqEEriSDMgV2uTxSaWgmc2mbp55WDWPs41CcfTk3If-WeemkwIe8MSMLpmplwdmOt0avIfCR_5m91ylt1tpg9ekFAGMzCp1sJ3iIiVtDXRsEolYkUKhShxwU2gq057kaAUOh2nTs1MKTbDqlOPE1uZIDFMCTrNGt-ELaGHZcpnEg6fmB_Ong1dXq0OUgCtu0yXzTatHg42bKErVnsxPNADuxZjAcM5ASUWeCBKT6mg2DY8ZjT6j1nVAyezK3xl6QF4ZpBocMtC2KrKohH1IOg_qlE5X84zt&sai=AMfl-YSIesv7Na7P_F593dMaTfjQPZQLMNNMqol-CCSQO7YZsq-uDZ_AudhH6Fg9hj_1_K8u_0E27Mx9a42AqykC7N9j5Ilm31mjky2NL56ygJYYFUBYqKfs_W79MVtwEMRpXT18H4GR_gFV8gPP2muV&sig=Cg0ArKJSzKZqvzJzTtwbEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 16:43:55 GMT

GET
BLOB 200
OK 669924d2-4d30-4ccc-a444-489e9ed6da5f
https://www.tvonenews.com/ Frame 735C 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvonenews.com/669924d2-4d30-4ccc-a444-489e9ed6da5f
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 6ea433e3-1b41-4da0-bbb5-77d104af7d8d
https://www.tvonenews.com/ Frame 735C 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvonenews.com/6ea433e3-1b41-4da0-bbb5-77d104af7d8d
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 12cc50cf-19fe-4351-8d52-49f0b615b95b
https://www.tvonenews.com/ Frame D980 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvonenews.com/12cc50cf-19fe-4351-8d52-49f0b615b95b
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 780adddc-b293-4099-9c38-38597778a98b
https://www.tvonenews.com/ Frame D980 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvonenews.com/780adddc-b293-4099-9c38-38597778a98b
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ Frame 735C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 836f67ff6861b09ce118ff2c018caa1cb0a5ac73717cb0ad908304327addb25e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 735C 0
0 245ms
135ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqPejohLknWFDh56_ChUy0T-O7I8xEDLepFXqJDLS88PfJho3kzm4TtcC_ohvzWF2hu_98_Ww-tez4-ugQVkRCBz2rxiIiQqdPG7BNkZpvtqJLDV0pxI8fsP8oUWEbXvd4s2FROLJMb-fIazB7N8ZAxhsKwOTLYFCfluQ1C9ez9huGL3H8ndnQuhvKcqIBiVSnAEimm56ydJeJmXEH2l_JcU0D6_1QVTkQcEVyF7y0RhO7MDerknOgM20CXgQwbcth4ycbWA6Fv0mv5avBY5NauD6Qc9f5z9BZEXwuxSVMtEH-F_8kbvRrm6oGXO6eC0By3QVvMXy2M7SaTBuvSr-9VNP3KQpx&sai=AMfl-YSjjH4xgwsmSIoSBNbUD-QdzSIjZzVWmcRLrWQL85BpnkAJfyecnE8D4fCV_LVp9hRL0K2xSLbRxtbpmhIPfEsOnC6ieHmKKlWnjHfwMP9MTqRsAhhJLs5u7nrRvIJ_r6o29U1Djp8tQKCcfRvV&sig=Cg0ArKJSzAV_6n5bnQPbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 16:43:55 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D980 0
0 146ms
124ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLLpAvTjS5ZL1wkRozALKKDNz5-lD2cKY1xMix-a_pSJxCqeEEGb8dHcEXRgeQNp6UH4HAEMK7uW615_CcnkTP403kd3Y9-1jRvo-ITFDJntXVnsev3V-FmEbumM1OXPlQwJQhRHVk5YK1uTe_tvYPeIFLlHt10sIypg5wgLYGz_aiTJ-4WpJuGiMIL4R590ysj-uDKwLbshp-9eOLd3Cz9_1ELr7OzO7Wc5pZw7N1mN6ByoHh_iFUK_J98qXiU7jA756AWt80IPMVi_hsCUzf52i2Vk-0oRWptM129g5B-96m_nctdT41cWzP8XxRCnjjgvjtpt_nCstXEuAVbpr6Q5BeqyAn&sai=AMfl-YRpdaaFhdX1HY-NejzyYPjzMCA7Zyu8xZZMChmlFgMXG-ahtQLC6aF0dhGp3Fv5BbqzWjFtWEL-E5ZWL-2gv_1bs-R6ctYMvnVcN_TYlR0R4xXjOv28dYN13w40IzxH1Ve4o7LIawWYRGO15oRb&sig=Cg0ArKJSzA0PRCt6DsO-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 16:43:55 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 531A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

286ms
97ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H2
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Redirect headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 966D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

294ms
106ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H2
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Redirect headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
BLOB 200
OK 0b03d37b-2bbd-442b-b0b0-a97b2b42c49f
https://www.tvonenews.com/ Frame 7611 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvonenews.com/0b03d37b-2bbd-442b-b0b0-a97b2b42c49f
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 922caf7e-6804-43cd-a3c5-696fcc9616f9
https://www.tvonenews.com/ Frame 7611 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvonenews.com/922caf7e-6804-43cd-a3c5-696fcc9616f9
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7611 0
0 127ms
127ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbzSqx_kKlyg5M4dNYkpgdLaluRAxQjG1KZSuhVQwsfST9VlopjGsU5YWGs50TO8DPfkScTm8bocYwJjAAIegzwmLt0FV1nKfDHcopcos_M1aGqd2ZiDaW8k7L4VMPr6iwse24x57C0I1XdjYcsfvFy1ooS4yjRoNFOtvxjGXdnBercvefy-kltl31WIi4jfRCNjJGW4U1xEa6IQ9z9yX7FPN1N1fcJtl6WdBsL74d0UnEFZp_xqJVBc1hrW77UbNQeupep_IEZgM1ec4whFYDaSFewIG-lmP5HDPFLQ3JaCWQAfMZTI9HGNv9wGQ1WZvPLlwmaeQ3cMrV9YuIu13X3MsHaEpQ&sai=AMfl-YQa689b8eXzCnxV4Wq9UJgEmzwVeZqTctlnI-8TeOvrJ4Fb2HKmUoGjAqGrJbUsyXeR0ZMQ4HEKjx62NHGKI230HPtX6QlGxy3X7H9tPiN9RTJhRpO0q3qHMrNuigFJ-PRa6077UgyCyJoimmIg&sig=Cg0ArKJSzO4QrLwhjnjvEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 16:43:55 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 531A 0
0 132ms
131ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJrBySfL9ZMTYKrv7x_APwu2o6A2O6YbrcsCknv79EfzmzK6AMBABILmhuSlgrQKgAYyz6dYDyAEGqQIjJU6Pg_OxPuACAKgDAcgDCqoEuQJP0CpmpPEnnK1SVpsSLt0tZ67OKG0HQdlk5p0JqCT78eZFeT9N2vahaUiumRGJPiR42c0fHRhh5nqI6Vjq_3c0YZPQ1Fgu1EC6T-EaRO4a9HzCKVf0OZDE1hyK48q7ZhgINOvOK0VtDDSqzdqk2ABtSID-bEv5M9bAZZaD_tydfz46jVcoJDU4nacnhPykb-JDpqAr2pT3__dhebGbfRyOdzNsd7gv636LKKmS8nv6tEUKReDv4f5DmVYLuUiNUdEF7vBojWT2sopP83IZgAwkwMCBmyKtdY5uXb4htulB2sKAk0TdD8hI6g-gAT6NS3mbFOvc0nQwzthl1av7Tel7Q_Nh-ACG8xK97WC8AW_Sor3La4Iuwpd5ZWc9K8hAPB62kjBNu5QYxsLRLwJ8Q5z7XPYjy0A3-lpSwAT1jbDCpwTgBAGIBcrGyLEFgAfczJYpqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQinHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mglFaHR0cHM6Ly93d3cucGV0NHUuZ3IvZ2F0ZXMva3NpcmktdHJvZmktZ2F0YXMvaGlsbHMtc2NpZW5jZS1wbGFuLWVsLTMvgAoDyAsB2BMDiBQB0BUBmBYBgBcBshceChwIABIUcHViLTU3ODkzNDkwNzg1NzUwOTMY8aQU&sigh=xuFve_Civsw&uach_m=[]&ase=2&cid=CAQSTABpAlJWoUY5G4Tx2WopaXITPCSpVoMp-manuxLOC5dXj_p8Ln51PZhzNIbjavZ0FyWk2yIMc2GvNFBnmJj1Wxg7GRMNcHzFj1XoXKUYAQ&template_id=492&cbvp=2
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 /
c.mgid.com/pv/ Frame D980 43 B
137 B 106ms
96ms Image
image/gif 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/pv/?lu=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&cbuster=1694364235431229844255&pvid=18a7ffa76a78a2b0342&implVersion=11&cxurl=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&site=524861&i=1&scum=%3F0&scuw=%3F0
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 804921f7acd1b50b-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6C8C 0
0 134ms
134ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf5YgSfL9ZMbYKrv7x_APwu2o6A2O6YbrcsCknv79EfzmzK6AMBABILmhuSlgrQKgAYyz6dYDyAEJqQIjJU6Pg_OxPuACAKgDAcgDCqoEwAJP0Pzqj0vvnaqWvDFjVAI4gbMfG2hhLOtXNCAbqZ1VpAVgbI70SzPIJX1w_6SM1dD7na4SpV-231p4UFV8VDKE3RvaRk6Kc6NHgY-lVkbq6sAcrgbIRd93J_dZOgZxJfwnyVE-qqX94bhNgvWIaADDFB9SPeCigxy7HNKmXDPU9hCRRBkBPaH3ZpnmBfS0P-APHC_POWIE-scsUqV4qaWX-1wgRl6557uE54qs-N6lzVuBuIKLmbz8cOizCRpM1KD4EsbY1wjfc_K7LjhjzchlnctUKpROW6e9X_Q7Y9kG2fZNCMGZm22VQwsqwWqJJEdofBiOY0qTDHwCUJ21ZB0SkH_zof2MtBlKhtr_U1EtZPI5BgUCuzZ2k8hQWWRZzFBvvzpNlrz_xviN2HkdmnAGxsljUTf_zBksNICKJ0k5P8AE9Y2wwqcE4AQBiAXKxsixBaAGLoAH3MyWKagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEO2OAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCUVodHRwczovL3d3dy5wZXQ0dS5nci9nYXRlcy9rc2lyaS10cm9maS1nYXRhcy9oaWxscy1zY2llbmNlLXBsYW4tZWwtMy-ACgPICwHYEwOIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTc4OTM0OTA3ODU3NTA5MxjxpBQ&sigh=zNY8XT1xHmI&uach_m=[]&ase=2&cid=CAQSTABpAlJWoUY5G4Tx2WopaXITPCSpVoMp-manuxLOC5dXj_p8Ln51PZhzNIbjavZ0FyWk2yIMc2GvNFBnmJj1Wxg7GRMNcHzFj1XoXKUYAQ&template_id=5000&cbvp=2
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7151 0
0 135ms
135ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CW0zUSfL9ZMrYKrv7x_APwu2o6A2O6Ybrconu7rnpEfzmzK6AMBABILmhuSlgrQKgAYyz6dYDyAEJqQIjJU6Pg_OxPuACAKgDAcgDCqoEvQJP0NZNExRGOQAPjZIfnEdK6lDqQkZitLJHLTjPhDLwRWiU_P40Y3OSZq3_t6vcqQBqBdLRniTpJoTf7RjHs5ROiWgHzZdE2iEmwqQPDLY76ePSLNSS56Gd-WdYhOgPr_kZOMjrv9qdCI7ki1vdlgizL8InY5WTUSFokX6RQq0zIMlOGwqUTkAWfjGNaN_GH3eBTmCt6vthsVMuQzfPCQaqBB-3ws2FZNEM6TIHchk7rfuTk3F4QLT20ASmV1iCQye1N9jNQ_sLyvBWNZ1MaonTOyRPjmmMNX8GiRPB7JxfSmHsa6O5JHH6qVAbOXOxs45kTuG22e2Jx--ayrqEJUVE0wtaweIOotP8E_np3-C2INIscfv5MPKLnJdUU4tYcg6LgywTj4JSEjmvWLIEql3kcVi-6v5QNgPfyhtUUMAE9Y2wwqcE4AQBiAXKxsixBaAGLoAH3MyWKagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEJA10ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJRWh0dHBzOi8vd3d3LnBldDR1LmdyL3NraWxvaS9rc2lyYS10cm9maS1za2lsb3UvaGlsbHMtc2NpZW5jZS1wbGFuLWVsL4AKA8gLAdgTA4gUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi01Nzg5MzQ5MDc4NTc1MDkzGPGkFA&sigh=ViXe-zDwMqY&uach_m=[]&ase=2&cid=CAQSTABpAlJWoUY5G4Tx2WopaXITPCSpVoMp-manuxLOC5dXj_p8Ln51PZhzNIbjavZ0FyWk2yIMc2GvNFBnmJj1Wxg7GRMNcHzFj1XoXKUYAQ&template_id=5000&cbvp=2
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 966D 0
0 132ms
132ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ_FrSfL9ZMvYKrv7x_APwu2o6A2O6Ybrconu7rnpEfzmzK6AMBABILmhuSlgrQKgAYyz6dYDyAEGqQIjJU6Pg_OxPuACAKgDAcgDCqoEvAJP0PdeOD3o1ctRpSVPDPadgmbp2_GdHrr3KIcgANVXtxmUrdb9VjtUiBkOPntexjpjy7Stj7l4XCWlzf4LSbWYEbf1Z7XIyFqFHufpBKCLmjPK6sRsuOffwWBEIUe9JgMlsxmgAnL8mV45OXAkKaIV4X6KZohTUr6l4Mw58n_3-WAw9r3X-MCu1sUad2lTPh2otr8bHpJwsl9cG6xUUKnmZnVlDNRfqama2An4UaU6r5sQP_RBSetOFQfUKSzJ_Lk7eco98PvYtSVmcOEClx_lRPQtXto0GWwk0Yhk_WQnQFHQhCTYeEl_mDvPNoERACgFjvaFdxQZoWcfW4PmjjmkXZaLDUt_kEcKpg8F1JcibIDxl96P7MX8darxz8UU-zbwGNrR9z6dvvjhBUUIvQ6q_ej1iCE2w670uhaDwAT1jbDCpwTgBAGIBcrGyLEFgAfczJYpqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQp0XSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mglFaHR0cHM6Ly93d3cucGV0NHUuZ3Ivc2tpbG9pL2tzaXJhLXRyb2ZpLXNraWxvdS9oaWxscy1zY2llbmNlLXBsYW4tZWwvgAoDyAsB2BMDiBQB0BUBmBYBgBcBshceChwIABIUcHViLTU3ODkzNDkwNzg1NzUwOTMY8aQU&sigh=1amohQA-s40&uach_m=[]&ase=2&cid=CAQSTABpAlJWoUY5G4Tx2WopaXITPCSpVoMp-manuxLOC5dXj_p8Ln51PZhzNIbjavZ0FyWk2yIMc2GvNFBnmJj1Wxg7GRMNcHzFj1XoXKUYAQ&template_id=492&cbvp=2
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
BLOB 206
Partial Content b7341722-e931-45af-8b9d-034f9b4afd97
https://www.tvonenews.com/ Frame D980 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvonenews.com/b7341722-e931-45af-8b9d-034f9b4afd97
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 4c027c1c-56b9-4cb7-b044-99f57796b71f
https://www.tvonenews.com/ Frame E9F5 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvonenews.com/4c027c1c-56b9-4cb7-b044-99f57796b71f
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 536de647-9d18-402e-aab7-6147ff6130a7
https://www.tvonenews.com/ Frame 7611 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvonenews.com/536de647-9d18-402e-aab7-6147ff6130a7
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame D980 2 KB
992 B 90ms
80ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BMS2JTQQHWBDN39N
age: 3533
alt-svc: h3=":443"; ma=86400
x-amz-id-2: itZtl/vncvcRl3RoPVhXerIphKTDQdl/P4V3JLIGOpGgPpKAtk6qw8GTCLFwy+LbMB6dIQXcAKI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fa0ee2b50b-OSL
expires: Mon, 11 Sep 2023 16:43:55 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame D980 836 B
581 B 89ms
79ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: T51QQMMBAGNGBFRK
age: 5219
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3FdLqR2y529F/4/kuef/T473JVS9mY81bSHJ+sgya9RLwuyZIh6qIzPMpWWqjoymYMeyoTsOEIs=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fa0eddb50b-OSL
expires: Mon, 11 Sep 2023 16:43:55 GMT

