urlscan.io logo urlscan.io
SecurityTrails logo

www.viva.co.id Open in urlscan Pro
2600:9000:2490:e400:18:d576:df80:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3px3agM
Effective URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Submission: On September 05 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 82 IPs in 8 countries across 67 domains to perform 656 HTTP transactions. The main IP is 2600:9000:2490:e400:18:d576:df80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.viva.co.id. The Cisco Umbrella rank of the primary domain is 205582.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 25th 2022. Valid for: a year.
This is the only time www.viva.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 2600:9000:249... 16509 (AMAZON-02)
38 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.140.153.200 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 13.32.99.105 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 23.35.236.201 16625 (AKAMAI-AS)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
10 185.86.137.114 201081 (SMARTADSE...)
7 104.18.19.126 13335 (CLOUDFLAR...)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 23.35.236.247 16625 (AKAMAI-AS)
1 198.47.127.19 3257 (GTT-BACKB...)
4 40 104.18.18.126 13335 (CLOUDFLAR...)
30 2a00:1450:400... 15169 (GOOGLE)
1 2 52.46.130.91 16509 (AMAZON-02)
10 13 142.250.186.130 15169 (GOOGLE)
17 15.197.193.217 16509 (AMAZON-02)
2 2 3.121.253.223 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.203.176.63 14618 (AMAZON-AES)
1 35.169.70.139 14618 (AMAZON-AES)
6 2606:4700::68... 13335 (CLOUDFLAR...)
45 34.107.214.50 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2 34.249.197.140 16509 (AMAZON-02)
46 34.117.33.6 396982 (GOOGLE-CL...)
2 2 54.229.167.95 16509 (AMAZON-02)
3 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
40 2a00:1450:400... 15169 (GOOGLE)
40 52.222.209.55 16509 (AMAZON-02)
4 22 185.89.210.244 29990 (ASN-APPNEX)
3 35.244.159.8 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
61 2a00:1450:400... 15169 (GOOGLE)
1 52.214.46.176 16509 (AMAZON-02)
3 45.133.44.3 7018 (ATT-INTER...)
5 64.233.184.155 15169 (GOOGLE)
5 2600:1f18:1ac... 14618 (AMAZON-AES)
5 18.184.57.192 16509 (AMAZON-02)
6 142.250.185.162 15169 (GOOGLE)
2 213.202.235.9 24961 (MYLOC-AS ...)
2 4 34.247.103.17 16509 (AMAZON-02)
3 2606:4700::68... ()
5 23.35.236.188 ()
10 23.205.235.133 ()
1 185.64.190.82 ()
3 2a0c:5c81:514... ()
1 45.133.44.4 ()
1 69.173.144.138 ()
20 2a00:1450:400... ()
2 52.28.203.152 ()
1 2602:803:c003... ()
1 51.38.120.206 ()
1 18.184.153.97 ()
3 185.89.210.20 ()
1 2a05:d018:d29... ()
2 18.156.0.31 ()
2 2 151.101.66.49 ()
2 2 185.29.132.241 ()
1 1 2001:678:cb4:... ()
1 52.30.247.235 ()
3 3 52.214.10.150 ()
2 2 52.31.24.18 ()
3 37.157.4.41 ()
2 4 169.50.137.190 ()
1 1 2620:116:800d... ()
1 1 52.1.53.88 ()
1 1 154.59.122.79 ()
1 66.155.71.25 ()
1 72.251.241.204 ()
1 38.91.45.7 ()
1 1 193.0.160.128 ()
1 1 2606:4700::68... ()
1 1 185.183.112.148 ()
2 2 54.205.25.10 ()
2 2 34.96.71.22 ()
2 2 34.95.81.168 ()
2 192.132.33.46 ()
1 141.226.228.48 ()
1 1 64.202.112.95 ()
1 1 18.205.75.24 ()
4 2.18.169.149 ()
656 82
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    2600:9000:2490:e400:18:d576:df80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.viva.co.id
38    2606:4700:10::6814:9570 (United States)

ASN13335 (CLOUDFLARENET, US)
public.viva.co.id
thumb.viva.co.id
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700:3035::ac43:87f6 (United States)

ASN13335 (CLOUDFLARENET, US)
sso.thevivanetworks.com
5    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.140.153.200 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-153-200.ap-southeast-1.compute.amazonaws.com
hitlog.viva.co.id
4    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
3    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
12    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    2606:4700:20::ac43:4677 (United States)

ASN13335 (CLOUDFLARENET, US)
thumb.intipseleb.com
1    2606:4700:20::681a:b69 (United States)

ASN13335 (CLOUDFLARENET, US)
thumb-jagodangdut.intipseleb.com
10    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
prg-apac.smartadserver.com
7    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
22    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
37    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
f604d0068ef64c94ee184a6f0d8109d2.safeframe.googlesyndication.com
6    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
40    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
r.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
30    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
13    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
17    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    3.121.253.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-253-223.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    34.203.176.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-176-63.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    35.169.70.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-70-139.compute-1.amazonaws.com
rtb.adentifi.com
6    2606:4700::6812:d4c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
45    34.107.214.50 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 50.214.107.34.bc.googleusercontent.com
sm1.selectmedia.asia
serv-selectmedia.com
15    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
googleads.g.doubleclick.net
adservice.google.de
2    34.249.197.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-197-140.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
46    34.117.33.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.33.117.34.bc.googleusercontent.com
track-selectmedia.com
2    54.229.167.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
3    2600:9000:223f:9e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
40    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
40    52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net
c.amazon-adsystem.com
22    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
select-d.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
61    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    52.214.46.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-46-176.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
3    45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.hb.selectmedia.asia
5    64.233.184.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f155.1e100.net
bid.g.doubleclick.net
5    2600:1f18:1aca:4281:f6d6:134f:4507:dfcf (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
5    18.184.57.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-57-192.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
6    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads4.g.doubleclick.net
2    213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
4    34.247.103.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-103-17.eu-west-1.compute.amazonaws.com
skydeutschland.demdex.net
3    2606:4700::6811:190e (None, )

ASN- ()
cdnjs.cloudflare.com
5    23.35.236.188 (None, )

ASN- ()
acdn.adnxs.com
10    23.205.235.133 (None, )

ASN- ()
eus.rubiconproject.com
1    185.64.190.82 (None, )

ASN- ()
t.pubmatic.com
3    2a0c:5c81:5142::2 (None, )

ASN- ()
ghb.hb.selectmedia.asia
1    45.133.44.4 (None, )

ASN- ()
player.adtelligent.com
1    69.173.144.138 (None, )

ASN- ()
token.rubiconproject.com
20    2a00:1450:4001:80e::2002 (None, )

ASN- ()
pubads.g.doubleclick.net
2    52.28.203.152 (None, )

ASN- ()
c2shb.pubgw.yahoo.com
1    2602:803:c003:200::31 (None, )

ASN- ()
fastlane.rubiconproject.com
1    51.38.120.206 (None, )

ASN- ()
onetag-sys.com
1    18.184.153.97 (None, )

ASN- ()
tlx.3lift.com
3    185.89.210.20 (None, )

ASN- ()
secure.adnxs.com
1    2a05:d018:d29:3605:2390:b34:10a7:b503 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
2    18.156.0.31 (None, )

ASN- ()
ups.analytics.yahoo.com
2    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
2    185.29.132.241 (None, )

ASN- ()
sync.mathtag.com
1    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
1    52.30.247.235 (None, )

ASN- ()
dpm.demdex.net
3    52.214.10.150 (None, )

ASN- ()
d.adroll.com
2    52.31.24.18 (None, )

ASN- ()
match.prod.bidr.io
3    37.157.4.41 (None, )

ASN- ()
c1.adform.net
4    169.50.137.190 (None, )

ASN- ()
um.simpli.fi
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (None, )

ASN- ()
pixel.quantserve.com
1    52.1.53.88 (None, )

ASN- ()
nep.advangelists.com
1    154.59.122.79 (None, )

ASN- ()
ums.acuityplatform.com
1    66.155.71.25 (None, )

ASN- ()
pixel-sync.sitescout.com
1    72.251.241.204 (None, )

ASN- ()
cm.adgrx.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
1    193.0.160.128 (None, )

ASN- ()
p.rfihub.com
1    2606:4700::6813:ac6c (None, )

ASN- ()
csync.loopme.me
1    185.183.112.148 (None, )

ASN- ()
sync.adotmob.com
2    54.205.25.10 (None, )

ASN- ()
sync.srv.stackadapt.com
2    34.96.71.22 (None, )

ASN- ()
s.company-target.com
2    34.95.81.168 (None, )

ASN- ()
euexchangesync.digitaleast.mobi
2    192.132.33.46 (None, )

ASN- ()
bttrack.com
1    141.226.228.48 (None, )

ASN- ()
sync.taboola.com
1    64.202.112.95 (None, )

ASN- ()
b1sync.zemanta.com
1    18.205.75.24 (None, )

ASN- ()
sync.extend.tv
4    2.18.169.149 (None, )

ASN- ()
svastx.moatads.com
Apex Domain
Subdomains		 Transfer
73 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 112
39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 145
f604d0068ef64c94ee184a6f0d8109d2.safeframe.googlesyndication.com
463 KB
67 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
bid.g.doubleclick.net — Cisco Umbrella Rank: 478
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293
pubads.g.doubleclick.net
650 KB
61 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
1 MB
47 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 500
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 430
r.casalemedia.com — Cisco Umbrella Rank: 813
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 515
dsum.casalemedia.com — Cisco Umbrella Rank: 1328
41 KB
46 track-selectmedia.com
track-selectmedia.com — Cisco Umbrella Rank: 39165
581 B
44 serv-selectmedia.com
serv-selectmedia.com — Cisco Umbrella Rank: 29675
2 MB
43 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 279
fonts.googleapis.com — Cisco Umbrella Rank: 43
imasdk.googleapis.com — Cisco Umbrella Rank: 424
6 MB
42 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 269
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
915 KB
40 viva.co.id
www.viva.co.id — Cisco Umbrella Rank: 205582
public.viva.co.id — Cisco Umbrella Rank: 286805
thumb.viva.co.id — Cisco Umbrella Rank: 124036
hitlog.viva.co.id — Cisco Umbrella Rank: 337964
477 KB
33 google.com
ampcid.google.com — Cisco Umbrella Rank: 2007
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 6141
adservice.google.com — Cisco Umbrella Rank: 78
5 KB
30 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 225
acdn.adnxs.com
secure.adnxs.com
103 KB
17 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 993
eus.rubiconproject.com
token.rubiconproject.com
fastlane.rubiconproject.com
54 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 336
6 KB
12 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 751
pixel.adsafeprotected.com — Cisco Umbrella Rank: 584
static.adsafeprotected.com — Cisco Umbrella Rank: 567
dt.adsafeprotected.com — Cisco Umbrella Rank: 516
100 KB
12 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 605
cdn.indexww.com — Cisco Umbrella Rank: 1378
11 KB
10 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 14289
5 KB
7 selectmedia.asia
sm1.selectmedia.asia — Cisco Umbrella Rank: 43309
player.hb.selectmedia.asia — Cisco Umbrella Rank: 28492
ghb.hb.selectmedia.asia
338 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
263 KB
6 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 448
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 442
image6.pubmatic.com — Cisco Umbrella Rank: 606
t.pubmatic.com
122 KB
5 yahoo.com
c2shb.pubgw.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
1 KB
5 demdex.net
skydeutschland.demdex.net — Cisco Umbrella Rank: 119060
dpm.demdex.net
4 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6487
ampcid.google.de — Cisco Umbrella Rank: 58797
adservice.google.de — Cisco Umbrella Rank: 9270
2 KB
5 gstatic.com
www.gstatic.com
39 KB
4 moatads.com
svastx.moatads.com
20 KB
4 simpli.fi
um.simpli.fi
2 KB
4 intipseleb.com
thumb.intipseleb.com — Cisco Umbrella Rank: 104761
thumb-jagodangdut.intipseleb.com — Cisco Umbrella Rank: 485909
39 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 387
mug.criteo.com — Cisco Umbrella Rank: 2794
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
3 adform.net
c1.adform.net
991 B
3 adroll.com
d.adroll.com
334 B
3 cloudflare.com
cdnjs.cloudflare.com
65 KB
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 377
select-d.openx.net
782 B
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 152
775 B
2 bttrack.com
bttrack.com
332 B
2 digitaleast.mobi
euexchangesync.digitaleast.mobi
461 B
2 company-target.com
s.company-target.com
718 B
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
645 B
2 exactag.com
m.exactag.com — Cisco Umbrella Rank: 13536
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1059
344 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 736
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 66
141 KB
1 extend.tv
sync.extend.tv
546 B
1 zemanta.com
b1sync.zemanta.com
317 B
1 taboola.com
sync.taboola.com
99 B
1 adotmob.com
sync.adotmob.com
307 B
1 loopme.me
csync.loopme.me
359 B
1 rfihub.com
p.rfihub.com
759 B
1 deepintent.com
match.deepintent.com
44 B
1 adgrx.com
cm.adgrx.com
408 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 acuityplatform.com
ums.acuityplatform.com
637 B
1 advangelists.com
nep.advangelists.com
234 B
1 quantserve.com
pixel.quantserve.com
506 B
1 turn.com
ad.turn.com
425 B
1 3lift.com
tlx.3lift.com
507 B
1 onetag-sys.com
onetag-sys.com
361 B
1 adtelligent.com
player.adtelligent.com
11 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1446
337 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1093
35 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1322
563 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2368
187 B
1 thevivanetworks.com
sso.thevivanetworks.com — Cisco Umbrella Rank: 323680
746 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4751
291 B
0 rlcdn.com Failed
api.rlcdn.com Failed
656 67
Domain Requested by
61 s0.2mdn.net www.viva.co.id
imasdk.googleapis.com
s0.2mdn.net
46 track-selectmedia.com www.viva.co.id
44 serv-selectmedia.com sm1.selectmedia.asia
serv-selectmedia.com
40 c.amazon-adsystem.com serv-selectmedia.com
c.amazon-adsystem.com
40 imasdk.googleapis.com serv-selectmedia.com
imasdk.googleapis.com
37 pagead2.googlesyndication.com securepubads.g.doubleclick.net
39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.viva.co.id
fw.adsafeprotected.com
www.googletagservices.com
s0.2mdn.net
32 dsum-sec.casalemedia.com 3 redirects r.casalemedia.com
googleads.g.doubleclick.net
ssum-sec.casalemedia.com
30 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
30 public.viva.co.id www.viva.co.id
public.viva.co.id
22 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
serv-selectmedia.com
acdn.adnxs.com
player.hb.selectmedia.asia
22 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
20 pubads.g.doubleclick.net imasdk.googleapis.com
17 match.adsrvr.org r.casalemedia.com
ads.pubmatic.com
serv-selectmedia.com
13 cm.g.doubleclick.net 10 redirects r.casalemedia.com
googleads.g.doubleclick.net
12 securepubads.g.doubleclick.net www.viva.co.id
securepubads.g.doubleclick.net
www.googletagservices.com
10 eus.rubiconproject.com serv-selectmedia.com
eus.rubiconproject.com
10 prg-apac.smartadserver.com ads.pubmatic.com
8 googleads.g.doubleclick.net 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
www.viva.co.id
8 www.google.com 1 redirects www.viva.co.id
tpc.googlesyndication.com
39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
8 thumb.viva.co.id www.viva.co.id
7 htlb.casalemedia.com ads.pubmatic.com
serv-selectmedia.com
player.hb.selectmedia.asia
6 googleads4.g.doubleclick.net www.viva.co.id
6 www.googletagservices.com securepubads.g.doubleclick.net
39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
6 cdn.indexww.com r.casalemedia.com
ssum-sec.casalemedia.com
6 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
6 js-sec.indexww.com ads.pubmatic.com
serv-selectmedia.com
5 acdn.adnxs.com serv-selectmedia.com
5 prebid-server.rubiconproject.com serv-selectmedia.com
5 dt.adsafeprotected.com 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
5 bid.g.doubleclick.net 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
imasdk.googleapis.com
5 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.gstatic.com www.viva.co.id
39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
4 svastx.moatads.com imasdk.googleapis.com
4 um.simpli.fi 2 redirects ssum-sec.casalemedia.com
4 skydeutschland.demdex.net 2 redirects 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
4 www.google-analytics.com www.viva.co.id
www.google-analytics.com
3 c1.adform.net ssum-sec.casalemedia.com
3 d.adroll.com 3 redirects
3 secure.adnxs.com ssum-sec.casalemedia.com
3 ghb.hb.selectmedia.asia player.hb.selectmedia.asia
3 cdnjs.cloudflare.com s0.2mdn.net
www.viva.co.id
3 player.hb.selectmedia.asia www.viva.co.id
player.hb.selectmedia.asia
3 static.adsafeprotected.com 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
3 thumb.intipseleb.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 sb.scorecardresearch.com 1 redirects www.viva.co.id
2 bttrack.com ssum-sec.casalemedia.com
2 euexchangesync.digitaleast.mobi 2 redirects
2 s.company-target.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 sync.mathtag.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ups.analytics.yahoo.com ssum-sec.casalemedia.com
2 c2shb.pubgw.yahoo.com player.hb.selectmedia.asia
2 m.exactag.com 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 fonts.googleapis.com 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
2 pixel.adsafeprotected.com 2 redirects
2 fw.adsafeprotected.com 1 redirects 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 s.amazon-adsystem.com 1 redirects r.casalemedia.com
2 adservice.google.de securepubads.g.doubleclick.net
2 hbopenbid.pubmatic.com ads.pubmatic.com
player.hb.selectmedia.asia
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 ads.pubmatic.com www.viva.co.id
ads.pubmatic.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.google.de www.viva.co.id
2 www.googletagmanager.com www.viva.co.id
www.googletagmanager.com
1 f604d0068ef64c94ee184a6f0d8109d2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 sync.extend.tv 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.taboola.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 csync.loopme.me 1 redirects
1 p.rfihub.com 1 redirects
1 match.deepintent.com ssum-sec.casalemedia.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 ums.acuityplatform.com 1 redirects
1 nep.advangelists.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 dpm.demdex.net ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 select-d.openx.net player.hb.selectmedia.asia
1 tlx.3lift.com player.hb.selectmedia.asia
1 onetag-sys.com player.hb.selectmedia.asia
1 fastlane.rubiconproject.com player.hb.selectmedia.asia
1 token.rubiconproject.com eus.rubiconproject.com
1 player.adtelligent.com player.hb.selectmedia.asia
1 t.pubmatic.com ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 sm1.selectmedia.asia securepubads.g.doubleclick.net
1 rtb.adentifi.com r.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 dsum.casalemedia.com r.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 r.casalemedia.com js-sec.indexww.com
1 image6.pubmatic.com ads.pubmatic.com
1 thumb-jagodangdut.intipseleb.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 hitlog.viva.co.id ajax.googleapis.com
1 sso.thevivanetworks.com www.viva.co.id
1 ajax.googleapis.com www.viva.co.id
1 www.viva.co.id
1 bit.ly 1 redirects
0 api.rlcdn.com Failed ads.pubmatic.com
656 111
Subject Issuer Validity Valid
*.viva.co.id
Sectigo RSA Domain Validation Secure Server CA		 2022-07-25 -
2023-08-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-19 -
2023-03-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
serv-selectmedia.com
GTS CA 1D4		 2022-07-14 -
2022-10-12		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-05-25 -
2023-06-23		 a year crt.sh
track-selectmedia.com
GTS CA 1D4		 2022-07-16 -
2022-10-14		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
player.hb.selectmedia.asia
R3		 2022-08-20 -
2022-11-18		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2022-04-01 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
ghb.hb.selectmedia.asia
ZeroSSL ECC Domain Secure Site CA		 2022-08-05 -
2022-11-03		 3 months crt.sh
player.adtelligent.com
R3		 2022-07-19 -
2022-10-17		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh

This page contains 93 frames:

Primary Page: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Frame ID: 494A8342E43D0B5995F177BB3D72682A
Requests: 144 HTTP requests in this frame

Frame: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 290D6887C135CCF68024734EDA61B604
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CA1DE9F27EE4129B349ACA8026DF8A00
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Frame ID: 9FAF761558B76535AE68A52E902DD0BD
Requests: 2 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: D3172106AAAB4CE069663693990D1D58
Requests: 10 HTTP requests in this frame

Frame: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DAA2BD359ADDDE9695366D180EB3C1B3
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D700A117CBA1770032E0C6AA04257030
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 30D5BC93F1BBDF9E6629503B856AEBF3
Requests: 2 HTTP requests in this frame

Frame: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 848257F02A010EC76BF37F279EEBB844
Requests: 5 HTTP requests in this frame

Frame: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4E39B3BB61928578BF2C95B2B4D6B73E
Requests: 18 HTTP requests in this frame

Frame: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5B459C4C89CADA8FBB0F8A8CAD5FAF3D
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvzd4dktyhvzFSnWLgHzqmycSSEEG_edZwSmGoysfO5wJDz9qC-6x4UY-Db36yM4KiMLpWV8z7AwX2lZUMz2NvE-I3UeoTbct1nbyyKAJbtzUsUEDvJz9yNesHq757qbh4G4_HhM9hUc_2S3_8aCeUSdq5uCUpN4emcVIpGiblP9XSNms1MlxE45ai5e7w3H_jmBixrhAYYDfw_eRTK6Ku4hCL7kOmDbIZBxDKQ16kNe93lQoYRTNEvSbp4IdgIF24YBZgffh_eAfVQIExNfzNk-n0_o-xlM1SGJr-qOooUxyKGt92n8PV8r_jdl2dLNXKBJ5ofDji1zu6&sai=AMfl-YTZ86Gs0Q_9CJbsOXeO7PpF5x83UUIGi06rNNF9wUpHjjmKbVQDCQ_aWZGjTUxupLzUnLMJIt52Ga91_xH-U-zGvTzn-Tfwi1YAguBzy-CfDqk04NqzHNW-sFeob9mixg&sig=Cg0ArKJSzH0DFBSW4uNBEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EC208D24C0181C3F4A79133AE524FC4C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGN6Ay88BMAE&v=APEucNXIpe6ULbEvwCq96VOVgyvG4JqxAWF2FV_kYy1s3gfq9QcOyddrslal-Xynai0HoB3umAnlcyk_9DaRVBpHT2Ev-TcSElI3ulvSLsr53js-aOupQCq8vz4JHqiLtlaVW9zUZE8SVGXceBGJvrNuhFhCdA4OplEMj9Gt-BNThhbBDHJ2iPs
Frame ID: 2B1843AC729D95A5F89263B3C4F96F9D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNV0VHRTaYouUJW21y7gTL-_RXMFbNjAk2StRqiSV-1Tyt_b_MFWAAONJWGbwt6xdUaJk6e3uQ4r1KxgjD0AdK4aYq-BUzAsH5E11fzoaeDblsrHvqMbF2u2fMJNYcyMiZgGV5471tWfRlxmki18TRq8b5BCuNnvlks9dZ0PUdf3xOU0-ko
Frame ID: D795966611620D83FABD33C2B329C785
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNX_-XOJBHLdpKtMFZuCgN2BF9L1Dt9S92jze2c2pRI3c3rXQbQYZApXOtaepQFmUuM97dtUQWefT_kKKEQ1dZG-BY5P2OVjpe-gKq2forJG_FBpJmL9Clnyn2PPF-VFdavYd6BpucDSRlugEItxc5GOx2lpadV3evhHPGGpZann-IJ6KNA
Frame ID: 4CEA462480FCC7BA4911E57D0517A6AA
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500
Frame ID: 975AA580EBB3C3F7F006EE540EB6C63D
Requests: 8 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: 2232BC1DA364B1521FBA2E65DB3D8D23
Requests: 9 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: 56772762AD1688EA1FB3114AEF42DB19
Requests: 9 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: 58D9E88FBA5632CCF2E13EC30AF3B4C6
Requests: 9 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: 1E2705782AD6A26636D27641200982B9
Requests: 9 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: 41F30906DD86309C023023DF5F1FFF98
Requests: 14 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: 5F761D787C033757A037A9A47E76A3C8
Requests: 9 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: 8427FA0424AF760B03F4E6C176DB018D
Requests: 9 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: FB21B2718680DBED88E50458D2EA355F
Requests: 9 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: AEB603A8497A1569C7694073BFB039D4
Requests: 9 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: 2A59163F279F00F98D58A2180CA121DC
Requests: 9 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: 9C9FA3304E6650400CEA83F35A8054A9
Requests: 9 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: F18B026D54D422CF3FB9E318B5CB63B1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4E7915B66C2238991309B1AA23E8F6AD
Requests: 2 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: 53D6EC302F7DC7C49080460EAE2EFBA6
Requests: 9 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: 0190C8118530A95622A10A04ECD262EB
Requests: 9 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: C048DD9539C4FFEFEFDBFBA5F2FE6F71
Requests: 9 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: A3803EE64814E8D165CB11F3A0C64959
Requests: 7 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: B2CAADB86D7D07575F11FF930C886A72
Requests: 7 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: 5835B540FF77BD306DAFC8315AA0C19E
Requests: 7 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: EA4ECA78DBA87EA130D6961FDB378FDE
Requests: 7 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Frame ID: 4203E74C2767C038F000DE877E37CC26
Requests: 7 HTTP requests in this frame