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame E9F5 2 KB
1 KB 84ms
78ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502504.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BMS2JTQQHWBDN39N
age: 3533
alt-svc: h3=":443"; ma=86400
x-amz-id-2: itZtl/vncvcRl3RoPVhXerIphKTDQdl/P4V3JLIGOpGgPpKAtk6qw8GTCLFwy+LbMB6dIQXcAKI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fa0ee0b50b-OSL
expires: Mon, 11 Sep 2023 16:43:55 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame E9F5 836 B
581 B 86ms
80ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502504.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: T51QQMMBAGNGBFRK
age: 5219
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3FdLqR2y529F/4/kuef/T473JVS9mY81bSHJ+sgya9RLwuyZIh6qIzPMpWWqjoymYMeyoTsOEIs=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fa0ed9b50b-OSL
expires: Mon, 11 Sep 2023 16:43:55 GMT

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 7611 2 KB
992 B 81ms
79ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502516.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BMS2JTQQHWBDN39N
age: 3533
alt-svc: h3=":443"; ma=86400
x-amz-id-2: itZtl/vncvcRl3RoPVhXerIphKTDQdl/P4V3JLIGOpGgPpKAtk6qw8GTCLFwy+LbMB6dIQXcAKI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fa0edeb50b-OSL
expires: Mon, 11 Sep 2023 16:43:55 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame 7611 836 B
887 B 80ms
78ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502516.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: T51QQMMBAGNGBFRK
age: 5219
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3FdLqR2y529F/4/kuef/T473JVS9mY81bSHJ+sgya9RLwuyZIh6qIzPMpWWqjoymYMeyoTsOEIs=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fa0ee4b50b-OSL
expires: Mon, 11 Sep 2023 16:43:55 GMT

GET
BLOB 206
Partial Content 47555de7-0c9f-4ad5-8d4e-6c2d89702d6f
https://www.tvonenews.com/ Frame 735C 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvonenews.com/47555de7-0c9f-4ad5-8d4e-6c2d89702d6f
Requested by: Host: www.tvonenews.com
URL: https://www.tvonenews.com/liveHidup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 735C 2 KB
992 B 74ms
74ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1518407.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BMS2JTQQHWBDN39N
age: 3533
alt-svc: h3=":443"; ma=86400
x-amz-id-2: itZtl/vncvcRl3RoPVhXerIphKTDQdl/P4V3JLIGOpGgPpKAtk6qw8GTCLFwy+LbMB6dIQXcAKI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fa6f4db50b-OSL
expires: Mon, 11 Sep 2023 16:43:55 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame 735C 836 B
581 B 76ms
76ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1518407.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: T51QQMMBAGNGBFRK
age: 5219
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3FdLqR2y529F/4/kuef/T473JVS9mY81bSHJ+sgya9RLwuyZIh6qIzPMpWWqjoymYMeyoTsOEIs=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fa6f50b50b-OSL
expires: Mon, 11 Sep 2023 16:43:55 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 325ms
136ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47267e7d7cc4b62a961cea7cf61b509f1ddfc366413efd6bcef25aa43ee65bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11732
x-xss-protection: 0

POST
H3 204 rum Show response
www.tvonenews.com/cdn-cgi/ 0
143 B 76ms
68ms XHR
text/plain 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvonenews.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tvonenews.com/liveHidup
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: application/json

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.tvonenews.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 804921fa4fd3b4fa-OSL

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 96ms
96ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=635275443&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&ul=en-us&de=UTF-8&dt=Berita%20Hari%20Ini%20liveHidup%20Terlengkap%20dan%20Terpercaya&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=25&_utma=262966473.1507014758.1694364232.1694364233.1694364233.1&_utmz=262966473.1694364233.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1694364235866&_u=aEDCAEABAAAAACAAI~&jid=1174201634&gjid=34404600&cid=1507014758.1694364232&tid=UA-158515037-1&_gid=628265870.1694364232&_r=1&_slc=1&gtm=45He3960n81MM6TCTH&z=1614694360

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3d0d37959dad87c91b0c04733e2b7aa2c0e900613206e8f331ab0a8e90da3704

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tvonenews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM6TCTH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Sep 2023 15:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3572
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 10 Sep 2023 17:44:23 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1502517/ Frame D980 1 KB
919 B 141ms
132ms Script
application/x-javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1502517/1?mp4=1&ap=1&w=0&h=-1&wrongImageSize=1&sz=0x0&szp=1&szl=1&cols=1&lu=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&cbuster=1694364235876362549675&pvid=18a7ffa76a78a2b0342&implVersion=11&cxurl=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&scum=%3F0&scuw=%3F0&uniqId=12c7a&niet=4g&nisd=false&pv=5&lct=1693353600&jsv=es6&pageView=1&dpr=1&ref=&tfre=1358
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502517.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec5c663243b64884f568ef5990118797c6df510ecf9b7df894587c3323cc36c3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 804921fa6f5eb50b-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/1502504/ Frame E9F5 1 KB
928 B 132ms
125ms Script
application/x-javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1502504/1?mp4=1&ap=1&w=300&h=250&ident_p=true&sz=300x250&szp=1&szl=1&cols=1&lu=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&cbuster=1694364235877385190905&pvid=18a7ffa76a78a2b0342&implVersion=11&cxurl=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&scum=%3F0&scuw=%3F0&uniqId=0160c&niet=4g&nisd=false&pv=5&lct=1693353600&jsv=es6&pageView=0&dpr=1&ref=&tfre=1429
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502504.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e03f6f434f20dfe8dec77524a1380c1ca869461dcc78cd34bdbc96a08bfe70d4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 804921fa6f59b50b-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/1502516/ Frame 7611 1 KB
984 B 123ms
121ms Script
application/x-javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1502516/1?mp4=1&ap=1&w=0&h=-1&wrongImageSize=1&sz=0x0&szp=1&szl=1&cols=1&lu=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&cbuster=1694364235882315733573&pvid=18a7ffa76a78a2b0342&implVersion=11&cxurl=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&scum=%3F0&scuw=%3F0&uniqId=15c03&niet=4g&nisd=false&pv=5&lct=1693353600&jsv=es6&pageView=0&dpr=1&ref=&tfre=1375
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502516.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5efea218bc4ad976a9c73daa5a1b226289f60622beb0eaf63b9cfc7f62e6b73d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 804921fa7f60b50b-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 200 viva.co.id.13.js Show response
js.content-rec.com/ 22 KB
6 KB 238ms
83ms Script
text/javascript 2606:4700:3037::6815:2eaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.content-rec.com/viva.co.id.13.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502517.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2eaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db787c2c73ad2f3be8bffc511bae84670c56adf3dfed13bd33c3a03624b365bc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-id: osix-hw-edge-gc4
date: Sun, 10 Sep 2023 16:43:56 GMT
x-amz-version-id: QwMo9ac5aG6FjytmSA3ujoo6ADHp0Vz0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: AB11EX7M9VT77CFM
age: 4677
x-amz-server-side-encryption: AES256
x-id-fe: osix-hw-edge-gc4
alt-svc: h3=":443"; ma=86400
x-amz-id-2: DOJcrRkXTxwYFprVZ6svzhtpEUjqtUjc9rCiszLS+u6/Rriwzna+XIIuYrgb2YBg5nn7LDkAaK8=
last-modified: Fri, 24 Mar 2023 07:10:56 GMT
server: cloudflare
etag: W/"ef68df7838443454af2868fd9a4e03e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0f7XBHQGfzDOVMwKGPTB3sfXZpIZSNsFho2bvgrXhG4bAxb1IG6oItZpL60PHtD2%2FO90FIX9rvbX3kuR%2Fg5lk28BR2UaLrhoTfeyR4RDmUfHlY7FWa%2BzBLgzujX8a4mjKWmP2gMGdUiGRYmtxttF%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache: MISS
cf-ray: 804921fb6cf556b4-OSL

GET
H2 200 1 Show response
servicer.mgid.com/1518407/ Frame 735C 3 KB
1 KB 117ms
116ms Script
application/x-javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1518407/1?mp4=1&ap=1&w=160&h=600&sz=158x190&szp=1,2,3&szl=1;2;3&cols=1&lu=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&cbuster=1694364235913634694854&pvid=18a7ffa76a78a2b0342&implVersion=11&cxurl=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&scum=%3F0&scuw=%3F0&uniqId=0ec4c&niet=4g&nisd=false&pv=5&lct=1694044800&jsv=es6&pageView=0&dpr=1&ref=&tfre=1448
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1518407.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16243c9511462485fff0da61c78f3377f34c7512daec9494acb44786da63cc4f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 804921fa9f90b50b-OSL
alt-svc: h3=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 88ms
87ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-158515037-1&cid=1507014758.1694364232&jid=1174201634&gjid=34404600&_gid=628265870.1694364232&_u=aEDCAEABAAAAACAAI~&z=2029540221

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 10 Sep 2023 16:43:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tvonenews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
89 KB 101ms
100ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1F8KC7SHMP&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a24553cd707f63054ef0f10ba7a5cd38fdb85ea128e5ea2833c7d2dd8859ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90783
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Sep 2023 16:43:56 GMT

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 7611 2 KB
1 KB 78ms
77ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502516.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BMS2JTQQHWBDN39N
age: 3534
alt-svc: h3=":443"; ma=86400
x-amz-id-2: itZtl/vncvcRl3RoPVhXerIphKTDQdl/P4V3JLIGOpGgPpKAtk6qw8GTCLFwy+LbMB6dIQXcAKI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fb3eaeb50c-OSL
expires: Mon, 11 Sep 2023 16:43:56 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame 7611 836 B
1 KB 76ms
76ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502516.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: T51QQMMBAGNGBFRK
age: 5220
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3FdLqR2y529F/4/kuef/T473JVS9mY81bSHJ+sgya9RLwuyZIh6qIzPMpWWqjoymYMeyoTsOEIs=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fb3eafb50c-OSL
expires: Mon, 11 Sep 2023 16:43:56 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8zNjk0MDMvMGViODc3YmFiZDE1YWNlYjFmZTJiNTA4N...
s-img.mgid.com/g/12322315/492x328/-/ Frame 7611 9 KB
9 KB 416ms
266ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12322315/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8zNjk0MDMvMGViODc3YmFiZDE1YWNlYjFmZTJiNTA4N2Q1NjlkMmIuanBlZw.webp?v=1694364235-uQSRqEvgnzIjkYFFS-ZicLjClciCuFaa310QzQQwyQU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddc014c064c343794f196e44392b38946d6e9db8b96cae9435f8feaf0e223d41

Request headers

Referer: https://www.tvonenews.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: MISS
last-modified: Tue, 29 Mar 2022 19:10:31 GMT
x-mg-request-uuid: de6ea3af-2111-47e0-89e7-710f6cdf3c3b
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 804921fc2c4a569b-OSL
content-length: 8860
alt-svc: h3=":443"; ma=86400

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame E9F5 2 KB
1 KB 75ms
74ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502504.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BMS2JTQQHWBDN39N
age: 3534
alt-svc: h3=":443"; ma=86400
x-amz-id-2: itZtl/vncvcRl3RoPVhXerIphKTDQdl/P4V3JLIGOpGgPpKAtk6qw8GTCLFwy+LbMB6dIQXcAKI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fb4ebab50c-OSL
expires: Mon, 11 Sep 2023 16:43:56 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame E9F5 836 B
991 B 75ms
75ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502504.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: T51QQMMBAGNGBFRK
age: 5220
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3FdLqR2y529F/4/kuef/T473JVS9mY81bSHJ+sgya9RLwuyZIh6qIzPMpWWqjoymYMeyoTsOEIs=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fb4ebbb50c-OSL
expires: Mon, 11 Sep 2023 16:43:56 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMzY5NDAzLzBlYjg3N2JhYmQxNWFjZWIxZmUyYjUwO...
s-img.mgid.com/g/12322315/492x277/-/ Frame E9F5 8 KB
8 KB 378ms
237ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12322315/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMzY5NDAzLzBlYjg3N2JhYmQxNWFjZWIxZmUyYjUwODdkNTY5ZDJiLmpwZWc.webp?v=1694364235-gATBi6u2UwrvcdcAUS2qMzD5mMt-oc9foYhM4ak1s0M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ce76133e14c9e61b66c70cbc2d81a4cff5bdcaaaef126204fa9ef0dd40f5fe

Request headers

Referer: https://www.tvonenews.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: MISS
last-modified: Tue, 05 Apr 2022 21:12:51 GMT
x-mg-request-uuid: bec2e376-f79e-41f3-aa8f-a50e8d65b84c
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 804921fc2c45569b-OSL
content-length: 8354
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8zNjk0MDMvMGViODc3YmFiZDE1YWNlYjFmZTJiNTA4N...
s-img.mgid.com/g/12322315/492x328/-/ Frame D980 9 KB
9 KB 408ms
277ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12322315/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8zNjk0MDMvMGViODc3YmFiZDE1YWNlYjFmZTJiNTA4N2Q1NjlkMmIuanBlZw.webp?v=1694364235-uQSRqEvgnzIjkYFFS-ZicLjClciCuFaa310QzQQwyQU
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502517.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddc014c064c343794f196e44392b38946d6e9db8b96cae9435f8feaf0e223d41

Request headers

Referer: https://www.tvonenews.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 19:10:31 GMT
x-mg-request-uuid: de6ea3af-2111-47e0-89e7-710f6cdf3c3b
server: cloudflare
age: 0
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 804921fc2c4c569b-OSL
content-length: 8860
alt-svc: h3=":443"; ma=86400

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame D980 2 KB
1 KB 76ms
75ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502517.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BMS2JTQQHWBDN39N
age: 3534
alt-svc: h3=":443"; ma=86400
x-amz-id-2: itZtl/vncvcRl3RoPVhXerIphKTDQdl/P4V3JLIGOpGgPpKAtk6qw8GTCLFwy+LbMB6dIQXcAKI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fb6ec5b50c-OSL
expires: Mon, 11 Sep 2023 16:43:56 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame D980 836 B
991 B 75ms
74ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502517.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: T51QQMMBAGNGBFRK
age: 5220
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3FdLqR2y529F/4/kuef/T473JVS9mY81bSHJ+sgya9RLwuyZIh6qIzPMpWWqjoymYMeyoTsOEIs=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fb6ec6b50c-OSL
expires: Mon, 11 Sep 2023 16:43:56 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 735C 42 B
174 B 193ms
190ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvg4nP4KG6UnuiI_PfB3Ktb3kWy8fOR3sgafeDO6I9NJQ_CXs0he1vtMR4k47xLsVZSBxlQJXUzFnS8gxWpI0uvvDrKZYuAGTp-mXuWA63kSctXln8_lBPZrvK6VlPw&sig=Cg0ArKJSzEIS9v6cueXjEAE&id=lidar2&mcvt=1007&p=66,140,666,300&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20230906&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4112494481&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694364234465&rpt=562&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8zNjk0MDMvMGViODc3YmFiZDE1YWNlYjFmZTJiNTA4N...
s-img.mgid.com/g/12322315/492x328/-/ Frame 735C 9 KB
9 KB 739ms
625ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12322315/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8zNjk0MDMvMGViODc3YmFiZDE1YWNlYjFmZTJiNTA4N2Q1NjlkMmIuanBlZw.webp?v=1694364235-uQSRqEvgnzIjkYFFS-ZicLjClciCuFaa310QzQQwyQU
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1518407.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddc014c064c343794f196e44392b38946d6e9db8b96cae9435f8feaf0e223d41

Request headers

Referer: https://www.tvonenews.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 19:10:31 GMT
x-mg-request-uuid: de6ea3af-2111-47e0-89e7-710f6cdf3c3b
server: cloudflare
age: 0
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 804921fc2c49569b-OSL
content-length: 8860
alt-svc: h3=":443"; ma=86400

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 735C 2 KB
1 KB 81ms
80ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1518407.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BMS2JTQQHWBDN39N
age: 3534
alt-svc: h3=":443"; ma=86400
x-amz-id-2: itZtl/vncvcRl3RoPVhXerIphKTDQdl/P4V3JLIGOpGgPpKAtk6qw8GTCLFwy+LbMB6dIQXcAKI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fb7eecb50c-OSL
expires: Mon, 11 Sep 2023 16:43:56 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame 735C 836 B
991 B 74ms
73ms Image
image/svg+xml 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1518407.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: T51QQMMBAGNGBFRK
age: 5220
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3FdLqR2y529F/4/kuef/T473JVS9mY81bSHJ+sgya9RLwuyZIh6qIzPMpWWqjoymYMeyoTsOEIs=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 804921fb7eefb50c-OSL
expires: Mon, 11 Sep 2023 16:43:56 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA4LzMxMDE0MS84YjNhY...
s-img.mgid.com/g/16896493/492x328/-/ Frame 735C 5 KB
5 KB 217ms
106ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16896493/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA4LzMxMDE0MS84YjNhYjMzMWViYTU4Y2MzNTI5MGI5ZDNlMDZmY2E2MC5wbmc.webp?v=1694364235-vfQFYthPhrRv7Rgpn979J5c9Kj_Bzhc7gnr03YdW6h8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f41a7c6eebab46e575318b2f45c15afc79dbfb4205a70bc075f2e0d92b5771e6

Request headers

Referer: https://www.tvonenews.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2023 21:30:51 GMT
x-mg-request-uuid: 5342f3c4-b06d-4289-a6e2-b1df45e72822
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 804921fc2c48569b-OSL
content-length: 5140
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAzLzM2OTQwMy83YTIxMmU3YzE5MjgxM2JjN...
s-img.mgid.com/g/12445753/492x328/-/ Frame 735C 6 KB
6 KB 341ms
230ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12445753/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAzLzM2OTQwMy83YTIxMmU3YzE5MjgxM2JjNmRkYWE2MDk1OTc2YjkzMC5qcGVn.webp?v=1694364235-nfTX747PIB5zTjGi1OyawB2_45FRGr5MX6skNEy7Z6g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6399bc3c584c301d7c017c77569e7572fcb66d740f048adca0bde9fcc5ded283

Request headers

Referer: https://www.tvonenews.com/
Origin: https://www.tvonenews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: MISS
last-modified: Sun, 19 Mar 2023 14:28:25 GMT
x-mg-request-uuid: 9c268cb1-b155-47c9-8bed-ae853681e44e
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 804921fc2c47569b-OSL
content-length: 5706
alt-svc: h3=":443"; ma=86400

GET
H3 200 liveHidup
www.tvonenews.com/ Frame E9F5 66 KB
66 KB 79ms
79ms Image
text/html 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvonenews.com/liveHidup

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 10 Sep 2023 16:43:51 GMT
x-permitted-cross-domain-policies: none
server: cloudflare
age: 5
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-encoding: br
cache-control: private, max-age=300
cf-ray: 804921fb88feb4fa-OSL
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 i.js Show response
cm.mgid.com/ Frame 7611 0
126 B 110ms
98ms Script
application/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1694364236067250494669
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502516.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 804921fba85fb50b-OSL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame F22D 0
37 B 106ms
105ms Script
application/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1694364236073577680911
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502516.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 804921fba862b50b-OSL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 7611 138 KB
30 KB 76ms
75ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502516.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: QNRDJX7M4291FGWZ
age: 2565
etag: W/"6f2e4365e45d56ebb0820172e6b3d823"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 804921fbab730b02-OSL
x-amz-id-2: tDFZ1MtNDn0SM4PElju0iMYBchYt3N3Ezlryv1L3F2F5SmZ3yOBYs9mcifwEsXqvae1Ut47+APhiqd//RU/CfA==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame 7611 207 KB
63 KB 83ms
83ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502516.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=61504
accept-ranges: bytes
content-length: 63913
expires: Mon, 11 Sep 2023 09:49:00 GMT

GET
H3 200 liveHidup
www.tvonenews.com/ Frame 735C 66 KB
66 KB 83ms
82ms Image
text/html 2606:4700:10::6816:31c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvonenews.com/liveHidup