Frame: https://player.hb.selectmedia.asia/prebidlink/461765/hb_310028_7816.js
Frame ID: 4CD75C076BE7CFAB1B4BE1F752BE9543
Requests: 23 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: D1B618983A5D348719E778843D76F2AA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FE85B0961FB041ACF23952D0001DF79A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: A20F22991AB663259BDD28528C1203D7
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 1B4FDDCF6D3444D74C992E5F3D567AE6
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 7D9AE84B4F2F84C6B41DB7578DBC65F2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: E92EB3D7A0B04946FC42EEE67CE3B5A7
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 957DAF14F8810A92176F7119467BE318
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 7182577B80337D169C7AFEAF062F6B59
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 30C8331A2614C97770D0991C6481E661
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 8539A08AC5F87AFF27253DC8B00CFE3D
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=Z3RElsA5jW&t=1&renderingType=2&ev=01_247
Frame ID: A4F474DD8DEDB64AD390480A962144B8
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
Frame ID: D1A2F19E184569702C295FC415BC78C6
Requests: 12 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 566CDCCFA98E2C6AF52922A8A136C505
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 9AC7B48E917546D2E1CDCC5BC58FB8E6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Frame ID: 059872E63150D504777E4CF640EB4E95
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 93E4C675126D2B32773118390EEFAA44
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 82FF1EABC0CC00624AEC6660CFCB7729
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 8F0AF77DB34A92F5E3E8F2B478F841F6
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 59F97FDC3C76678EB78E23F527751C1A
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: F90F47823D0596E004E1D21302D1F846
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: F0D48171679E0E0A4451789F98C39A3C
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 43EB53679FE5A10B21F49A8B11D43BB0
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 70E54AB3106F70BD13948E8C685F69CD
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 1FE5833DDB9D6FBB5D7737504A18D5B0
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 9E0499A8904BD4B8AC2C640200CCF457
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AFD79BA082EBAB8685B06CCF85066702
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 28D20D250A59B0FDA216DB9B9DEB53FF
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 34E8BE8425419A96095B30A4B8E6819B
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C58EF2E7E3C0758F5141DACA54D7EC66
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 89B3169EEC5E8A30D2E81625447C2772
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7F4EB8794F107FD3F885B63C3D7AD867
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2353C3C62F87D6F51C5E003EF997BC99
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 471BB2E3122E57A049DF52BD39E13274
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BB815266C87982A0BD143B7850BDC9C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9D8423015B7E832089259AB78667463C
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6F0EDFAC84A08271B4E95F6C2A738CCA
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B1A0838C9F370ED181D7B7E17EBF8C5D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F6D6B8B68D40A9C63F73C6CFF08C01BD
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 50C32948EE86B71AE97F753C295A98BB
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 61C4A41C02B4AC64FA81BF9C4E8E8CDC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A08D9E78B617CA097430548FC5A70F24
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2F38452DA4CE90AE67DAC06AE701CF61
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
Frame ID: 61D47D0BAFA4917B171EF4E909621D5A
Requests: 23 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A36C095EF86D8A3F7713C36FF6507937
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 47EE8621281834D41EBDD5F52907358E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 478EFD535A1B4C6F7A464579074CE740
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5B244EAE5FC591A043F251F315CFECB8
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 27660B24C6093A914F6413D972BC5472
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Frame ID: A0BCB0EA4E4EAFB20C0624E9FB9002A0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Frame ID: 6D352EABBBC3A9AAE64080A84C2C322A
Requests: 1 HTTP requests in this frame

Frame: https://f604d0068ef64c94ee184a6f0d8109d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 04CC34881F29098453FF2D9D3397339B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlRZPZw8DiUqWZG4_V9s_YxShNJJVCZ2WXykcfga2TVQJBPjQS6RMIeJGOIIsOR6EYEqWI4kIW5yyd-XV-PzPmnkPeTNvKk97as_5B4WAie-esMGoi9LOucFfKiSWFl-gShazd4yyBFnZAxil9m9tGAFHIPHL6Bj_uFs-E0zTW1psFsqb44dsdqIULusvUmb28QHVUrT-0hNZI4HsQbQ8MzQlSTQu0dnkjq879ezsA7sD9URXSXgCCsNlkoIh6_jkZhyQ34KslKPPdyExL96dOZnsW8vxmnPE7vfdHHgFMozzGjfGujf5u&sai=AMfl-YQmXjt3YUBkU9CiunNWN-ZY1Y-B5YrP5OSY18ZTSzmzN_65ljbRu5p7PzPmmFXMUFHNfBNhEzHJfNnJ8cZmZU6ZvfZm8PBPov34zB4wffjG7iU4FlOfHU7zlUFCjg&sig=Cg0ArKJSzLJDgGllNZ0wEAE&uach_m=[UACH]&adurl=
Frame ID: CA60E5E0E0CD32DF16ECCB08AA27D50D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Frame ID: A39BE45DD7BDEBADECC8A3C5BE6007D5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 206EBAE08246A76D0A94BEAE2C6B3F0D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 097C518E94BB4264A33A856FBAE5152E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Grafis Kaisar Sambo dan Konsorsium 303 Diduga Disebar Internal Polri

Page URL History Show full URLs

  1. https://bit.ly/3px3agM HTTP 301
    https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-diseba... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

656
Requests

93 %
HTTPS

37 %
IPv6

67
Domains

111
Subdomains

82
IPs

8
Countries

14177 kB
Transfer

42262 kB
Size

38
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3px3agM HTTP 301
    https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://sb.scorecardresearch.com/c2/8429568/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 62
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.viva.co.id%2F&domain=www.viva.co.id&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=SquIcXxHRmxBaGd5YmFTQnZPV0kvZmtqZGJuTHZqbkU3aEdHMzNVQXNLNVE0STgrK3k1ajRTVmE2eHFQWDR6YXR2dWxyeXpZT2hHQnAvU3lUMUdjMGdoenREZ3NJN2h1amtKbGxMUEdJQURSeVFmNDZuL3FWZHVSU283TnpmQXVwUGMyS1pKVVVraEdKMlRUUmRWby9TMXpIakVhQXZYT1BtNzltRzZOanNCa1piNGliL2xmR2pzVHJNdUxocmRHTy83Rk45dmY1NGVUdHJWNU55RHV1Wjd4ZEM4anpNakJZbkNvb0FsYzFOTmsvSTc0PXw&cppv=2
Request Chain 92
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 94
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxWM8lxjmMCJg8zGRvlwPgAABJAAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxWM8lxjmMCJg8zGRvlwPgAABJAAAAIB&dcc=t
Request Chain 95
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YxWM8lxjmMCJg8zGRvlwPgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YxWM8lxjmMCJg8zGRvlwPgAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1&gdpr=1
Request Chain 98
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=O4bsfP7d1Ov4Vd5&gdpr=1
Request Chain 99
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1662443123&gdpr=1
Request Chain 100
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f58c3882-71cb-4858-8422-bb0e44f0211f&expiration=1693892723
Request Chain 126
  • https://pixel.adsafeprotected.com/rfw/st/1083870/64162795/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_placementId=17933170054&bidurl=https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i0aOmPGouc5c3_yxnLnnjC HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 134
  • https://pixel.adsafeprotected.com/rfw/st/1083870/64162795/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_placementId=17933170054&bidurl=https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0icjBC21tVPLmzLBgG95rrC HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
Request Chain 220
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxWM8lxjmMCJg8zGRvlwPgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJM5T3MdwVvoZlBXZxTEQFY&google_cver=1
Request Chain 222
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA5MzQ4MjUxNjY2NjU4OTk5MQ%3D%3D
Request Chain 223
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
Request Chain 224
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxWM8lxjmMCJg8zGRvlwPgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJM5T3MdwVvoZlBXZxTEQFY&google_cver=1
Request Chain 226
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA5MzQ4MjUxNjY2NjU4OTk5MQ%3D%3D
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFs1t5Ls4wKDNGkBA4UrLF4&google_cver=1
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEJk8iKvUrKk-DwbiqKFnWLA&google_cver=1
Request Chain 265
  • https://fw.adsafeprotected.com/rfw/bgd/1103447/64557517/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CnkAoCZ_4B3sPhPSwLvf-_miE75UPTZhaizLiUY5EbEg7Hp5k3jbtJYk7N5xKleZWXdVGY4zGL0kvLm7gOQD56-rPbqc8ubBE6AX7EU4wQ2TgxqDf4mlI8ptpK20bKgdISt8yLmbVqsIo-4vexCgFzFwjcwA65GuoODPErkUAKAmf-AbxGRy8N8ioiLeLJzOHM80ApxzyNGs_RMO1e--Tyix56cLG-nrhz1YRchn-AQ6O4wVw1tPSV2bJ_g6S1FuK6Ba39RD5hayqTeDkfP9lgo2j2rOSCMpdF9V2ELYbQxyyOND9nTjY50997mUtKVx4GdMXWKNRPUXgIr8jVYh-JEj-eb6dl33nU3V1QXx0y8eXzFJ_U_tgLv-IomjumVpUHCULM1_6TNLG2hlOhl8Qajpep7XRi09WKUysYBj1RhqPoSX46oxbteqXwJ8CQ2kBShFEWsL69ffGy8NWO16XmcLOljPcp2KMj8_DNRukj5JHK8wCJAc5dG6mFyX5YO8MX8nBqk9qRFgFi3c72DEFotEElzUVql9p4iAA6lDP48LPRiM0nbxgale2REfZPQzXwulJzseQYEkikzR8YOeP6RqKMbr7LdEwOywUwtHKHGudMRAQTTcb_6xtIi-tesLvV-olReuNyoEzUrFgtb5LGhbL_SkCsQWHxSQocbqOdiliLGmRFjKiCHdQeuf1Cv4OlD1OLHB52iEybGnPW1xrtZOIhwfZIEqjJVVPCjPWBD2bMBe9DFTFUikF886pYtcoovs4-B5AuM3nuLX9YKndX467WFnYK9I4ZoXa61efOd41xWM77fzGrHm5U21sV8JrwDb9qhRgKKOvgUymGc2qbPEXY5IEyHCo_YfLAsCMo72E6y95BKbEqQZKTHT0OrWSE7QtHhhU65IDp-zLxi93wAw2VPbgVNMGIabk8_oQs6nk4NX6wEeqO11TLaEvbG7HoJrPEEz09wtQdKl0kP6kdeunbmLvtW9QjkPsTfyZwk3Kz3lhpk3PO7BkmM6ScgTQq4A6c8Cp5T1SL7FcIyA8e9NxcyVi3pAHbTQIwW_LhVsghJ4gmBayuqzhcPjrO0x3sW6MTRVhvGZMjRjKbgs1izhlYVeaEy-0RfnxHh-2_T6dnjgfP_iqbWmEn4npCUGJZRlVXxSpX2XeN7vanxH1lC_Ji30tSrFfjvV7OUoBi6n6XIOQ5OT14yBt3g4pDyjBUhJytMCSFQICyNrF19TGrzozJUzA51JPBjljAhWFF2JuicSc39MvMokYx3snVT7h1GFxfJfPyr5p7GW2XDeWAQAL9xohxNAqYndqRw6yI1zg3sYdw08A_FNQSV81rnjrG1-KBcjZOFCXPKU3Ss-zQSYZfFlERdTmvsrI9OhvH67cvKZxcHRSgQMtmpsZderGinC6911I-zOqqpqeSefHqz0UF3xujAJmz0jqADS2lgxpNE9M5TGfz8CJHHHEHp65dbeIHA-GXygJ2Q84LNB3cXgVa7t_L5nV7dxrAfC_E9vwTguQ8QYuK4yqKujOY25P1ig83bY2weHQnhicUlouQ1wTOFLdBtTnsYHunAGL3BKf9PHlioVYIUDO4RDsg_m-BpK2izXJ3kRgAkpPp2hF12kGsvKtl3jo4llhtNdQdqCqJVae1PD_khD0OxvZcIiLF2L6KXPG5CjHnUphmwAxkWWNQWBahY_Iig49bDPXZWrjgnb3ugRqFvJ28VMM-zT1J_4RI3WC29XznrCESfiEz_gH2KpG-aqVUUXdGZ8Gu_m_s1a1OVwRV1NDMGZ8ipUYH7jzTXjMqm1Qr_WGZeyrUbGYLHS87e3N9cExwEAOg6mafGjM9i6fJHvy4AJlJFrZBDc_mX3MmgFl7dTF1oFIlCQrMRDBwTZ3r4JEpzOvim_uM9FnBTbqmttKWzu8-TbYKuf55lP5puLftbuMkNp4RdBvdCzvYU7PMBxo7znT1javU5jdxt5Zoz6PcczQtQPxI8hlQLAj3EJe1X9VAWLJVwCwUl3lph2EpKgvfexPOYcezRlSikkXE1NPMFKINqViGnCloSaS0MW8m89IrQNurZZxiBYVO1P-XIgNnEyzHi4ZbkLRvL1yXD8Ma9KsMuIt6BGnrZdy9XGtDw3iEUjJgzcSqRDfMtFPK4L_kwDkHAjvsaKLmr1Bn-sIvm-659BsE-TgAhKCP_sAdpaCxhgIfBzDK-XdptftmVebT-CiftIP5pgZpyKvGvEHA-1Yggg8B968yDkEuHZliy6FBnvVWEWVpIgdSxvpYrmM3N3fYMxZFEtlHH_yEeYkRi9Y0K2HW4NZlxHlFEWrpZ7VZjH0sTUCUuKPRaRtpT9IMzYJfKVjvqsGQDl5RbEwfNBWESwo4k9rIu2JEJe3ODBLCOZ5xSSZYCDXrm7EaR3TJ-bDyKo-BKzR7lXw0EDvprLbGNCOmllOSfD5wID7xc-m02y14nLiGerUWiFW0kRnUpCveg74EWdZcgQs7R0CCl1DVXVNqwPa_5E3wTmROtlda50-qu3rY_t72pf6QNk7fJNAgr6718MFjxUa-8R7JICSOViD7gtm4pEPm1PUilvO2Wy-gSs0N7ujnBpLej7mcg46rYJq3uI3ON8PZ5v7hZq4ZUwyYo63CaO8PR_HIw-gHf5Ludrnl2Z04V1dONPEczlRa-p1NSW_TDQbnYFH1g6J_slCdUQ_Mnhp-IbVvhg_AOGIpERLTuH8X1VbC-Z-wbMHB9Uanp5RdKFkVy_qG3I_vpZaBhjt0LogpqbA2ptcK1AwTofddV_nK5_4kMWUg6OxGb8FZjtOGuJfmZOXdaLq3GPHKPFjRq3z7MAjKRqJuql03aGQr1xrPcQ5GP3HKMFwF111t80_KOK_H3-UB47-qVFd6hibIMoxy8CviuuG8sI-QZzD8Prr-6XyawQcpqE3fwTUhkLriXaYoheblMQOpbkxRupqPLXzIsB8g9h_ip2tK6tuhCz09DPbY21TodOhRfCjlSHiOUb1O5PHTpwZf83DAbuYECob5hkoBNf4-Ze_aElDg-HBxolWd_NWpzZATWanRROWoBvLG3RpbyDNO-2bDrtKbHQGnC-uFGEnaFhWPyBRwo2vG9SJk-42wbWtUaW4NuBQmn36_9v_eJWD64McGTbmeT2rKGzlu9HS-vwOQkLB6Gw8xGeylaB1jVS7rxT1QiTyvPLS0OjSoqx3LBicD3_di80UzuxO0aQUnUOo9R9No35PdTjDQmlnps0R-bulY3lt10204pMwerRW0iDeaKmeSLalamoJYitipjVNO4cAt_Wz8hRl-wACK6fzl58UBtX1wuX9yFg7nez96yYQm5lr5cXBB3eDRmUL8Q04vpCkjsOxTCwMVRuAEdy7cTPxUPYbzokQH038s-RRCs1_VKn_g3FyCgAJTjVCS3LAlcYvs_bfln_n3x7oN4aZ1yMH7JVVbeyvn5JPCshyil26riv9nELQ1_EBogT4DsWFmFHaEl5kBPPnv6cu5KmgkIQ6qTolbfB6xLbfPMzzYGDmoX6FRjMPlTvoQ3QdG3BshBe6Z5FqbQNT517Lxo_xx3xeTZvJmL4mpMBeUyT0h2PE5mB2MkCn9dED_SDgkp3xwI88UY3mS90NAsPWRRqgr4Gq_btrj7BJITox5fH0EBDR_UEWhQ4fxorCAASJ-RoeayDVrMwNyuWzd3ziors-3CrTyNQKwVM1qZTvnBUV7PBBKGni2AB&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_placementId=17669653609&bidurl=https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jHr_aQUngJ-zijFFfKP0_u&adsafe_url=https%3A%2F%2Fwww.viva.co.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bdf84ec0-c8af-80da-7fbe-edae03003897,c:njEMi3,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-7db66464c7-jh5xk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:audiit1,mtim:3,mot:0,app:0,maw:0,fm:tgxhp3S+11%7C121%7C13%7C14*.1103447-64557517%7C141%7C151%7C16%7C1711%7C181%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:efa6e4a6-2cdd-11ed-8f9b-9a8b7463bf74,v:19.8.346,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CnkAoCZ_4B3sPhPSwLvf-_miE75UPTZhaizLiUY5EbEg7Hp5k3jbtJYk7N5xKleZWXdVGY4zGL0kvLm7gOQD56-rPbqc8ubBE6AX7EU4wQ2TgxqDf4mlI8ptpK20bKgdISt8yLmbVqsIo-4vexCgFzFwjcwA65GuoODPErkUAKAmf-AbxGRy8N8ioiLeLJzOHM80ApxzyNGs_RMO1e--Tyix56cLG-nrhz1YRchn-AQ6O4wVw1tPSV2bJ_g6S1FuK6Ba39RD5hayqTeDkfP9lgo2j2rOSCMpdF9V2ELYbQxyyOND9nTjY50997mUtKVx4GdMXWKNRPUXgIr8jVYh-JEj-eb6dl33nU3V1QXx0y8eXzFJ_U_tgLv-IomjumVpUHCULM1_6TNLG2hlOhl8Qajpep7XRi09WKUysYBj1RhqPoSX46oxbteqXwJ8CQ2kBShFEWsL69ffGy8NWO16XmcLOljPcp2KMj8_DNRukj5JHK8wCJAc5dG6mFyX5YO8MX8nBqk9qRFgFi3c72DEFotEElzUVql9p4iAA6lDP48LPRiM0nbxgale2REfZPQzXwulJzseQYEkikzR8YOeP6RqKMbr7LdEwOywUwtHKHGudMRAQTTcb_6xtIi-tesLvV-olReuNyoEzUrFgtb5LGhbL_SkCsQWHxSQocbqOdiliLGmRFjKiCHdQeuf1Cv4OlD1OLHB52iEybGnPW1xrtZOIhwfZIEqjJVVPCjPWBD2bMBe9DFTFUikF886pYtcoovs4-B5AuM3nuLX9YKndX467WFnYK9I4ZoXa61efOd41xWM77fzGrHm5U21sV8JrwDb9qhRgKKOvgUymGc2qbPEXY5IEyHCo_YfLAsCMo72E6y95BKbEqQZKTHT0OrWSE7QtHhhU65IDp-zLxi93wAw2VPbgVNMGIabk8_oQs6nk4NX6wEeqO11TLaEvbG7HoJrPEEz09wtQdKl0kP6kdeunbmLvtW9QjkPsTfyZwk3Kz3lhpk3PO7BkmM6ScgTQq4A6c8Cp5T1SL7FcIyA8e9NxcyVi3pAHbTQIwW_LhVsghJ4gmBayuqzhcPjrO0x3sW6MTRVhvGZMjRjKbgs1izhlYVeaEy-0RfnxHh-2_T6dnjgfP_iqbWmEn4npCUGJZRlVXxSpX2XeN7vanxH1lC_Ji30tSrFfjvV7OUoBi6n6XIOQ5OT14yBt3g4pDyjBUhJytMCSFQICyNrF19TGrzozJUzA51JPBjljAhWFF2JuicSc39MvMokYx3snVT7h1GFxfJfPyr5p7GW2XDeWAQAL9xohxNAqYndqRw6yI1zg3sYdw08A_FNQSV81rnjrG1-KBcjZOFCXPKU3Ss-zQSYZfFlERdTmvsrI9OhvH67cvKZxcHRSgQMtmpsZderGinC6911I-zOqqpqeSefHqz0UF3xujAJmz0jqADS2lgxpNE9M5TGfz8CJHHHEHp65dbeIHA-GXygJ2Q84LNB3cXgVa7t_L5nV7dxrAfC_E9vwTguQ8QYuK4yqKujOY25P1ig83bY2weHQnhicUlouQ1wTOFLdBtTnsYHunAGL3BKf9PHlioVYIUDO4RDsg_m-BpK2izXJ3kRgAkpPp2hF12kGsvKtl3jo4llhtNdQdqCqJVae1PD_khD0OxvZcIiLF2L6KXPG5CjHnUphmwAxkWWNQWBahY_Iig49bDPXZWrjgnb3ugRqFvJ28VMM-zT1J_4RI3WC29XznrCESfiEz_gH2KpG-aqVUUXdGZ8Gu_m_s1a1OVwRV1NDMGZ8ipUYH7jzTXjMqm1Qr_WGZeyrUbGYLHS87e3N9cExwEAOg6mafGjM9i6fJHvy4AJlJFrZBDc_mX3MmgFl7dTF1oFIlCQrMRDBwTZ3r4JEpzOvim_uM9FnBTbqmttKWzu8-TbYKuf55lP5puLftbuMkNp4RdBvdCzvYU7PMBxo7znT1javU5jdxt5Zoz6PcczQtQPxI8hlQLAj3EJe1X9VAWLJVwCwUl3lph2EpKgvfexPOYcezRlSikkXE1NPMFKINqViGnCloSaS0MW8m89IrQNurZZxiBYVO1P-XIgNnEyzHi4ZbkLRvL1yXD8Ma9KsMuIt6BGnrZdy9XGtDw3iEUjJgzcSqRDfMtFPK4L_kwDkHAjvsaKLmr1Bn-sIvm-659BsE-TgAhKCP_sAdpaCxhgIfBzDK-XdptftmVebT-CiftIP5pgZpyKvGvEHA-1Yggg8B968yDkEuHZliy6FBnvVWEWVpIgdSxvpYrmM3N3fYMxZFEtlHH_yEeYkRi9Y0K2HW4NZlxHlFEWrpZ7VZjH0sTUCUuKPRaRtpT9IMzYJfKVjvqsGQDl5RbEwfNBWESwo4k9rIu2JEJe3ODBLCOZ5xSSZYCDXrm7EaR3TJ-bDyKo-BKzR7lXw0EDvprLbGNCOmllOSfD5wID7xc-m02y14nLiGerUWiFW0kRnUpCveg74EWdZcgQs7R0CCl1DVXVNqwPa_5E3wTmROtlda50-qu3rY_t72pf6QNk7fJNAgr6718MFjxUa-8R7JICSOViD7gtm4pEPm1PUilvO2Wy-gSs0N7ujnBpLej7mcg46rYJq3uI3ON8PZ5v7hZq4ZUwyYo63CaO8PR_HIw-gHf5Ludrnl2Z04V1dONPEczlRa-p1NSW_TDQbnYFH1g6J_slCdUQ_Mnhp-IbVvhg_AOGIpERLTuH8X1VbC-Z-wbMHB9Uanp5RdKFkVy_qG3I_vpZaBhjt0LogpqbA2ptcK1AwTofddV_nK5_4kMWUg6OxGb8FZjtOGuJfmZOXdaLq3GPHKPFjRq3z7MAjKRqJuql03aGQr1xrPcQ5GP3HKMFwF111t80_KOK_H3-UB47-qVFd6hibIMoxy8CviuuG8sI-QZzD8Prr-6XyawQcpqE3fwTUhkLriXaYoheblMQOpbkxRupqPLXzIsB8g9h_ip2tK6tuhCz09DPbY21TodOhRfCjlSHiOUb1O5PHTpwZf83DAbuYECob5hkoBNf4-Ze_aElDg-HBxolWd_NWpzZATWanRROWoBvLG3RpbyDNO-2bDrtKbHQGnC-uFGEnaFhWPyBRwo2vG9SJk-42wbWtUaW4NuBQmn36_9v_eJWD64McGTbmeT2rKGzlu9HS-vwOQkLB6Gw8xGeylaB1jVS7rxT1QiTyvPLS0OjSoqx3LBicD3_di80UzuxO0aQUnUOo9R9No35PdTjDQmlnps0R-bulY3lt10204pMwerRW0iDeaKmeSLalamoJYitipjVNO4cAt_Wz8hRl-wACK6fzl58UBtX1wuX9yFg7nez96yYQm5lr5cXBB3eDRmUL8Q04vpCkjsOxTCwMVRuAEdy7cTPxUPYbzokQH038s-RRCs1_VKn_g3FyCgAJTjVCS3LAlcYvs_bfln_n3x7oN4aZ1yMH7JVVbeyvn5JPCshyil26riv9nELQ1_EBogT4DsWFmFHaEl5kBPPnv6cu5KmgkIQ6qTolbfB6xLbfPMzzYGDmoX6FRjMPlTvoQ3QdG3BshBe6Z5FqbQNT517Lxo_xx3xeTZvJmL4mpMBeUyT0h2PE5mB2MkCn9dED_SDgkp3xwI88UY3mS90NAsPWRRqgr4Gq_btrj7BJITox5fH0EBDR_UEWhQ4fxorCAASJ-RoeayDVrMwNyuWzd3ziors-3CrTyNQKwVM1qZTvnBUV7PBBKGni2AB
Request Chain 341
  • https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=1629583566&gdpr=&gdpr_consent= HTTP 302
  • https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=1629583566&gdpr=&gdpr_consent=
Request Chain 349
  • https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3731867320&gdpr=&gdpr_consent= HTTP 302
  • https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3731867320&gdpr=&gdpr_consent=
Request Chain 359
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 549
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YxWM9wAE3cmuEABN HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxWM9wAE3cmuEABN&gdpr=1&_test=YxWM9wAE3cmuEABN
Request Chain 550
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b4c16315-8cf7-4100-92d6-36d537d6f31d&gdpr=1&gdpr_consent=
Request Chain 551
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3887197713175716820
Request Chain 553
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 555
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABCDE7GKxoAAA_jUnLoiQ&expiration=1663566327&gdpr=1
Request Chain 557
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 558
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=t0kszrkZe8ysTSzIsx8wmeBOLcysSXjI5Rm1edB6
Request Chain 559
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b18d254b-3517-4cda-94cf-f3f64a19e674
Request Chain 560
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 561
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=690589593266
Request Chain 562
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1a376315-8cf7-4200-95b2-1cf7ced03313&gdpr=1&gdpr_consent=
Request Chain 567
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336719765595182
Request Chain 568
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d4edd76c-295f-47e8-88a7-030fcd27146b&us_privacy=null&gdpr_consent=null&gdpr=1
Request Chain 569
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 570
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 571
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 575
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=pe71HFivSztwk59SnT35abnVm6k
Request Chain 576
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1677995127&external_user_id=f4d7777e-bd42-488b-a55a-a4dd8251c927
Request Chain 577
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a3bf30f7-9ccc-487d-b257-7710c2c2f225
Request Chain 582
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 584
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=SYN6hI5MTppGFVhz-49iS7nVm6k
Request Chain 586
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1677995127&external_user_id=fe646823-ea61-4517-ad64-189d0928064f
Request Chain 587
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2eed7fcc-b581-4f3b-b24a-765a48fdf50e
Request Chain 590
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1864f020-10f9-4bbb-80ca-303c06ab0620