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:31c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/liveHidup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 10 Sep 2023 16:43:51 GMT
x-permitted-cross-domain-policies: none
server: cloudflare
age: 5
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-encoding: br
cache-control: private, max-age=300
cf-ray: 804921fbb92eb4fa-OSL
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 i.js Show response
cm.mgid.com/ Frame E9F5 0
37 B 103ms
102ms Script
application/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1694364236098118781568
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502504.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 804921fbc882b50b-OSL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame A932 0
37 B 103ms
103ms Script
application/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1694364236110593525920
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502504.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 804921fbe898b50b-OSL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame E9F5 138 KB
30 KB 79ms
78ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502504.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: QNRDJX7M4291FGWZ
age: 2565
etag: W/"6f2e4365e45d56ebb0820172e6b3d823"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 804921fbeb8e0b02-OSL
x-amz-id-2: tDFZ1MtNDn0SM4PElju0iMYBchYt3N3Ezlryv1L3F2F5SmZ3yOBYs9mcifwEsXqvae1Ut47+APhiqd//RU/CfA==

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
184 B 420ms
183ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=157005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/9000/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.tvonenews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame E9F5 207 KB
63 KB 84ms
84ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502504.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=61504
accept-ranges: bytes
content-length: 63913
expires: Mon, 11 Sep 2023 09:49:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 8E29 0
260 B 304ms
88ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=157005&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 i.js Show response
cm.mgid.com/ Frame D980 0
37 B 97ms
95ms Script
application/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1694364236134568245702
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502517.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 804921fc08aeb50b-OSL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 1899 0
37 B 95ms
94ms Script
application/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1694364236152311915563
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502517.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 804921fc28cab50b-OSL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame D980 138 KB
30 KB 76ms
75ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502517.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: QNRDJX7M4291FGWZ
age: 2565
etag: W/"6f2e4365e45d56ebb0820172e6b3d823"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 804921fc2bab0b02-OSL
x-amz-id-2: tDFZ1MtNDn0SM4PElju0iMYBchYt3N3Ezlryv1L3F2F5SmZ3yOBYs9mcifwEsXqvae1Ut47+APhiqd//RU/CfA==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame D980 207 KB
63 KB 89ms
86ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1502517.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=61504
accept-ranges: bytes
content-length: 63913
expires: Mon, 11 Sep 2023 09:49:00 GMT

GET
H3 200 i.js Show response
cm.mgid.com/ Frame 735C 0
144 B 96ms
95ms Script
application/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1694364236169125000116
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1518407.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 804921fc4f92b50c-OSL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 i-noref.js Show response
cm.mgid.com/ Frame 4607 0
144 B 98ms
97ms Script
application/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1694364236173909851197
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1518407.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 804921fc4f90b50c-OSL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 735C 138 KB
30 KB 76ms
75ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1518407.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: QNRDJX7M4291FGWZ
age: 2565
etag: W/"6f2e4365e45d56ebb0820172e6b3d823"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 804921fc4bba0b02-OSL
x-amz-id-2: tDFZ1MtNDn0SM4PElju0iMYBchYt3N3Ezlryv1L3F2F5SmZ3yOBYs9mcifwEsXqvae1Ut47+APhiqd//RU/CfA==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame 735C 207 KB
63 KB 116ms
116ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viva.co.id.1518407.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=61504
accept-ranges: bytes
content-length: 63913
expires: Mon, 11 Sep 2023 09:49:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 103ms
101ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 16:43:56 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 7611 33 B
404 B 291ms
93ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

d14619782de0ba9e09425e2371075cbf30501d028a5b9730c50b3a2503ab5459

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tvonenews.com
date: Sun, 10 Sep 2023 16:43:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame E9F5 33 B
404 B 266ms
89ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

9f0a762b9c922ffc1ab0686fee9bd8ddf8d1d12a2873e8ab3e7c91b744401c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tvonenews.com
date: Sun, 10 Sep 2023 16:43:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8EE9 13 KB
5 KB 87ms
86ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvonenews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 32173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 07:47:43 GMT
expires: Mon, 09 Sep 2024 07:47:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 991B 829 B
991 B 98ms
97ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35ff8774c615130f88995588b32651f0ec15e09d45a7cf8a729db6c34a34b1bb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EnId4lkPJlHHw_oGw8o2aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tvonenews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 534
content-security-policy: script-src 'report-sample' 'nonce-EnId4lkPJlHHw_oGw8o2aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:43:56 GMT
expires: Sun, 10 Sep 2023 16:43:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 531A 42 B
64 B 365ms
191ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSfON4Kk5LwE06RHApGW6YCnkN6g4K949jzvWdpUoYc_Y3eD0Np9v3wnOQt_o1WNLkL1GtEBoj6RSHNQqgMsPZOwMAsjJMxW9woN-sNrPd4AXTqtDjE1CoxdHfeXLZlDxC6fIJy_EVniQwpG3zllSvrbtFc8lDBVOEk2tdD1793RxVPmMU0Kj_h9Ds4Znf-w4WP57Ha4OX85JbyOKbdxy35plJNJzHqkPjIB_2kyAIKJ8MfctXpwDAkEyIT3mE-7eoTPTFaD7tbSz0S8dwjLIHeWnsy7_XMYxcrE8VZz3tJiyQiBv5P9rmvgWc20JJ8aHZjTKdAhl1qQqbhjqU-i18vmI6WLDKXhZJKqxc6ZAUkBnfsroNN712GMcEwipVlfy0VYs4PvvpGk0dOUQYEXhBj8dClKy-CQTp4Nkmrvph8-KacXI10hyHu6KLI5Hw4OENIg4O4JQmle9kRK9SMJ1O5_jwR0JAm22K-zAWF2X7cEJBnKhpbEQlcJwGQy3Wp-mdowjCMXscbBo-RHypGfA6ksRf2oQQyfJlO2607Qzjyr6ZG0LA66aDEyWR42Aif_6Rtaxy-_4g35T6WMW5RqARtRs_ymbko320aQr2GqMZQaKwAl2hQXTP4xd3HWewje_5bH9hDIMFFQlKjMiLSAcpTeXKyGhWaSi1dDeBjOZ1w_7Fx7F9wkrJWzd8P392cRJ1QPqYljLFZbPwa4xAMq9MJ9ng0IHY8jarjPURQm6jvy7tnGpCdd9_QyFu_coWayG4lPNZTYo2KatCZymXJW625eTd2yT4N_5hpyk4OMhUxX8RfyDj3AKwrNW1pfHY17W4MfROhLDzcjOWuUvsYCKxwJR-8uldAOywbYpGt0f9-zIHJQTqCXeJZj8hC7y0Me-skO1UodtyrFprfLbyAT1wjddT0glTDL0524JDXPoQ_Lq4VIXwDo-0QMU9nFaL0GBFRMGQq4FJmaZhFEk0Wmtky076MG2g3_xHCNspRVkDDCP0E4lDpRw7RvRD1SD5GtS3dKVNlmhyUixUEshbWYPong80TO0345zV4sTjSwMdIGHCRa5tGttUNijGQ944kpHp3gXJfN8CTTFxErJUXrsPMyzajcs7WNAt1acdpqm27paTngtkpCP1FPJpP1dNB3vgK51NNkO58108WJKZDAEuIOLAUgk7tzPHazMuAXE9ZXdcFQgZBE9ICOaKZPykpP3xOXO2HjmCFg646e5qOwt4PES3j9do_Z711GkUfBeldyfU_OiDeh1eEb-t8hAxgh8DZPWWLWyBObMLd_s_zrQ6R0lWTlUTNS1wOt10PA&sai=AMfl-YSd6eY0PhVItFaDQFNKdzQE76Ff-F7OzsVwluyuVAqK_KXBsVBADl1x5_AP37KYRGDE-MGUxVSSC6ToeNIIbrwJmT2zxmSmpcNYN7CS0CXuHTljuEl7ZvPsN8_7WNnYkRaVR7VlGfm7OnWyFNXIfTLiFPqsaLizE1g&sig=Cg0ArKJSzJefunaogsQfEAE&cid=CAQSTABpAlJWoUY5G4Tx2WopaXITPCSpVoMp-manuxLOC5dXj_p8Ln51PZhzNIbjavZ0FyWk2yIMc2GvNFBnmJj1Wxg7GRMNcHzFj1XoXKUYAQ&id=ampim&o=557,66&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1027&mtos=0,0,1027,1027,1027&tos=0,0,1027,0,0&tfs=946&tls=1973&g=100&h=100&tt=1973&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame D980 33 B
404 B 253ms
92ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

baef34aba66c237a4765fb55e1cfa0a6032d6b7f8b29a8dded7eddb85ec67aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tvonenews.com
date: Sun, 10 Sep 2023 16:43:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 735C 33 B
404 B 252ms
90ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