656 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
www.viva.co.id/berita/nasional/
Redirect Chain
  • https://bit.ly/3px3agM
  • https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
136 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e400:18:d576:df80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
54b97bd6d46db54e5d9f5a310761223c642f571a1728c29af7fff574c0ca82a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
45595
cache-control
max-age=60, public
cache-tag
1511004
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 04 Sep 2022 17:05:26 GMT
expires
Sun, 04 Sep 2022 17:06:26 GMT
last-modified
Sun, 04 Sep 2022 17:05:26 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding,Accept-Encoding,User-Agent
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
viewtype
Desktop
vivabuild
appcode=new-web
x-amz-cf-id
39shzt7c8KLAVPB4Zgug-UDjOR9PtuBaM2NhzNKIbBczD5_9iYdNTA==
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
202
content-type
text/html; charset=utf-8
date
Mon, 05 Sep 2022 05:45:21 GMT
location
https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
server
nginx
via
1.1 google
7cHqv4kjgoGqM7E3_-gs51os.woff2
public.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3_-gs51os.woff2?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.viva.co.id/
Origin
https://www.viva.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
1491172
cf-ray
745ca883f9c59b3a-FRA
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20348
x-amz-id-2
WeQn1bSkm9Hdt6NiGUZEMiz4c1Pe4lObdR2pfJfx0keBOg32lcsG92s74xXIU1lEJccdXbfRqSs=
last-modified
Tue, 07 Dec 2021 06:21:04 GMT
server
cloudflare
etag
"9c43f43c6a98e7a4c8f27827ff455c9f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-request-id
K1CFQFBHKQX7XG7A
access-control-allow-origin
https://www.viva.co.id
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
content-type
binary/octet-stream
7cHqv4kjgoGqM7E3t-4s51os.woff2
public.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3t-4s51os.woff2?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.viva.co.id/
Origin
https://www.viva.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
1491172
cf-ray
745ca883f9ca9b3a-FRA
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21080
x-amz-id-2
sOTvjMJGLmBAiVVd7nkNVGr00ehXuVlsr0SvIJpa9pv9hElCGRXaoWv5mzBYaCDYwuzaWRjHtso=
last-modified
Tue, 07 Dec 2021 06:21:03 GMT
server
cloudflare
etag
"fa61eccc5d911d604a8739a7c9dc8bcb"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-request-id
K1CFXFY16WDYA7TE
access-control-allow-origin
https://www.viva.co.id
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
content-type
binary/octet-stream
7cHqv4kjgoGqM7E3j-ws51os.woff2
public.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3j-ws51os.woff2?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff393d6091ca6df956a189411d7f152ec4957f71b09ab2a0ae3d6089c7a5ce16
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.viva.co.id/
Origin
https://www.viva.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
1491172
cf-ray
745ca883f9c79b3a-FRA
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20940
x-amz-id-2
NT3Kv++MnPTWRjqHKVtsJnvWkwg4YmoXAgM2hz3GifEYooviUBvu0RhUYEebaZCqJAC9WjrubUQ=
last-modified
Tue, 07 Dec 2021 06:21:03 GMT
server
cloudflare
etag
"03ccd4a420f4073d168c890d0dd8d08a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-request-id
K1CAQYJ5ZAM4BWDE
access-control-allow-origin
https://www.viva.co.id
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
content-type
binary/octet-stream
logo.webp
public.viva.co.id/asset-viva/responsive-web/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public.viva.co.id/asset-viva/responsive-web/img/logo.webp?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8d673259d0bfc678aacef4e63f8ea06ec4b8694faa22927ec51e4a79ee5976c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1486282
cf-ray
745ca884ea7e9036-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4804
x-amz-id-2
YoqEghCL6xdaO7gErzn3GemAuAiJdp4QV0FS4SeziZir5AcVQyYMgT1QkFtqLREHeGSBbzpVSxE=
last-modified
Tue, 07 Dec 2021 06:21:06 GMT
server
cloudflare
etag
"542e5572341fd127c13b9c4d4bcc362f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
K1C4HBANJN17MPDG
cache-control
max-age=31536000
accept-ranges
bytes
content-type
binary/octet-stream
rancak.css
public.viva.co.id/asset-viva/responsive-web/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/rancak.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2754ea4be826ac173d67f7a3bdde928f64a4b1ad7cea6074313fd148164e130f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1490113
cf-polished
origSize=10103
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
K1C5YSRJT5N01SGW
x-amz-id-2
BaMTwXb8guTJWsXu5lKZ3fJBbaCXHxvqwileTWXe7QuofI8/TmsQKXBmMpJ2Bb13cmjpHwPCgz0=
last-modified
Fri, 08 Apr 2022 05:22:24 GMT
server
cloudflare
etag
W/"56b4c5ac2104d28efa729e864a2745b9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca883e9479036-FRA
cf-bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 02:51:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:51:59 GMT
detail.css
public.viva.co.id/asset-viva/responsive-web/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/detail.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c405bcd8f92036855018ea498b39743853763006f991c0c152d92029c38ba827
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1489152
cf-polished
origSize=5263
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
K1C7FK8D4AD0SJR0
x-amz-id-2
pnptXBJFMUSTdrY9Cn5w+QpBD+Ywl8CJfs2dgdxEXK7yS0RJltXVYirOePy4ON36xdaMI8J+lFM=
last-modified
Fri, 22 Jul 2022 08:50:07 GMT
server
cloudflare
etag
W/"351f6cea159b8bc4f063f845816d578e"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca883e94b9036-FRA
cf-bgj
minify
62f594942dd55-ketua-indonesia-police-watch-ipw-sugeng-teguh-santoso_375_211.jpg
thumb.viva.co.id/media/frontend/thumbs3/2022/08/12/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.viva.co.id/media/frontend/thumbs3/2022/08/12/62f594942dd55-ketua-indonesia-police-watch-ipw-sugeng-teguh-santoso_375_211.jpg
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a5c4c0c4d0dda1fd9f62ef917e0242ef2b9d22be2d466d16057153d1c49bf1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
vary
Accept
cf-cache-status
HIT
x-amz-request-id
1GZ3W3HVEA7NM7XZ
cf-polished
qual=85, origFmt=jpeg, origSize=28442
content-disposition
inline; filename="62f594942dd55-ketua-indonesia-police-watch-ipw-sugeng-teguh-santoso_375_211.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18088
x-amz-id-2
5kmNW965Eit6qQkV3J2hGAyogFf+vS5beDjYB152rODAjNce2hmQXOLjYqb2rpRhFH8Mvc8D1wk=
last-modified
Thu, 11 Aug 2022 23:45:26 GMT
server
cloudflare
etag
"fcd8cc6a955842a1772afd476c237a8b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
745ca884faa79036-FRA
cf-bgj
imgq:85,h2pri
viva_analytics.js
public.viva.co.id/asset-viva/responsive-web/js/ 		1 KB
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/js/viva_analytics.js?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99f9762cd613e0d36e9bb53f8c51d5e4c5393d3452e34e9dd532348fe3489475
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1489152
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
K1CD2XP7QE9CJKW1
x-amz-id-2
fZ/xJ74FIAFSC1yy7MixLyd7l8BZox4zCkYJlqMFck8DICoD36KFy8FsgqInh/RbLROSduM23gs=
last-modified
Tue, 07 Dec 2021 06:21:30 GMT
server
cloudflare
etag
W/"f9e8ced65fbe8d7245f1f03a52278625"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
745ca883e94d9036-FRA
cf-bgj
minify
uuid.js
public.viva.co.id/asset-viva/responsive-web/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/js/uuid.js?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a88ea7c27c4e99a4114c3a490bc1c59c51f7ccb6a8a5f13c37d35005b7af2a6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1481616
cf-polished
origSize=7584
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
K1C9XD2QM5EMR3EY
x-amz-id-2
y2G34CKl5x3nnKcXoPW0pZZaa7DpR71pLtBKhz4Hn0SSZ9RZAEOQckr9uJuvmQCXMxXBtGUZguY=
last-modified
Tue, 07 Dec 2021 06:21:30 GMT
server
cloudflare
etag
W/"7db2d23cd7b8f7377efa277f63a78cd1"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
745ca883e94c9036-FRA
cf-bgj
minify
rancak-desktop.css
public.viva.co.id/asset-viva/responsive-web/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/rancak-desktop.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
727711e56af2bae60b9f1c96a71d7a1b806e0f3d887e29374f010edcc44a975b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1490112
cf-polished
origSize=3939
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
K1CAN7KJZNXNYYA2
x-amz-id-2
WazI2SvT8rvrzl636+LHM3kd7nqdp2FxnaIfDSPtXakq3doL0Ih1hei9+zDEB2KniZlRiCuYDCI=
last-modified
Wed, 06 Jul 2022 12:45:02 GMT
server
cloudflare
etag
W/"7ccad598971149a422fe9ef5bbcece43"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca883e9499036-FRA
cf-bgj
minify
icon-profile-small.jpg
public.viva.co.id/asset-viva/responsive-web/img/ 		270 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public.viva.co.id/asset-viva/responsive-web/img/icon-profile-small.jpg?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8825e6c38403c234f6228f6cbeb88c276f0e62cbab1900d044cb8f5c2d0472b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
vary
Accept
cf-cache-status
HIT
age
1486282
cf-polished
qual=85, origFmt=jpeg, origSize=596
cf-ray
745ca884ea809036-FRA
content-disposition
inline; filename="icon-profile-small.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
270
x-amz-id-2
1Q0BARiOzCfyavDpk8wY0QHYMI5aBQfVm9oBbDRnf1RDTZXYvTwfTA0Pdkj+Ideizsl1wETOCng=
last-modified
Tue, 07 Dec 2021 06:21:18 GMT
server
cloudflare
etag
"5c3ff561dbcd90411fb36c440373976b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
K1C3D628H7A7W1XB
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
62f594942dd55-ketua-indonesia-police-watch-ipw-sugeng-teguh-santoso_1265_711.jpg
thumb.viva.co.id/media/frontend/thumbs3/2022/08/12/ 		157 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.viva.co.id/media/frontend/thumbs3/2022/08/12/62f594942dd55-ketua-indonesia-police-watch-ipw-sugeng-teguh-santoso_1265_711.jpg
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aea2736ddb67bf07394268c3934a24ee0b5c4c8dac053216b30e283a7beea59
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Aug 2022 23:45:25 GMT
server
cloudflare
x-amz-request-id
GH6A2S58B59FFTHZ
etag
"172784f6df259748ce674e8d0dc6f78d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
745ca884faa69036-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
161025
x-amz-id-2
yk+UH3LTKLBuF4+D8PYMuMW11VCY2/GnzBtwt+XZAFMC3wbJ1Fh8Yg0DGqLfIo+cRtXPxy5SwJ0=
lazysizes.min.js
public.viva.co.id/asset-viva/responsive-web/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/js/lazysizes.min.js?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b0999f439d6fc07e37171f45a1cef5a75c419dcfcc28321ec6f2ce12011b07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Dec 2021 06:21:27 GMT
server
cloudflare
age
1480021
etag
W/"47032768eb4c255dbf0a3f78ef5c6865"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
745ca884ea819036-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
K1C80KBZ7YE50ZXQ
x-amz-id-2
HrB3tNSL6F8E+y0evxm4Cfc1Hh7Ia06GXjsmikoRwPiiALDKQp2KiqNMJFFqDLnunG+g7nJZFh4=
cook.php
sso.thevivanetworks.com/ 		236 B
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.thevivanetworks.com/cook.php
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:87f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbf0af2030686af9c2b66c8db72742c57530aae9b91b7ae8e3700a24e32578b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
date
Mon, 05 Sep 2022 05:45:21 GMT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwUvTsXKm5k3Hoo35VQLCH5jm1wlVWdQuV9Xdm4UStynHh6JPqmR5gts9q2bILH0urjhh8F85VZErmvk2gwA3OlQZFY246K7buT4x0q3eMIZSQztX3PtToN4WI%2Bt9lqOTBF8fEiXilUS5Q2LRcLBUs%2BomSisyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
745ca8845ac6bb8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
viva-app.js
public.viva.co.id/asset-viva/responsive-web/js/ 		2 KB
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/js/viva-app.js?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84714fb67f035a8801213a5623d70a6b8ff162d57b8649f21711e40456594422
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1488309
cf-polished
origSize=2398
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
K1C27DZ21K21HMY7
x-amz-id-2
Jemo/P7YlBSKo36PzzxE/v6la8R48rePIH4h0ZNKqfugKfldeRNggsybQ1Jgla0P8rXZM7waHKY=
last-modified
Thu, 03 Feb 2022 09:13:32 GMT
server
cloudflare
etag
W/"f25de4984ce3e965a71b66f4088b83b0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
745ca884ca349036-FRA
cf-bgj
minify
firebase-app.js
www.gstatic.com/firebasejs/4.1.3/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/4.1.3/firebase-app.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd9e672799f3e908f9ae536c42eabb6b4300c935f5d80bed2a5a77509918578f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:46:14 GMT
x-content-type-options
nosniff
age
583147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18368
x-xss-protection
0
last-modified
Wed, 21 Jun 2017 23:01:39 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Aug 2023 11:46:14 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/4.1.3/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/4.1.3/firebase-messaging.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d1282f3fab624b88c76dc91d5057a5938b37c504e2f08bde57db6e72ef7b249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 17:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
560744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6732
x-xss-protection
0
last-modified
Wed, 21 Jun 2017 23:01:38 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Aug 2023 17:59:37 GMT
configpush.js
public.viva.co.id/asset-viva/responsive-web/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/js/configpush.js?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c47430da76da0209f1165ec842295831babdcf9ede29c951b01016dd846cba7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1489152
cf-polished
origSize=5428
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
K1C5B9T3YSXMA5Z5
x-amz-id-2
oxow3cpZwzmbWfOKR3MLlI57hvcz9FVuB7F3Osl8pkrr4hhqHEgeM9WMkl2xS/TGK4uOUCGz8MM=
last-modified
Tue, 07 Dec 2021 06:21:47 GMT
server
cloudflare
etag
W/"85ba95df2baeff16cdd7bbee91fdb3e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
745ca884ea7d9036-FRA
cf-bgj
minify
gtm.js
www.googletagmanager.com/ 		193 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KPDQW3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aff287048099e612fc06238a517da6fe4f980e01d53c8b06addfe21e10cdfa4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68624
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Sep 2022 05:45:21 GMT
YToyOntzOjU6InRva2VuIjtzOjQ6InRvcmkiO3M6MjoiaWQiO3M6NzoiMTUxMTAwNCI7fQ==
hitlog.viva.co.id/hit/article/ 		13 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hitlog.viva.co.id/hit/article/YToyOntzOjU6InRva2VuIjtzOjQ6InRvcmkiO3M6MjoiaWQiO3M6NzoiMTUxMTAwNCI7fQ==
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.153.200 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-153-200.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.14.0 /
Resource Hash
fffbe22f67b1884c5f21d0a5705784fe3c3b7c19a17037043868a5577a6af066

Request headers

Accept
*/*
Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 05 Sep 2022 05:45:21 GMT
server
nginx/1.14.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
etag
W/"d-LYnepxOV35hDAdonHnUucJgn63A"
content-length
13
content-type
application/json; charset=utf-8
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2601
date
Mon, 05 Sep 2022 05:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 05 Sep 2022 07:02:00 GMT
widget-vlix.css
public.viva.co.id/asset-viva/responsive-web/css/ 		1 KB
862 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/widget-vlix.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7e453f56b14780317e486bfe8714241b2b58cc97274a319ceaee663911b88d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1482911
cf-polished
origSize=1214
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZS16BCGJYT52R82
x-amz-id-2
5yzpDxvzd2cVTwp601VxASbJRxo3Htb3SbjkCvex8+8BViMV0ozCNRtWef1YZhf3EY2wplXnCCQ=
last-modified
Tue, 07 Dec 2021 06:21:45 GMT
server
cloudflare
etag
W/"51ce3f8c741195fbec794d925dbd4d4d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dc6bbd9-FRA
cf-bgj
minify
footer-style.css
public.viva.co.id/asset-viva/responsive-web/css/ 		2 KB
962 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/footer-style.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a82ed499909e2232b1bdc3807b4d81bb6497115338abc33d60472c8f0f7bfd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1489815
cf-polished
origSize=1617
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZS0CEK0SD7PZH3Q
x-amz-id-2
TfpOheznOAqX9UWelCP3/ym8IWVl2noIIemzEZcaF8CK4aDZjb/d36+Py3wCs2XUZ1k6wUU3dbI=
last-modified
Mon, 21 Feb 2022 06:40:53 GMT
server
cloudflare
etag
W/"84961aa316f0135475777d4b740066b8"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dc9bbd9-FRA
cf-bgj
minify
color-light.css
public.viva.co.id/asset-viva/responsive-web/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/color-light.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00b23df1ba3482972e5ac3fdc7da3a84030bd46d7b1b3e6a36d57bcb0fb8d05
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1489821
cf-polished
origSize=3020
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZS5PHP614GY1PWY
x-amz-id-2
8KMVGKMRXXRi/NOo4/X15qiDso0nY2UCSJzc5BmZh4vjDv6ck7Y0zLPcZm6yDEOmoLIF4S7UufQ=
last-modified
Fri, 24 Dec 2021 04:09:40 GMT
server
cloudflare
etag
W/"667bb11dad027b73278c0fbc42887af0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dcbbbd9-FRA
cf-bgj
minify
color-light-desktop.css
public.viva.co.id/asset-viva/responsive-web/css/ 		295 B
550 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/color-light-desktop.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82abce0fe71054b83fd78d28aeea185d5423e823a6a3c556daed054ffa8ec0d9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1490109
cf-polished
origSize=369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZS557QFQCDCR8Z9
x-amz-id-2
IQ42pqMwUVhcMvPXR8xoTiLOu0Q/+vsk15Iu8plJzL/y//kzrwKbHhmo8XfFSGvtU37vbq3hXTE=
last-modified
Tue, 07 Dec 2021 06:21:53 GMT
server
cloudflare
etag
W/"4a5462535cb2599ca7951382de96a50c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dccbbd9-FRA
cf-bgj
minify
color-dark.css
public.viva.co.id/asset-viva/responsive-web/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/color-dark.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e521500863df6e0d7720de7fbc7f19d2ca5c38ecabf84c89d3e2401b10ac994
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1489128
cf-polished
origSize=3324
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZS8CNH53A8GWFA3
x-amz-id-2
tmswhkPWaj9W+SdqxPaSy12un1nDHB78qokIedVsJCKqZyhVOf0k5Jn576gEZzPp7s9zXFrJI50=
last-modified
Fri, 24 Dec 2021 04:09:41 GMT
server
cloudflare
etag
W/"0e7847c3a7227807c7214603370eefd3"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dcdbbd9-FRA
cf-bgj
minify
color-dark-desktop.css
public.viva.co.id/asset-viva/responsive-web/css/ 		353 B
575 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/color-dark-desktop.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd2c416c3dfcdc1f48962dfd1310e72467d51990916eaf20ef26297106b685f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
983332
cf-polished
origSize=408
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZS2SAWJVN779XRK
x-amz-id-2
nQwqbkNeean8EWS6aRKtAuArK7NIxSsi4EiEFkzMvrvSU/sMk2Pe+gIZ67es/6anJVqhZ+csZDk=
last-modified
Fri, 22 Jul 2022 08:50:08 GMT
server
cloudflare
etag
W/"d826c444c75e3ea4e0fc1677ceaf5e2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dcebbd9-FRA
cf-bgj
minify
hold.css
public.viva.co.id/asset-viva/responsive-web/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/hold.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3789e705e8d28714755ed298479b5711dab64746d48231eeb638be4ba7d0b1f6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1488285
cf-polished
origSize=15423
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZSCAMGNADF96WGV
x-amz-id-2
zNqs2juJpAkV+JLd43nyQs/PhMhA1RiSJZpUKtiv2zxqYGHNqgJAoLLmfxVSM/3OohUlNzuauzg=
last-modified
Tue, 14 Jun 2022 15:30:50 GMT
server
cloudflare
etag
W/"7cdbda22b024506860166864247536fd"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dcfbbd9-FRA
cf-bgj
minify
hold-mobile.css
public.viva.co.id/asset-viva/responsive-web/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/hold-mobile.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
766550f9e927fbfb19c49aced320ac65894807ddfb8956dbcc61ed3b5d3800c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1484836
cf-polished
origSize=3327
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZS65M010MCAMFSC
x-amz-id-2
nsnhW1QJssuXzjDqwxSAjOSXSB0J9yhADZpkcvXyRexbJ17R1Vll35wPRkgJK7c0e30M8v460JQ=
last-modified
Mon, 06 Jun 2022 14:14:01 GMT
server
cloudflare
etag
W/"dc818b3b739643f281fb79eafc572669"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dd0bbd9-FRA
cf-bgj
minify
hold-desktop.css
public.viva.co.id/asset-viva/responsive-web/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/hold-desktop.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddbead4c3777bf55f3c9b842f5ab629388e31a5f15c7e63ed14604e5b431fff6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1489820
cf-polished
origSize=2437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZSDJ4SB8S7SWA3E
x-amz-id-2
4Nyd8VwTz/c0tHDiFJyZ/pWepNSduKm2mZ/dmZkDeQhv6pC7hJ0VVZeUBXhG7tNcUbP7YSxqUTg=
last-modified
Wed, 22 Dec 2021 03:29:35 GMT
server
cloudflare
etag
W/"be849b7a6c6f2ebb0f2b985115c7f539"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dd1bbd9-FRA
cf-bgj
minify
iosfix.css
public.viva.co.id/asset-viva/responsive-web/css/ 		151 B
490 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/iosfix.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cf6d5639ffcd747e54049ad4bdcca846425e4def6279d2f012c497b2bc2521
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1484836
cf-polished
origSize=186
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZS5WRMR9C2MW89D
x-amz-id-2
vITEdwGEuk6fEfip/EvhsvNWsF1lzzAmcSpKp0HXlwy/ockYfT0PMPB/YArxkN70Qj0gNdi4o14=
last-modified
Tue, 07 Dec 2021 06:21:35 GMT
server
cloudflare
etag
W/"d6776b612dc548f473c7127c4aecf5e4"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dd2bbd9-FRA
cf-bgj
minify
popinfix.css
public.viva.co.id/asset-viva/responsive-web/iklan/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/iklan/css/popinfix.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a69cf2a641205f7113f570db28ad9c33d2e517fa9a0f37cca7d8c46ad3e8c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1487044
cf-polished
origSize=2429
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZS27SBJS9WJH7M9
x-amz-id-2
++/Ak8GBNB7wQWj35WJzWXFkWXQfPXkx7i4m5EtM5EtCOheK7wQMmNrug7wIfmt3qM93G8Z0RMw=
last-modified
Fri, 08 Jul 2022 11:43:45 GMT
server
cloudflare
etag
W/"f6eec46b97eddcfca9c7fcf4c7baf3f8"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dd4bbd9-FRA
cf-bgj
minify
macawfix.css
public.viva.co.id/asset-viva/responsive-web/iklan/css/ 		303 B
535 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/iklan/css/macawfix.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5f2df856109a86820c1a9a5599f89ea22884b247fd8bcaa46a53e30c624fce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1484568
cf-polished
origSize=325
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZS4QK11EY824FAQ
x-amz-id-2
APsf8+JSHLuC4qy3q5WYlRi7xZ+orwFAYnZM6dxq7nhu7iuEhECu0EZl0nyzDYhMckMFDgbTMTo=
last-modified
Fri, 08 Jul 2022 11:43:44 GMT
server
cloudflare
etag
W/"312d657b8c7cc29a25fdc196052bf098"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dd5bbd9-FRA
cf-bgj
minify
freakoutfix.css
public.viva.co.id/asset-viva/responsive-web/iklan/css/ 		656 B
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/iklan/css/freakoutfix.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24affc17276fd2ddc409767414d0e21558be763f5ffa5fd112e261bc3323caaa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1489128
cf-polished
origSize=716
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZSCBEA91H65M7T6
x-amz-id-2
IGn/c7kvYFVUn9OR9uGKZ/ms6EM1qfwoo+8YLwPlcDdl7AlbmirDQuD+QJ3xKhVflWuB8xdpf40=
last-modified
Fri, 08 Jul 2022 11:43:43 GMT
server
cloudflare
etag
W/"b0a6a8a8122a0b77d0d40667adcb5c7e"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dd6bbd9-FRA
cf-bgj
minify
partner.css
public.viva.co.id/asset-viva/responsive-web/css/ 		2 KB
828 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/partner.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
388bf997e8dd4892f6050913eeb084d6d89fd183da52e41b01b25ddd44ea07d6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1481968
cf-polished
origSize=1734
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
VVDWT2AD0QD99PP4
x-amz-id-2
UXKU3gkoJdfQNHYTnH5mueblaoYp/8XBNE2lUeLVKZam9j3P1V6OscJWAeSWDxrObBSPzRcpzI0=
last-modified
Tue, 07 Dec 2021 06:21:35 GMT
server
cloudflare
etag
W/"618fa34244cceca4d4cbf97b49e34cef"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dd7bbd9-FRA
cf-bgj
minify
fontawesome5.css
public.viva.co.id/asset-viva/responsive-web/css/ 		2 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/css/fontawesome5.css?v=2.3
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5e335fe3571dbab8bca01a367f3876191db95264692139b626c80bff6dc39d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1488169
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DZS39S0PE53CGVBE
x-amz-id-2
WzF7kdavIXIvXn/v6z7b9bowRy5CNxPq5j1I82fY0hdBinUo5eoxBYmWJBZoEnJ2q6BgdqwlvWY=
last-modified
Tue, 07 Dec 2021 06:21:54 GMT
server
cloudflare
etag
W/"3050975f10471abc705a8ad6893f65bf"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000
cf-ray
745ca8854dd8bbd9-FRA
cf-bgj
minify
fa-solid-900.woff2
public.viva.co.id/asset-viva/responsive-web/fonts/awesome5/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://public.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff2
Requested by
Host: public.viva.co.id
URL: https://public.viva.co.id/asset-viva/responsive-web/css/fontawesome5.css?v=2.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://public.viva.co.id/asset-viva/responsive-web/css/fontawesome5.css?v=2.3
Origin
https://www.viva.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
2397178
cf-ray
745ca885ae019091-FRA
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80300
x-amz-id-2
Mutf+FinHHjtX/PGPdQNslwa+Fhu0/m6oovMKMAUzM88Umt8rLBAEge/Ab4U/ldbb/I/pWj49sU=
last-modified
Tue, 07 Dec 2021 06:21:02 GMT
server
cloudflare
etag
"8e1ed89b6ccb8ce41faf5cb672677105"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-request-id
PANZ5T9QVXG7RN2W
access-control-allow-origin
https://www.viva.co.id
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
content-type
binary/octet-stream