ad27736fc7d161b45621e8be4d8e0e7e427b10ebf107632b05cf0b164a88afd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tvonenews.com
date: Sun, 10 Sep 2023 16:43:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6C8C 42 B
64 B 303ms
191ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuos7fVc0cOdRTXEgS6xNIt92_U944705Cv8tU1VB86G7nlF1msV1bJmcyIW5Kw1TsHC5xjZl_i1RY1ocbtTqUVZx9HsHHwg4NWkbpW41Yx6x41x2E_Fusd6q0ygZy9ZsR4cGDbKbYvzz37xK7bLkICgDPYeWpFBxRRmJGnkWMH90FFlb9ecJEmNI1iq7BkdWERRocRsDSoxDFVD3A76tiBcCWJiWoxw4s_Pk9m6NaVwumJzoi-8BicpsyCYFLafa6bhYrUEro7jj0oUdbSmXDdzrmC_1dAho4U4JHrTnjptF8WJqn-pQJazDBnWHB0FnrqAZz-A2QmQc-tQk_8dJ9mpwri6anSUSct9P_4nZJdxgj5e_t3mPeTPK-XdcRYw5RmEBaPN2Vg4Zt0g_Vhi7E0_ZMF6HYenVc3ypNuC8X2mY1fJ8eT8_3ThRwi0rcgzOaFLN3vXISxmdHjoz5-i_idbbSNdxojPBuMzK6gd3XRK_oRWLZ9OiosDVvVkAQ4O-3s_8Xd1KpkakEmlR7jd-iUmUsNe6No_y-Caqn8qyVeW4YsUKNFiWcM7m_IsIGB8gQC_ObAV9boOZcL8uvlsVSGQct73uqS1IMehW5rHEW3rKOXQdaB6mMHQEsSJ_DCgQUCSjQ3Ku6hGQM4Wqh19PN3B3n3ZItkVEsU08ps3P_-OXwW1ijdniObsHtScT37euV1K8vQvwwg5ritoLNkjtTta_xt1SFBqSiwbpyoveL93a9jKouKz9Q3tFu5jYURcLaK7ueG5dK_FgkJswhu68K7dEcHl4nI-Abr3R1pWPkgulq3WNs9ssQYabJNNgqDLoq7lVJcXNS2IiFkL9L4ejUQiiTTBN0Orsit_pgLbCZqFzHtKyEX3RgoxUIvDN_k5IDzdGq9nQpFKbvjredSXe9ynr-tKRD48LOygfVd2eWoo7WVYdu2SnvZuNjjgzVooSBDpyYspSvLNv5cMeZuy4imPciD4w7NN87EMMX3DFRp0yHfdP_3cpZUVLBiHjAb-Pi-K77-bBysu7MXF_7KEkpYXIDo4DAEH5VGZJ4IvBwX65ibTnpPkWRg_5061446PktK4nz4TsGwF8EiEyJYHiKlalCdIoax5a9ospDNnrvZWgsS-7dgaBdQaffXdWN7dKZJtwEk27ev7HNz1UjDjecR-qcQk3MFGiEu9nquoklYT2lNIdlLSWHdcQh3TJtx7CS2vmY9ihvssblMbyTOh957ZzilW8sNAxqlKSM4zGZ3Kk199apKFNEDT5qHICPL-gFxoAiHMFO4kusxHnC9eF0PcS9r2KTO7VMjOMbmYIT6sGjBiae6Ii2GuEO01A&sai=AMfl-YRi8tB5d0d3ne8Y-n21voPzuUrQAsMUg-LNMQxmc1viCkwajN98hALp9MPWw8csE1nZB1Zlaee2AzDfj4i8pV2yXDZmT-3XXU5mZfSLyDuiqOTWjgDUG7TeI1C2KXyiXTHpeJf59x0Ql28Nd0XJYIeY_Mro_QAtSC4&sig=Cg0ArKJSzN9Uq5cGAD6nEAE&cid=CAQSTABpAlJWoUY5G4Tx2WopaXITPCSpVoMp-manuxLOC5dXj_p8Ln51PZhzNIbjavZ0FyWk2yIMc2GvNFBnmJj1Wxg7GRMNcHzFj1XoXKUYAQ&id=ampim&o=985,260&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1013&mtos=0,0,1013,1013,1013&tos=0,0,1013,0,0&tfs=983&tls=1996&g=100&h=100&tt=1996&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7151 42 B
64 B 303ms
192ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiPWOMfsv4gWhyg2Y0AExmHb88W48lqC_0spwCG7DiyRlpMw3VKUsA8P7DM5wVf8yO5B0txb6Fuj3VjfLkEIkis7IAVO6KjpcpEXS3z9WGwJrZyJHlaWQ_5zkwsOYmlfJMQ25_sHC8Ksn6TGDumesDXcR_CpOMaYGqxjKh8kH4GWXc3FRBq7dlAEyfPJL0b7iyqvNHW7-7_JSPYvMsC6ErqhcOFLhKsZn-XLuk170hE45lE4sLqR5_UtS0pIsqP75cAgamyQuSP1avQhoiDFPrisBds0DZhpyNI1r_KZ4ksttqQI-dumSDYdAtkEO4B071c_wZsFs5A1bxikzKoS6N-gDPo6ykVRI5_yoMAkEdtIvLP7Hlh6E3-R_rcClhYKwteZQeBlomZIxyeZADhKyQYt_i2RNvdngFDb5L0-BkGVdkJzleAJl-DN-rVTVqbs6i_8Rj7WhnJyUgGQ8pZzRrhfBUJG840V7Qfcz5K7A-9qGH9kj666afm2308ODhX7pb5SYeQ4rRM9uOHiegObtFfIgNGcOjEDzHX5gsF-MXZnifi4UC4DSJ2SrhamxFxzD1WR3uMHNPmRQS5fvjYfr1W7wQEtZa33z5oNKOjr3H66Q4TewSEfwCKy_2Ck6SDBwqKzESq1JVS4tty_RFnID6tPSNyXRD507nCcSKCczQ5lfeNdi2MEWFk4joLbNhd8U_QkP_z0KXEXZg1yboSz49WaCwzwXCjPIM4eA_8amEIA-8SncnuGTZ4QPD6X78E7DlDfZvwTVZarXGYgpTX4GUbBNr6gIarDhp18FPMpi9w4Xpjee6lG8g0S0iuRutGvq8Ckc12xAzpZOjChSWoRITe52rm02d1opX1fRN_3OXYPHk12-5LmVRr2U_anjPnXZa4VujON8CL07pHZxw62FEU3muTujiRd7Gyli-zvW9px_1OYspTxQkduO4vzSHLBEOgMiIlx7Tww3He7Bx8QxxUEcAazfqHllkVDfExXEcyKskd_jwaPKZIdyfZImvAUwzaalnRaDroGhyHbdIj7yVJW-rA5mqXcv0lNOA4E0A6whwCXDlJf_nGzGjCaenLRO85eCWULxmUDZlAh3wyIhr_cEDm-Taws2amP06KumtVbYwCz06QlC7oLtcVB7SuB_v_f--fVngcMJzHn_YMwkia3sqinXw9AuFUqvlvs93H0KFsw9tf2MqU5N0tXgK1ivGiMYMAGXprwOFLEVcUVvzMDnhvMcXNqETuT6EqmUjm4nOFlstCboivLLmFQfJgF79cxJvSUU6q0U75I3awdn9YZbDZJNBPPkdmC6BhcsYCgf_7vjnVVA&sai=AMfl-YTW65ETNSlKwOHBMR05UaFX22eux6oRGUoqCChAzmCzCqJVwphYViLdt4Z-AP9PEGmNzeYiuxVNl7pYzcEaIoAhTv5-2RA3h_xzVG-g3sMNOFXlPd5KiRJwwx3XcEN2mflvR7IAnqniK7VLv_jUVKqDcGbHRsiXfoc&sig=Cg0ArKJSzEYggdickqe3EAE&cid=CAQSTABpAlJWoUY5G4Tx2WopaXITPCSpVoMp-manuxLOC5dXj_p8Ln51PZhzNIbjavZ0FyWk2yIMc2GvNFBnmJj1Wxg7GRMNcHzFj1XoXKUYAQ&id=ampim&o=1300,66&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1012&mtos=0,0,1012,1012,1012&tos=0,0,1012,0,0&tfs=943&tls=1955&g=100&h=100&tt=1955&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 966D 42 B
64 B 300ms
192ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstBa80hBs6r50r4-eq1Y4XWS1zyPVhO_EFQHVUlJx9YKVz_e4IXV6m7FI21L5-xc-BHJYPo4D0ss3lBi323ipOJtU5rTIBjSjgkqIUfDxSWayT3SZzzZ3KEPQklN8sAWM3UUkbiT15o2VDow3T_DMAydNNnzrAs9ObTYbzGKf3yloE_67UDTnt2lPpIcDQVVc6P06zWF_mbJOWdUnyoqKi__e-6wiEidcHsFQFADaQaQP9wpjEg8wx8CnJMC2OWHkRwL2WN-bgD9u-xoZtUqIFT3NvdvNG4iJO8fO0USZS2zgJQC1Ab9YeY5I2mVi1hNx_GpJix2sY3r8ntgp3505p6k-VK1czUHCeKdm4alxhYnwTAH-8LTYgaoAeOQxKKJ3D4_Lk15UR1CwsSOS2FGLZnB6h7RtE8WwPJ2pJu4gHbYuXrsxy8P8Mjf3AcGNU0afqJrXr_YPis3DEai24b2kghJ8MFtLIpuAd63ugBI8DdY5kvwCi28Sb_SRGVmGiQp5g83A0NdqHi3xSIv4DoC2OZ1VGAbI7jldXg5A3-mNbxnpHUaJZVqEif2WbW2fLGyYsmpoMfsvPYb04pbSA-Gddw9g0SghC0FKjjQopq6SnLiOeMhD-YSdSiJxcCJXdVX7j63iZrFWP2ZhI5JxLpYHl7GmnGAkTAmvvblE6s8ihMp5Rk4Zwvt5CSmxh2XF5hOsSQDtRADzj0wHQE_4KiXI6-HCbvubcIY0ji-HYTQnBu5OjbZvevOy6DZ6k8SoP-WwH6u9-_2VsRKCRvXVsaZQpnj1v3vcPUt0ej2DIYGjL2uPkP_FxUWzb9pdGghZR6jOcoHHiPOoIYGtcNGafc-wwmfy2Uot1NyL52Yh3J1szXBezPpdxwPAJeuG7ZzDypC01vx5k_UWN0xGMOhnEQvpFbnwH2wT0hsq13YUZj-S6HPGzcfluPr_6DUDXh9sKFaIK1wdfS5Dr-fJWhANbrf0DDxddYIGXMxnz5o3S0IFCeAeDj1OM54YAHyaAkZEWttlakxtlggD8qGZME7JddjZxA4QhZK3GwBpieJ9stXm5Dfoc09aVAaE3tDf_QCm5zdudmxj-lrbYgP5OckgT2UPVvfrQpzhKNt3oZ2CWfcACVwloegoYgZMPTebxpnhD_HIRXbVizVZv69ev1Mtw0fva1hdRJCRuZz8k-BLswNW5GOtdvzfxxlq3aTHlknsQWbelq1z4hgVFzosafzDHlZxwXf9JJgEPBbX16nxpRl54ltySHjiZyYDVOCmz8ONbDdj12ZzhVKAzZ1962tCtLizhNqOrU3WRunAHYbzIt3wsskk&sai=AMfl-YT980gUYOc6U5iduHbDGqk7bgCl-4KLBm4mcSDUlhm_n6kY2B8rPC9VZtSQZ2F2t8bYZJNYq5lHUB3xlzEvjUMBq_A2BzllD2H7e3CjO8DV5n_xj4ofisd0TRgf3xFC48NDj5QwsY5EDq7E0FK27MUYwT3VvHNmLg8&sig=Cg0ArKJSzEt-XmOuRjh0EAE&cid=CAQSTABpAlJWoUY5G4Tx2WopaXITPCSpVoMp-manuxLOC5dXj_p8Ln51PZhzNIbjavZ0FyWk2yIMc2GvNFBnmJj1Wxg7GRMNcHzFj1XoXKUYAQ&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1013&mtos=0,0,1013,1013,1013&tos=0,0,1013,0,0&tfs=935&tls=1948&g=100&h=100&tt=1948&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8EE9 37 KB
14 KB 148ms
87ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:24:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Sep 2024 07:24:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 991B 0
0 244ms
185ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=3062136417851325&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

POST
H/1.1 200 v2 Show response
id5-sync.com/gm/ Frame 7611 276 B
688 B 249ms
83ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

4e0467d106d4f296a09d08d8066aed7786d9417ff7edeb739ada59bb48f667a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tvonenews.com
date: Sun, 10 Sep 2023 16:43:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 v2 Show response
id5-sync.com/gm/ Frame E9F5 276 B
688 B 256ms
85ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

997655ccaab8efaaf6a236b6cedaac5c2ad0dd2773cd1d5b48e2a44c9ee69a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tvonenews.com
date: Sun, 10 Sep 2023 16:43:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 v2 Show response
id5-sync.com/gm/ Frame D980 276 B
688 B 224ms
83ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

f877aca90eafb8b0c8527bdfe29edbfb48513bb7ccee66f1fa29fb91834fd3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tvonenews.com
date: Sun, 10 Sep 2023 16:43:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 v2 Show response
id5-sync.com/gm/ Frame 735C 276 B
688 B 254ms
85ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

8b2aa60e32d9116756a544280006fbed009370fb0a1b6ca23289a9b185f23b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tvonenews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tvonenews.com
date: Sun, 10 Sep 2023 16:43:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8EE9 0
10 B 85ms
85ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LdLiDQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8E29 3 KB
3 KB 90ms
90ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97839269&p=157005&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ea3b373956c4f591510114eac791d4d60803d7f576fc9dfd211a3011009d959c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 10 Sep 2023 16:43:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 2ACD 35 B
600 B 70ms
69ms Document
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=D384DE40-1725-4B49-89C6-3C3B3834E1B4&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sun, 10 Sep 2023 16:43:56 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 356F
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd8a1d2c10aa04881be9ac38f3f5dea82

42 B
356 B

88ms
87ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd8a1d2c10aa04881be9ac38f3f5dea82
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 166
content-type: text/html; charset=utf-8
date: Sun, 10 Sep 2023 16:43:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd8a1d2c10aa04881be9ac38f3f5dea82
pragma: no-cache
server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CA36
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=D384DE40-1725-4B49-89C6-3C3B3834E1B4&gdpr=0&gdpr_consent=

42 B
327 B

83ms
83ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=D384DE40-1725-4B49-89C6-3C3B3834E1B4&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 10 Sep 2023 16:43:55 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=D384DE40-1725-4B49-89C6-3C3B3834E1B4&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6165
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084927133677873

42 B
275 B

90ms
88ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084927133677873
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Sun, 10 Sep 2023 16:43:57 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084927133677873
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 3F22 43 B
369 B 223ms
89ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Sun, 10 Sep 2023 16:43:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6ECD
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4352793277187857271

42 B
195 B

88ms
87ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4352793277187857271
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4352793277187857271
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 68D4 43 B
279 B 457ms
116ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Sun, 10 Sep 2023 16:43:57 GMT
Vary: Accept-Encoding
X-adserver-worker: avatar-a92f5e406609@version_1.569v3
X-core-time: 0ms
X-server-arch: v2

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 0DE0
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QnWSQWghbaTjhgTb&gdpr=0&gdpr_consent=

42 B
201 B

87ms
87ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QnWSQWghbaTjhgTb&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QnWSQWghbaTjhgTb&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3A7F
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1r2qfpgqol0g

42 B
229 B

88ms
88ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1r2qfpgqol0g
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Sun, 10 Sep 2023 16:43:57 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1r2qfpgqol0g
lws: 224
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 68E7
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
422 B