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=587828710&t=pageview&_s=1&dl=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&ul=en-us&de=UTF-8&dt=Grafis%20Kaisar%20Sambo%20dan%20Konsorsium%20303%20Diduga%20Disebar%20Internal%20Polri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=955092506&gjid=940541511&cid=1280455543.1662356722&tid=UA-31106891-1&_gid=471711825.1662356722&_r=1&_slc=1&cd2=1511004&cd3=Grafis%20Kaisar%20Sambo%20dan%20Konsorsium%20303%20Diduga%20Disebar%20Internal%20Polri&cd4=2022-08-19%2006%3A04%3A02&cd5=Anwar%20Sadat&cd6=grafis%20sambo%20judi-online%20polisi%20viva-nasional&cd7=https%3A%2F%2Fwww.viva.co.id%2Fberita&cd8=85.25.217.17&cd9=54c306e6-7a49-4dd1-8c3d-98f3987f902a%3A-&cd10=54c306e6-7a49-4dd1-8c3d-98f3987f902a%3A-%26id%3D1511004%26tag%3Dgrafis%20sambo%20judi-online%20polisi%20viva-nasional%26channel_id%3D5%26date_access_user%3D2022-09-05%2000%3A05%3A26&z=861122565
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=587828710&t=event&_s=2&dl=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&ul=en-us&de=UTF-8&dt=Grafis%20Kaisar%20Sambo%20dan%20Konsorsium%20303%20Diduga%20Disebar%20Internal%20Polri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Article&ea=read&el=54c306e6-7a49-4dd1-8c3d-98f3987f902a%3A-%26id%3D1511004%26tag%3Dgrafis%20sambo%20judi-online%20polisi%20viva-nasional%26channel_id%3D5%26date_access_user%3D2022-09-05%2000%3A05%3A26&_u=YEBAAAABAAAAAC~&jid=&gjid=&cid=1280455543.1662356722&tid=UA-31106891-1&_gid=471711825.1662356722&cd2=1511004&cd3=Grafis%20Kaisar%20Sambo%20dan%20Konsorsium%20303%20Diduga%20Disebar%20Internal%20Polri&cd4=2022-08-19%2006%3A04%3A02&cd5=Anwar%20Sadat&cd6=grafis%20sambo%20judi-online%20polisi%20viva-nasional&cd7=https%3A%2F%2Fwww.viva.co.id%2Fberita&cd8=85.25.217.17&cd9=54c306e6-7a49-4dd1-8c3d-98f3987f902a%3A-&cd10=54c306e6-7a49-4dd1-8c3d-98f3987f902a%3A-%26id%3D1511004%26tag%3Dgrafis%20sambo%20judi-online%20polisi%20viva-nasional%26channel_id%3D5%26date_access_user%3D2022-09-05%2000%3A05%3A26&z=1926814102
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 21:19:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30342
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		209 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YFFX5TN9EH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KPDQW3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be8b92c51b89540904f76d11f22f9fbd0f2aa2ad541a32e32584e65f3400febc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75470
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:21 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.viva.co.id
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
b
sb.scorecardresearch.com/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=8429568&ns__t=1662356721666&ns_c=UTF-8&c8=Grafis%20Kaisar%20Sambo%20dan%20Konsorsium%20303%20Diduga%20Disebar%20Internal%20Polri&c7=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&c9=
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
Pr72PfRz0McgfDjVWnZykOs205XNIevL-CAmS4hyojzpN6dWhjRJOQ==
x-cache
Miss from cloudfront
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-31106891-1&cid=1280455543.1662356722&jid=955092506&gjid=940541511&_gid=471711825.1662356722&_u=YEBAAAAAAAAAAC~&z=780539740
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 05 Sep 2022 05:45:21 GMT
content-type
text/plain
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31106891-1&cid=1280455543.1662356722&jid=955092506&_u=YEBAAAAAAAAAAC~&z=1538488986
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31106891-1&cid=1280455543.1662356722&jid=955092506&_u=YEBAAAAAAAAAAC~&z=1538488986
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.viva.co.id
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-YFFX5TN9EH&gtm=2oe8v0&_p=587828710&_gaz=1&cid=1280455543.1662356722&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662356721&sct=1&seg=0&dl=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dt=Grafis%20Kaisar%20Sambo%20dan%20Konsorsium%20303%20Diduga%20Disebar%20Internal%20Polri&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YFFX5TN9EH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YFFX5TN9EH&cid=1280455543.1662356722&gtm=2oe8v0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YFFX5TN9EH&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YFFX5TN9EH&cid=1280455543.1662356722&gtm=2oe8v0&aip=1&z=285717637
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-85211792-1&cid=1280455543.1662356722&jid=2067375263&gjid=1025155758&_gid=471711825.1662356722&_u=aGDAgAABAAQCAG~&z=710166233
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 05 Sep 2022 05:45:21 GMT
content-type
text/plain
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=587828710&t=pageview&_s=1&dl=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&ul=en-us&de=UTF-8&dt=Grafis%20Kaisar%20Sambo%20dan%20Konsorsium%20303%20Diduga%20Disebar%20Internal%20Polri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAABAAQCAC~&jid=2067375263&gjid=1025155758&cid=1280455543.1662356722&tid=UA-85211792-1&_gid=471711825.1662356722&gtm=2wg8v0KPDQW3&cd1=AMP%20Page&z=1275787584
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 21:19:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30342
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
59f16aa42a6f0-spbu-vivo_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2017/10/26/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.viva.co.id/media/frontend/thumbs3/2017/10/26/59f16aa42a6f0-spbu-vivo_325_183.jpg
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78091fe2b988ce79f713a8b5d24649ff229144a74804062e9bc67d588aee55c0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:22 GMT
vary
Accept
cf-cache-status
HIT
age
57400
cf-polished
qual=85, origFmt=jpeg, origSize=20789
cf-ray
745ca8888a13bbd9-FRA
content-disposition
inline; filename="59f16aa42a6f0-spbu-vivo_325_183.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11070
x-amz-id-2
tocc9o/DmjQXPCWx13MeRveACUcvKQzk05BuLrc1ic+ugIQF5OD8PbE/uduwwCE75B90uyPLbrA=
last-modified
Fri, 23 Nov 2018 03:22:20 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1536952347/ctime:1521039693/gid:501/gname:viva-share/md5:ee35884ec5536b5ad83159a5a76e0248/mode:33188/mtime:1520541470/uid:501/uname:viva-share
etag
"ee35884ec5536b5ad83159a5a76e0248"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
ZFNG388TDKA858B5
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
630d9bafef45f-pengacara-keluarga-brigadir-j-kamaruddin-simanjuntak-kanan_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2022/08/30/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.viva.co.id/media/frontend/thumbs3/2022/08/30/630d9bafef45f-pengacara-keluarga-brigadir-j-kamaruddin-simanjuntak-kanan_325_183.jpg
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd41480e9a2fddf5d231918b070d2bf4960a979bf0793f92a6b86970aa999a2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:22 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
107598
cf-polished
degrade=85, origSize=28765, status=webp_bigger
cf-ray
745ca8888a14bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18961
x-amz-id-2
880ORcemSlbngQddiwxVx2rm5tzlR9CJ7duxj+Ay/ubxAhNh2ttoNU1B4t3ny5DA/7VBQauxYyM=
last-modified
Tue, 30 Aug 2022 05:10:10 GMT
server
cloudflare
etag
"75d17eaddf9ce28fbfb0690fbcde3aff"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
JHKR663DETBD12AK
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
imgq:85,h2pri
62fa1a04d7321-ketua-lspk-hasto-atmojo-suroyo-tengah-saat-memberikan-konferensi-pers_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2022/08/15/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.viva.co.id/media/frontend/thumbs3/2022/08/15/62fa1a04d7321-ketua-lspk-hasto-atmojo-suroyo-tengah-saat-memberikan-konferensi-pers_325_183.jpg
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a77994c4af341384c09dffecbb881ef0f625e1e22d1adddb4321b1930dc5c8c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:22 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
63469
cf-polished
degrade=85, origSize=23913, status=webp_bigger
cf-ray
745ca8888a15bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15899
x-amz-id-2
KoReiZdXpjD1McXMnGUg1vwvlhi1xTtXxdttvtb9p3Z/9XtdbQRjNtJxUOagU+QvHX+cNfUDTPQ=
last-modified
Mon, 15 Aug 2022 10:03:51 GMT
server
cloudflare
etag
"3a05cfa40543539d9ecdda7354585136"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
XG4FSB91NWXZS0V9
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
imgq:85,h2pri
6310401d23c24-penyampaian-hasil-komnas-ham-terkait-penembakan-brigadir-j-ke-kepolisian_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2022/09/01/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.viva.co.id/media/frontend/thumbs3/2022/09/01/6310401d23c24-penyampaian-hasil-komnas-ham-terkait-penembakan-brigadir-j-ke-kepolisian_325_183.jpg
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0af98070c3ae0a6e505ceff2d201675513e944bb40a50a76d7f161091260851
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:22 GMT
vary
Accept
cf-cache-status
HIT
age
93682
cf-polished
qual=85, origFmt=jpeg, origSize=20042
cf-ray
745ca8888a16bbd9-FRA
content-disposition
inline; filename="6310401d23c24-penyampaian-hasil-komnas-ham-terkait-penembakan-brigadir-j-ke-kepolisian_325_183.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13268
x-amz-id-2
IG2jYXtpU5PyWLNkAG4oeIE828or98q+ksWwUilB2VLDxVZ7AyTBgaL1ILHuCZfrPEWs9VNUimw=
last-modified
Thu, 01 Sep 2022 05:16:16 GMT
server
cloudflare
etag
"633df2ca0e98eb100bd935629230f84d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
Q0QJ7NZVSYNNARH8
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
630dc56ccb4f6-bharada-e-putri-candrawathi-dan-kuat-maruf-dalam-rekonstruksi_325_183.jpeg
thumb.viva.co.id/media/frontend/thumbs3/2022/08/30/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.viva.co.id/media/frontend/thumbs3/2022/08/30/630dc56ccb4f6-bharada-e-putri-candrawathi-dan-kuat-maruf-dalam-rekonstruksi_325_183.jpeg
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680cfca4efa2537884036c4a1d3c27262f97755d095a135d24a230f227b2ebb4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:22 GMT
vary
Accept
cf-cache-status
HIT
age
75876
cf-polished
qual=85, origFmt=jpeg, origSize=22779
cf-ray
745ca8888a17bbd9-FRA
content-disposition
inline; filename="630dc56ccb4f6-bharada-e-putri-candrawathi-dan-kuat-maruf-dalam-rekonstruksi_325_183.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15490
x-amz-id-2
H7DF0HlWdYSD6mGa/LCBwqIGcE8tN2zwvYLJMy1AHYtxfme0r3jJuxGc/HD9mguVKZhmGkXGmoM=
last-modified
Tue, 30 Aug 2022 08:08:15 GMT
server
cloudflare
etag
"e5df4288b6ede462bf1483262357f6fa"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
ZT08HY43930DWFY2
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
pushnotif-bg.png
public.viva.co.id/asset-viva/responsive-web/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public.viva.co.id/asset-viva/responsive-web/img/pushnotif-bg.png
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7a4044c362844a24d59f4a9a9cee9ecdfee4a80c659009f51b7216cf31b26d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:22 GMT
vary
Accept
cf-cache-status
HIT
age
2012417
cf-polished
origFmt=png, origSize=2492
cf-ray
745ca8888a19bbd9-FRA
content-disposition
inline; filename="pushnotif-bg.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1246
x-amz-id-2
f+w0Vo5Qk8Pahh43wLPd0OR98Jtx97one2uY1c1FF279Qxd0u5rTPKt3WLuHdHJoTK4GRfyZrMA=
last-modified
Tue, 07 Dec 2021 06:21:14 GMT
server
cloudflare
etag
"714e2f45fcac2f3e3c733f7712607b97"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
VWM8RK9J30ZBZWCW
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/8429568/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:33:01 GMT
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
742
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
0
x-amz-cf-id
TePIrM1D0AVgVTElsOE4y4zKnX4X6g1v3FI5tWZ4EI8_EStlWdS90Q==