243ms
232ms

Document
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 804922037a4b5695-OSL
content-length: 43
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:57 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 80492201e8b95695-OSL
content-type: text/html
date: Sun, 10 Sep 2023 16:43:57 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 1233

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame BFA6 0
0 314ms
100ms Document
text/plain 23.88.86.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.86.88.23.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: keep-alive
Date: Sun, 10 Sep 2023 16:43:57 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 45E4
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0908A535C4CA4BA8AAD32E125B943A6D&gdpr=0&gdpr_consent=

1 B
53 B

84ms
83ms

Document
text/html

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0908A535C4CA4BA8AAD32E125B943A6D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sun, 10 Sep 2023 16:43:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Sun, 10 Sep 2023 16:43:56 GMT
expires: Sat, 09 Sep 2023 16:43:56 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0908A535C4CA4BA8AAD32E125B943A6D&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E038
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1694364237156
https://ad.turn.com/r/cs?pid=45&rndcb=1236420508
https://sync.1rx.io/usersync/turn/7671775173584101106?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-b5538363-ac3f-4014-8a89-51bb5fef8bbe-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5538363-ac3f-4014-8a89-51bb5fef8bbe-003

42 B
334 B

83ms
83ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5538363-ac3f-4014-8a89-51bb5fef8bbe-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-type: text/html
date: Sun, 10 Sep 2023 16:43:57 GMT
etag: RXb5538363ac3f40148a8951bb5fef8bbe003
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5538363-ac3f-4014-8a89-51bb5fef8bbe-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 8E29 95 B
438 B 263ms
114ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=D384DE40-1725-4B49-89C6-3C3B3834E1B4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:57 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 80492201eb6956c5-OSL
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 8E29
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D384DE40-1725-4B49-89C6-3C3B3834E1B4&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D384DE40-1725-4B49-89C6-3C3B3834E1B4&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

79ms
79ms

Image
image/gif

77.243.51.122
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D384DE40-1725-4B49-89C6-3C3B3834E1B4&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:44:10 GMT
frontend-id: 15
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:44:10 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=D384DE40-1725-4B49-89C6-3C3B3834E1B4&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 8E29
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=D384DE40-1725-4B49-89C6-3C3B3834E1B4&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

104ms
104ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol: H2
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 10 Sep 2023 16:43:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8E29
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3b9404f4-42b1-4c23-aee7-661c9d7f194c-64fdf24d-4e4f&gdpr=0&gdpr_consent=

42 B
263 B

88ms
87ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3b9404f4-42b1-4c23-aee7-661c9d7f194c-64fdf24d-4e4f&gdpr=0&gdpr_consent=
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:55 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:57 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3b9404f4-42b1-4c23-aee7-661c9d7f194c-64fdf24d-4e4f&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8E29
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:66b285fb-9cb7-4e1a-a7a4-8a84af14cf23&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

83ms
83ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:66b285fb-9cb7-4e1a-a7a4-8a84af14cf23&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:55 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:66b285fb-9cb7-4e1a-a7a4-8a84af14cf23&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sun, 10 Sep 2023 16:43:57 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8E29
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8665219610485345693

42 B
95 B

84ms
84ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8665219610485345693
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 16:43:56 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:57 GMT
an-x-request-uuid: ff2b0e5e-4454-4dbf-aa22-bc72c852d656
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8665219610485345693
x-proxy-origin: 193.138.7.230; 193.138.7.230; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 191ms
190ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309050101&jk=3062136417851325&bg=!Y2ClYC_NAAa6D61Rmg87ADQBe5WfOCCM15YaS5Tkrw8vwX6SFn2sN8ZBHmc2pKk5WEeOGH2DE6-KvzxB7M0NNZj0vchZAgAAAH5SAAAAI2gBBwoAUDaLri6RioAIU9EKtzb1t9kE9bb9qqL1NW5OrBOCH1eSUiWwNE-3PScKm2P-gM7F9DHQ912jv_BciWmxmc9xfZ9oqmobbNXTd44CInMMww2smQK453OUM0-foAwa8YRRn8Dx_9eHdLVR0nZ-XmOp-6oqCY4UweVLA9ckFJO48T8Hc1gBBh_DUypbocFgO97fIeVXgTq1fH88mG9KLuA-h0S4fAOrcUoWLoLdYXW7ycAonMItxNXVHI1T0VtLNqv17k2e3Noi9630MfpK2aLD7XeLMjeVMHA5_AAIvfbXDG9dezSTn19dcKfk6SdnDixr8UB2uYVhqzsBVQosSL0dmjic6GYW2dbq8xKQ1DD6z2Yy_CT1GthZIf12x1qKrswjNoT20h6r34Tebwnvm-RcEf2zEsK5TwvrSW0fNpwrCDw44KigXx7rbM69LSx00KYEJKhDCMMlF6sd_kzATuHD0dHHczoLKinGpEIhTi-Z-ZOhuRXrHMFuZbCgoFirWznW5hnb-0q10aVs1mOTGaSFdU_4VfAVjMatytsrKlyoFt3-p8JjD0VV5GVNTxlGLkNGbOCqixwO4CB9s_P1NG_3Z3Lve38A0cvrq7IvkWKCWT7g6IOTvbRJK-ox4cKBBCsrjxBWMrOSdG5bENkWu_SBwULONrOU9qHLJyqoCswAvF25GXMwShG_J08ast4XHtY7UqLxwJvmfyWXKe1nXYlVzDlLSRtD_BEFs2DdE7e-a7zbFCPWib161KKLqEW_coRER7TWFRYANjuYnH7qyUy9VghP-F94gXhzxa08F_H7Q00N0boK4zkq5OKYuaivh_M9kao8sHAt-OnTjjUbVDMd0leLyX8X-JY0we24AaR0OZPt8S60Qdkf9EdgINXUmOO_G_CRru7qu-vT1nmMlZwCT0YVYOb6oSfpdomNGMda7v61TWGaLNEIGmdMD3W2RtSURUpIrblzURFY_lCpUV512c4dOWEbWtpI8BAJyFwLN9F93IFcEk4jJmPbmkvVlSJht0qiPUNTI6wZ7eTa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 68ms
67ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1F8KC7SHMP&gtm=45je3960&_p=635275443&cid=1507014758.1694364232&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1694364232&sct=1&seg=0&dl=https%3A%2F%2Fwww.tvonenews.com%2FliveHidup&dt=Berita%20Hari%20Ini%20liveHidup%20Terlengkap%20dan%20Terpercaya&en=scroll&epn.percent_scrolled=90&_et=9
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1F8KC7SHMP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:43:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tvonenews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 c
c.mgid.com/ Frame 735C 43 B
194 B 99ms
98ms Image
image/gif 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=158|190|28|xhAhi05scuCa6TXcYXmgx_6JIrGzlN8MpWOnkwoHaYjcyCNuKozMKSn82HqctOr4_YsYE-67P75mrsQ0mpRmYw**&fw=1&extjs=66044&v=158|190|28|xhAhi05scuCa6TXcYXmgxzDZDn-L7HE_ynbGdkNEcWKAIWWRwktnUW5MSQdqrGRaUNsT4wB7nw4GpH8gfZ6oaw**&h2=yemL3nijs1GFNu8rqu03CPM4f9mav4QeZJCKBWc8j2o*&rid=3b8cbc02-4ff9-11ee-b33b-e43d1a2a53a0&tt=Direct&iv=11&cid=1518407&pageImp=1&pvid=18a7ffa76a78a2b0342&cbuster=1694364237594709573266
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:57 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: fa3669a3-63a3-488e-9bca-fd6c4e0e1b68
server: cloudflare
content-type: image/gif
cf-ray: 804922051e34b50c-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 c
c.mgid.com/ Frame 735C 43 B
194 B 96ms
95ms Image
image/gif 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=158|190|28|xhAhi05scuCa6TXcYXmgxwXoch96XKa5tcx5gfdaI9o7Kp225f1LBL3CdZWcg4c3D8FJZO8K85XLC6FrtAPP8Q**&extjs=66044&h2=yemL3nijs1GFNu8rqu03CPM4f9mav4QeZJCKBWc8j2o*&rid=3b8cbc02-4ff9-11ee-b33b-e43d1a2a53a0&tt=Direct&iv=11&cid=1518407&pageImp=0&pvid=18a7ffa76a78a2b0342&cbuster=169436423790955916307
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.tvonenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:57 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 86f6d341-9cd7-422a-a90f-f9aac452fda2
server: cloudflare
content-type: image/gif
cf-ray: 804922071825b50c-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 8E29 0
128 B 90ms
89ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=157005&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:43:57 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

95 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tvonenews.com/	1970-01-20 14:40:50	Name: _gid Value: GA1.2.628265870.1694364232
.tvonenews.com/	1970-01-20 14:39:24	Name: _gat Value: 1
.tvonenews.com/	1970-01-21 00:15:24	Name: _ga_SKS0GZ01Z9 Value: GS1.2.1694364232.1.0.1694364232.0.0.0
.tvonenews.com/	1970-01-21 00:15:24	Name: _ga_1F8KC7SHMP Value: GS1.1.1694364232.1.0.1694364232.60.0.0
.tvonenews.com/	1970-01-21 00:15:24	Name: __utma Value: 262966473.1507014758.1694364232.1694364233.1694364233.1
.tvonenews.com/	1969-12-31 23:59:59	Name: __utmc Value: 262966473
.tvonenews.com/	1970-01-20 19:02:12	Name: __utmz Value: 262966473.1694364233.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.tvonenews.com/	1970-01-20 14:39:24	Name: __utmt_UA-158515037-1 Value: 1
.tvonenews.com/	1970-01-20 14:39:26	Name: __utmb Value: 262966473.1.10.1694364233
.tvonenews.com/	1970-01-20 14:39:24	Name: lotame_domain_check Value: tvonenews.com
.criteo.com/	1970-01-21 00:01:00	Name: uid Value: adad037e-7e6c-471a-973b-924e0c798db8
.openx.net/	1970-01-20 23:25:00	Name: i Value: e138616a-6152-4af7-a996-93fcce056cb6\|1694364233
.pubmatic.com/	1970-01-20 23:25:00	Name: KADUSERCOOKIE Value: D384DE40-1725-4B49-89C6-3C3B3834E1B4
.tvonenews.com/	1970-01-21 00:01:00	Name: cto_bundle Value: Akpt9F8lMkZSMiUyQjRZOW1haVNOWWNOdURGYUVaQWdMWVVqSGdWcThVZVpXcTFMdDRRS1ZwZTJmRiUyRmtmZnp6NVc3Y0tON1hqSHNUcUZpb1FNcTBxOWxBaVZoeklyOHdwNW9mU0dVUncyZ1dNUllyZnlkQjFWcHBuTXFYMVR2bHJwdGN2b1Vta0VaV3hvRm5GR0FsUDdEQ3VoUk1kWmclM0QlM0Q
.weborama.fr/	1970-01-21 00:05:19	Name: AFFICHE_W Value: qwR0khgiopur28
.adform.net/	1970-01-20 15:22:36	Name: C Value: 1
.tvonenews.com/	1970-01-21 00:01:00	Name: __gads Value: ID=b89858cb8d0e5897:T=1694364233:RT=1694364233:S=ALNI_Mb2rDQf5LhQJINJ5XGdjCg8xjMqMQ
.quantserve.com/	1970-01-20 16:49:00	Name: d Value: EJwBCwH1KfijAA
.quantserve.com/	1970-01-21 00:09:38	Name: mc Value: 64fdf24a-50a48-c9674-d2d4d
.tvonenews.com/	1970-01-21 00:01:00	Name: __gpi Value: UID=00000c71a95b534f:T=1694364233:RT=1694364233:S=ALNI_MYI0fCwgSUB8rKVTCVpRts9LVAz_Q
.adform.net/	1970-01-20 16:05:48	Name: uid Value: 298268992888683655
.adfarm1.adition.com/	1970-01-20 16:49:00	Name: UserID1 Value: 7277238972554279066
.simpli.fi/	1970-01-20 23:26:26	Name: suid Value: 0908A535C4CA4BA8AAD32E125B943A6D
.adnxs.com/	1970-01-20 16:49:00	Name: uuid2 Value: 8665219610485345693
.csync.loopme.me/	1970-01-20 16:50:26	Name: viewer_token Value: bc5f1c2b-d260-4928-ab12-66376aab2dc5
.everesttech.net/	1970-01-20 23:25:00	Name: everest_g_v2 Value: g_surferid~ZP3ySgAMHSYCwQA4
.bidr.io/	1970-01-21 00:07:57	Name: bito Value: AADzoU7J--UAACSSin7pmA
.bidr.io/	1970-01-21 00:07:57	Name: bitoIsSecure Value: ok
.doubleclick.net/	1970-01-21 00:01:00	Name: IDE Value: AHWqTUkOesYo7hV1hWqImABVEmtj-SMrers6kbWomU6Js-CV7LW88lsjySBcCNmHM08
.pubmatic.com/	1970-01-20 16:49:00	Name: KRTBCOOKIE_153 Value: 1923-6Pvhjbj9s4jz-reI6veqiuf5sN3zq7WN6qvTNjka&KRTB&19420-6Pvhjbj9s4jz-reI6veqiuf5sN3zq7WN6qvTNjka&KRTB&22979-6Pvhjbj9s4jz-reI6veqiuf5sN3zq7WN6qvTNjka&KRTB&23403-6Pvhjbj9s4jz-reI6veqiuf5sN3zq7WN6qvTNjka
.mgid.com/	1970-01-20 14:39:26	Name: __cf_bm Value: 38KNu6sMHD.0ZyA6f1W6g6B.NINvoQpCl2nnLelNr5c-1694364234-0-AV+/VpH99YOOCMS9Gf/j4M1XSwVc+gMM5HuNf8Co+o/7VcgXtuwzhhmSta1a+4SnQatMTGcrFeQCBTOoDMSvwA0=
.pubmatic.com/	1970-01-20 15:22:36	Name: KRTBCOOKIE_1101 Value: 23040-7277238972554279066&KRTB&23369-7277238972554279066
.pubmatic.com/	1970-01-20 15:22:36	Name: KRTBCOOKIE_391 Value: 22924-298268992888683655&KRTB&23263-298268992888683655&KRTB&23481-298268992888683655
.pubmatic.com/	1970-01-20 16:49:00	Name: KRTBCOOKIE_57 Value: 22776-8665219610485345693&KRTB&23339-8665219610485345693
.pubmatic.com/	1970-01-20 16:49:00	Name: KRTBCOOKIE_80 Value: 22987-CAESEOM6fCNYOfQ4NSx3QscqJxk&KRTB&23025-CAESEOM6fCNYOfQ4NSx3QscqJxk&KRTB&23386-CAESEOM6fCNYOfQ4NSx3QscqJxk
sync.srv.stackadapt.com/	1970-01-20 23:25:00	Name: sa-user-id Value: s%3A0-ab8a49fe-fd72-5444-446f-546027b7a426.KpV9bdfCp%2BIOpru8zTRBXyAkKQXs8oUgtYox22%2FlHkQ
.srv.stackadapt.com/	1970-01-20 23:25:00	Name: sa-user-id Value: s%3A0-ab8a49fe-fd72-5444-446f-546027b7a426.KpV9bdfCp%2BIOpru8zTRBXyAkKQXs8oUgtYox22%2FlHkQ
sync.srv.stackadapt.com/	1970-01-20 23:25:00	Name: sa-user-id-v2 Value: s%3Aq4pJ_v1yVEREb1RgJ7ekJsGKB-Y.ANus3mTop0MmkB0oA2boCbfnCDwIc1bkE81eRJ0tU6M
.srv.stackadapt.com/	1970-01-20 23:25:00	Name: sa-user-id-v2 Value: s%3Aq4pJ_v1yVEREb1RgJ7ekJsGKB-Y.ANus3mTop0MmkB0oA2boCbfnCDwIc1bkE81eRJ0tU6M
sync.srv.stackadapt.com/	1970-01-20 23:25:00	Name: sa-user-id-v3 Value: s%3AAQAKIKD39cTf3ba6ykR6Gh6SODHKXGcm5hEAhLRtqfQ8UKVDEHwYBCDK5PenBjABOgT_Q_f4QgQ7gqMv.ftn5r52n%2FZ687J%2BHObyPejrBVIcLp%2FKRjBZ9kHP3XF8
.srv.stackadapt.com/	1970-01-20 23:25:00	Name: sa-user-id-v3 Value: s%3AAQAKIKD39cTf3ba6ykR6Gh6SODHKXGcm5hEAhLRtqfQ8UKVDEHwYBCDK5PenBjABOgT_Q_f4QgQ7gqMv.ftn5r52n%2FZ687J%2BHObyPejrBVIcLp%2FKRjBZ9kHP3XF8
.audrte.com/	1970-01-20 15:01:00	Name: arcki2 Value: ddhjbnTEc5jQDKENM3WGhexTQ!20220908!1694364234690!ip#193.138.7.230
.audrte.com/	1970-01-20 15:01:00	Name: arcki2_pubmatic Value: D384DE40-1725-4B49-89C6-3C3B3834E1B4!20220908!1694364234692
.amazon-adsystem.com/	1970-01-20 19:33:09	Name: ad-id Value: AyRrdaOgzURmvMuVbJNl8EE
.amazon-adsystem.com/	1970-01-21 00:15:24	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 16:49:00	Name: KRTBCOOKIE_860 Value: 16335-q4pJ_v1yVEREb1RgJ7ekJsGKB-Y&KRTB&23334-q4pJ_v1yVEREb1RgJ7ekJsGKB-Y&KRTB&23417-q4pJ_v1yVEREb1RgJ7ekJsGKB-Y&KRTB&23426-q4pJ_v1yVEREb1RgJ7ekJsGKB-Y
.bidswitch.net/	1970-01-20 23:25:00	Name: tuuid Value: fb4a22dc-f660-4835-b1d4-b4efa8040a77
.bidswitch.net/	1970-01-20 23:25:00	Name: c Value: 1694364234
.audrte.com/	1970-01-20 15:01:00	Name: arcki2_ddp2 Value: ddhjbnTEc5jQDKENM3WGhexTQ!20220908!1694364234962
.turn.com/	1970-01-20 18:58:36	Name: uid Value: 7671775173584101106
.bidswitch.net/	1970-01-20 23:25:00	Name: tuuid_lu Value: 1694364235
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 4f3dfe533fe94986
.pubmatic.com/	1970-01-20 15:22:36	Name: KRTBCOOKIE_22 Value: 14911-7671775173584101106&KRTB&23150-7671775173584101106
.audrte.com/	1970-01-20 15:01:00	Name: arcki2_adform Value: 298268992888683655!20220908!1694364235355
.bumlam.com/	1970-01-21 00:15:24	Name: suuid3 Value: IiQzYjNlYTUyMC00ZmY5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
.smartadserver.com/	1970-01-21 00:09:38	Name: pid Value: 6888054011910581167
.smartadserver.com/	1970-01-21 00:09:38	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 23:26:26	Name: csync Value: 127:AADzoU7J--UAACSSin7pmA
.doubleclick.net/	1970-01-20 14:39:27	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 16:49:00	Name: KRTBCOOKIE_699 Value: 22727-AADzoU7J--UAACSSin7pmA
.tvonenews.com/	1970-01-21 00:15:24	Name: _ga Value: GA1.2.1507014758.1694364232
.tvonenews.com/	1970-01-20 14:39:24	Name: _gat_UA-158515037-1 Value: 1
www.tvonenews.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fwww.tvonenews.com%2FliveHidup%22%2C%22svsds%22%3A4%7D%2C%22C1502517%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221694364236036%22%7D%2C%22C1502504%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221694364236024%22%7D%2C%22C1502516%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221694364236015%22%7D%2C%22C1518407%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221694364236053%22%7D%7D
www.tvonenews.com/	1970-01-20 15:22:36	Name: _pbjs_userid_consent_data Value: 3524755945110770
.pubmatic.com/	1970-01-20 15:22:36	Name: SPugT Value: 1694364236
.ads.pubmatic.com/	1970-01-20 14:40:50	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 16:49:00	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-20 14:40:50	Name: pi Value: 157005:4
.pubmatic.com/	1970-01-20 16:49:00	Name: DPSync3 Value: 1695513600%3A235_201_245_227_226_219_197_241
.pubmatic.com/	1970-01-20 16:49:00	Name: SyncRTB3 Value: 1699488000%3A69%7C1695513600%3A165_71_13_8_264_176_166_22_55_161_56_214_251_233_21_3_234_81_254_220_249_88_204_99_54_46_238_243%7C1694908800%3A15_2_223%7C1695168000%3A63%7C1696896000%3A203%7C1695600000%3A35
.de17a.com/	1970-01-20 23:17:48	Name: guid Value: 1.4352793277187857271
.ctnsnet.com/	1970-01-20 23:25:00	Name: cid_02b2db9ef2d0495fba87228b9440a8f4 Value: 1
.sitescout.com/	1970-01-20 23:25:00	Name: ssi Value: 3b9404f4-42b1-4c23-aee7-661c9d7f194c#1694364237151
.zeotap.com/	1970-01-20 23:25:00	Name: zc Value: a204cde2-f94d-4c64-611b-01bf0fc2e9a3
.adsby.bidtheatre.com/	1970-01-20 14:49:29	Name: __kuid Value: 66b285fb-9cb7-4e1a-a7a4-8a84af14cf23.463578237
ads.playground.xyz/	1970-01-20 14:48:51	Name: connect.sid Value: s%3A_ttc-dy-uwEVO_inPvOT3JOk38uT6OwG.Rju%2B11%2BQ4HZ6%2FMtHSz4q2lJrqlCLRnAyj8vvFWGRhEY
.semasio.net/	1970-01-20 23:25:00	Name: SEUNCY Value: FE457D8CC2F066DA
.adx.opera.com/	1970-01-20 23:25:00	Name: UID Value: OPUd8a1d2c10aa04881be9ac38f3f5dea82
.pubmatic.com/	1970-01-20 15:22:36	Name: KRTBCOOKIE_336 Value: 5844-4352793277187857271
.sitescout.com/	1970-01-20 15:22:36	Name: _ssuma Value: eyI0NSI6MTY5NDM2NDIzNzIyNX0
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0Mjc0NjYzN7cwNxbiM9QtyDPxLvXWLTLyyzcFAAiSehAlAAAA
.rfihub.com/	1970-01-21 00:01:00	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0Mjc0NjYzN7cwNxbiM9QtyDPxLvXWLTLyyzcFAAiSehAlAAAA
.rfihub.com/	1970-01-21 00:01:00	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmlibGZiZGxuZGEOAEk2C5kQAAAA
.pubmatic.com/	1970-01-20 15:22:36	Name: KRTBCOOKIE_1323 Value: 23480-OPUd8a1d2c10aa04881be9ac38f3f5dea82&KRTB&23485-OPUd8a1d2c10aa04881be9ac38f3f5dea82&KRTB&23524-OPUd8a1d2c10aa04881be9ac38f3f5dea82
.pubmatic.com/	1970-01-20 16:49:00	Name: KRTBCOOKIE_188 Value: 3189-3b9404f4-42b1-4c23-aee7-661c9d7f194c-64fdf24d-4e4f&KRTB&23418-3b9404f4-42b1-4c23-aee7-661c9d7f194c-64fdf24d-4e4f
.pubmatic.com/	1970-01-20 16:49:00	Name: KRTBCOOKIE_1305 Value: 23413-D384DE40-1725-4B49-89C6-3C3B3834E1B4&KRTB&23505-D384DE40-1725-4B49-89C6-3C3B3834E1B4
.pubmatic.com/	1970-01-20 15:22:36	Name: PugT Value: 1694364236
.pubmatic.com/	1970-01-20 16:49:00	Name: KRTBCOOKIE_18 Value: 22947-5140084927133677873
.onaudience.com/	1970-01-20 14:40:50	Name: done_redirects147 Value: 1
.1rx.io/	1970-01-20 23:25:00	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b5538363-ac3f-4014-8a89-51bb5fef8bbe-003%22%2C%22nxtrdr%22%3Afalse%7D
.onaudience.com/	1970-01-20 23:25:00	Name: cookie Value: de48d4ab107cba71
.onaudience.com/	1970-01-20 14:40:50	Name: done_redirects200 Value: 1
.tribalfusion.com/	1970-01-20 16:49:00	Name: ANON_ID Value: aDntuJrwZaybQXwrSPTrCKNehFqLpMBZdKZdPhpYLESmb46Y9PPpx2cCE6c3Y2RlPyKEQ92VyPqe11b6tISCy7BmqPs
.gammaplatform.com/	1970-01-20 14:40:50	Name: _aGeoIp Value: TH\|Tha_Ruea
.gammaplatform.com/	1970-01-21 00:15:24	Name: _aUID Value: 1r2qfpgqol0g

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D384DE40-1725-4B49-89C6-3C3B3834E1B4&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

75fdcefb707fd62ca22644514e2c4741.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ajax.googleapis.com
bcp.crwdcntrl.net
bh.contextweb.com
c.mgid.com
c1.adform.net
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
i1.ytimg.com
i2.ytimg.com
i3.ytimg.com
i4.ytimg.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
js.content-rec.com
jsc.mgid.com
lb.eu-1-id5-sync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s-img.mgid.com
s.tribalfusion.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
ssl.google-analytics.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.crwdcntrl.net
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
t.pubmatic.com
tags.crwdcntrl.net
thumb.tvonenews.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.no
www.googletagmanager.com
www.googletagservices.com
www.tvonenews.com
x.bidswitch.net
141.94.161.158
141.94.171.213
141.95.33.111
142.250.186.34
15.197.193.217
15.235.15.221
151.101.130.49
162.19.138.117
172.64.152.89
178.250.1.9
178.250.7.13
18.165.201.38
18.196.96.246
185.64.189.112
185.64.190.78
185.64.190.82
185.86.139.104
185.89.210.46
193.0.160.131
195.5.165.20
198.47.127.20
198.47.127.205
2001:4860:4802:32::36
208.93.169.131
213.155.156.164
23.32.184.192
23.88.86.2
2600:9000:2250:a000:a:e047:753:6381
2606:4700:10::6816:1857
2606:4700:10::6816:31c9
2606:4700:10::6816:3456
2606:4700:1::6813:814c
2606:4700:3037::6815:2eaa
2606:4700::6810:3965
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6812:18ad
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c0a::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:fa8:8806:16::1400
2a05:d018:d29:3601:7665:e1fe:4dc7:2c74
3.75.62.37
31.172.81.172
34.102.146.192
34.102.163.6
34.102.253.54
34.111.129.221
34.120.135.53
34.238.5.208
34.253.165.174
34.98.64.218
35.186.154.107
35.186.193.173
35.204.158.49
35.214.217.220
37.157.5.133
46.228.164.11
46.228.174.117
52.71.98.102
52.95.126.138
54.217.255.105
63.35.30.113
64.227.64.62
72.251.245.181
77.243.51.122
82.145.213.8
85.114.159.93
98.98.134.243
07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e39a23c890e3408d660b29e7808b220e36282414b78e9f9d93509ea8d40e2a4
0f96a2ea3f0d57334fedabf2fd88c5725765513569cb298dba38fbb9784786fe
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16243c9511462485fff0da61c78f3377f34c7512daec9494acb44786da63cc4f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ae13b71858a87ad4bc380bdef4e898ac788c7718f7d2d0179d98654336e4e67
1d4d49e704b4eca0b9d538be405efa78287fcba705adbdcd1e05f9b3a31d1a0b
20be5d0b31fc4a59b6774aebe57a1228caecaf5b2e48f3a12bba0d7a7705eab5
219c0b1df147ce7bae684ae2c15ddb5b50b38bc780e1f87ea3c336f77aba1620
23146adc0d1c0af60f35829db7e60cd006e81abd5a6241458db6dacc554b3387
237bd407ce4d3e196c6626a94b1a156d150009aa60d7529a71f5603b0a5e9b31
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2a12d641f0cb6007158ac022a6e02971ed7c0c268ef503a7f15b3736544e39dc
2a9bb6b4466ddb5e8137fdb8d115b867f5aad86ccf330366aa6d657db15f553f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adf806d67b7e6b48d19ab3d68361df308295a123d34ed98971f5414bf999ae7
2ba97c8d01dce3efeba7ec724a0c9100372479c375f02be810611bbaa5570090
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f6ae40fd6f3f52419068924f298b04383fcda7765a3b3dc7833cc7ea97a51c7
337ac2ef6e45db582c135323416d4720d6574c87b06d11c34b820ae9a75c2431
33b8edb9f1f6161aeec76590d815d9ddcd889a37d95644f8d17e97825bc2fa01
35ff8774c615130f88995588b32651f0ec15e09d45a7cf8a729db6c34a34b1bb
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3bbf0d66038aa78a09d50176e61e7de0dd93cca29fca59d1ed199b7a11a3925f
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3d0d37959dad87c91b0c04733e2b7aa2c0e900613206e8f331ab0a8e90da3704
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
406c0373a9c589659d1380a89f00e975262acf8c1d412ede9d971bc57eca2e8b
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
467d74baf1096e7312ed5ea7753b68906f17a12e7fc5a32a6f87a8c19166ac1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46db770dbf6ef751fb2774a62943c97bc007b3508771f3a07f2221bfa5d89bd3
47267e7d7cc4b62a961cea7cf61b509f1ddfc366413efd6bcef25aa43ee65bb9
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4d52fe1e91f101463bd33b85c8ad466633a02acbd84ad18544c4d565452d63ff
4e0467d106d4f296a09d08d8066aed7786d9417ff7edeb739ada59bb48f667a2
4eca9eb02f32914946e6f24ee290b66f4bcc23dad20ca2d94e39f2f86bed4501
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f5109fb15e04d38687ee9bf4aa586d829537bede0925fd5bbd9002a7ab88c86
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53f53ecca49bb8632a60ddb843fc2afd29f18ca885f8c3012e27c76edf119b55
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5efea218bc4ad976a9c73daa5a1b226289f60622beb0eaf63b9cfc7f62e6b73d
5f564e2964e6dd6040926cf82740f36887c9e2993261a6799a89bb85a3d4c9a6
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631b9627743bd4d17ce04a6c113185213123a5f4902d169157a1c1ff463030cb
636eac7480c3d2a450f44d3528bb66b1b700bfd04e95f6da468db49f4d4e1e1f
6399bc3c584c301d7c017c77569e7572fcb66d740f048adca0bde9fcc5ded283
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9ce67b2eeac84230f988eb68eae90fd9f8071338a7a126f8b98397500352af
6c32b247e000dda2bb418e98bdd6b7cdd70fdc8fef0696150e4dc9f1f4b8ebd1
70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
713780d8b30bda5583052ea847cdcb4f2956c2ac5ff38a7e538ba8f14ad1043e
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7b7a7ae8cb62bb889fe4fe91526892865915b99bc6047960c3f33f65a92f0444
815e3a80505bdf58d262139984097f760b1306b8393afb825a6e4be806b9dc4a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836f67ff6861b09ce118ff2c018caa1cb0a5ac73717cb0ad908304327addb25e
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
8578d5685b7f7d59663f65545acc754334b86cf272568f786d30029765c08805
88aa8698a8785d662c70258f7a4dbbc1639a7b6f511da83c022e8f11ce1b6249
8a24553cd707f63054ef0f10ba7a5cd38fdb85ea128e5ea2833c7d2dd8859ec9
8b052132f00b40c7ca44299a1e6afd7700c82f3b6ecaf981871c95c9241731e5
8b2aa60e32d9116756a544280006fbed009370fb0a1b6ca23289a9b185f23b2e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fcb6e71f614583adf37832324893e33b955b5a16134730d04c14a49130a9621
902db84c9eca1d0f1feba25ce174d9ab0f01635723b878ba538bc1c2e2583a24
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
997655ccaab8efaaf6a236b6cedaac5c2ad0dd2773cd1d5b48e2a44c9ee69a01
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99ce76133e14c9e61b66c70cbc2d81a4cff5bdcaaaef126204fa9ef0dd40f5fe
9f0a762b9c922ffc1ab0686fee9bd8ddf8d1d12a2873e8ab3e7c91b744401c87
9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27
a32c00feaecc217d2fc108d5d13d616f10d17ceb81b06efa7a2c16dd84451ad6
a37b42ea89ca11b54f54a69322c6d519206e6f4a4b1f5fe44420b208b2a3101e
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6077c60418bb7ad5d44d83ab10ae0c0add571202e2c67ca7974ed2f12b951f1
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a83ca962066ee0c9dd16b1777c34f30495097e4cb99d3ccbca2ab93e21349fc7
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad27736fc7d161b45621e8be4d8e0e7e427b10ebf107632b05cf0b164a88afd1
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
baef34aba66c237a4765fb55e1cfa0a6032d6b7f8b29a8dded7eddb85ec67aae
c03549811aa68974a8d767b7f010c5073c65e365bfcfdfa11624acc07bb61414
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c238c0d4fe296abdfd59382595c7e1da4b7efc6f0e7c63875a4470817876f828
c40642b5ccbe293bee5d10bf6a195f9788f4b69032310c36ce620c600242ed5b
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c902bf6562cea98de5eefe7caf99fcec89d6535b5934b648884c2fece815c13d
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
ca1e7fb6db84480f0acada20277962fd758ac0f2d95f04a3f0565bdcdc85ee8a
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
cf0fd0701c15ea8c2f1ab233caf2eecb2d7919b5f260d45ada5dec19492a9189
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d14619782de0ba9e09425e2371075cbf30501d028a5b9730c50b3a2503ab5459
d214e2275413d796e8c4f3d4fa72cd0ae92f190284c4f8b943d8a2c4b7492d61
d2be8ea153b73fe6c2562db8007a52b6124e8a57d35d14b7cf379b80571855ee
d3c931f4e4737bc3b7b01f9ef299e29e1bbc7202488ffeb87097cd3bb83d0e94
d5fbdc5c72aa7784f1b5c8ad97e45bdc0e6f967a44335d346eb82417f2a5d364
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7b1871959cc590db15796700aa36472b88b3f0ed7c6064e69f470b7a88d9eab
db787c2c73ad2f3be8bffc511bae84670c56adf3dfed13bd33c3a03624b365bc
ddc014c064c343794f196e44392b38946d6e9db8b96cae9435f8feaf0e223d41
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e03f6f434f20dfe8dec77524a1380c1ca869461dcc78cd34bdbc96a08bfe70d4
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4eadc0d16dd1095a58bfdc5ef0f296da63dea0dfb0e62ef822339ba082d4be7
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea3b373956c4f591510114eac791d4d60803d7f576fc9dfd211a3011009d959c
eb907560a34f0b253c3affe22120f04c266b90be9cf766c8e9d460657db5e4e1
ebca8c9c04858bf97fd85df0605c2e78629439fce623b49aefdb4b943e8e8441
ec5c663243b64884f568ef5990118797c6df510ecf9b7df894587c3323cc36c3
edcdf3f60252a5987bedc9c86b5422d972ba509bbbe60d58925310c744a33e28
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b352ee7484a73eff1be0df5af18b8780e2306a52e0df18cb088f843f02f022
f41a7c6eebab46e575318b2f45c15afc79dbfb4205a70bc075f2e0d92b5771e6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f877aca90eafb8b0c8527bdfe29edbfb48513bb7ccee66f1fa29fb91834fd3ca
f8b11f49d7cc9e9b3b017ce20a2ab7b41e9de8227aa81d62c3934870733612a0
fbbabe1567cc93d456fe61efdd28ede190c77960afea9fde4649755a963da4ce
fc50c4ff75fc5ffb0b5ed8aaa95ffcde0481c935e3bccb19146874f8e6db07c5
fdfc13461d0b079895673e83c9523b10dee372dc8c70ab82b7ac11d8f01670bd

www.tvonenews.com Open in urlscan Pro 2606:4700:10::6816:31c9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

273 Requests

89 %HTTPS

39 %IPv6

66 Domains

101 Subdomains

64 IPs

13 Countries

3358 kBTransfer

8932 kBSize

95 Cookies

15 Outgoing links

Redirected requests

273 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tvonenews.com Open in urlscan Pro
2606:4700:10::6816:31c9 Public Scan

Screenshot
Live screenshot

Full Image

273
Requests

89 %
HTTPS

39 %
IPv6

66
Domains

101
Subdomains

64
IPs

13
Countries

3358 kB
Transfer

8932 kB
Size

95
Cookies

273 HTTP transactions
12 data transactions