Redirect headers

location
/internal-c2/default/cs.js
date
Mon, 05 Sep 2022 05:45:22 GMT
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
0
x-amz-cf-id
JPYfpYXbGo6gTpT-PIdaqTK6eCzTt9sWtQYO2CQqGUd0HMaZCkiCNA==
x-cache
Miss from cloudfront
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5cbbeb4972b3717ac08103b4ad7902368d349c0aa0523882bd1524cb7c58185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28503
x-xss-protection
0
server
sffe
etag
"1324 / 764 of 1000 / last-modified: 1662156516"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 05 Sep 2022 05:45:22 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157005/907/ 		388 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8cf9cf1a777791f780843d27b7ba52d23dd1b6521baabbdfce3f8110dbeac2f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:22 GMT
content-encoding
gzip
last-modified
Fri, 15 Jul 2022 08:23:42 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=48148
accept-ranges
bytes
content-type
application/javascript
content-length
117872
expires
Mon, 05 Sep 2022 19:07:50 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.viva.co.id%2F&domain=www.viva.co.id&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.viva.co.id
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 05 Sep 2022 05:45:21 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
531261
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.viva.co.id%2F&domain=www.viva.co.id&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=SquIcXxHRmxBaGd5YmFTQnZPV0kvZmtqZGJuTHZqbkU3aEdHMzNVQXNLNVE0STgrK3k1ajRTVmE2eHFQWDR6YXR2dWxyeXpZT2hHQnAvU3lUMUdjMGdoenREZ3NJN2h1amtKbGxMUEdJQURSeVFmNDZuL3FWZHVSU283Tn...
347 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=SquIcXxHRmxBaGd5YmFTQnZPV0kvZmtqZGJuTHZqbkU3aEdHMzNVQXNLNVE0STgrK3k1ajRTVmE2eHFQWDR6YXR2dWxyeXpZT2hHQnAvU3lUMUdjMGdoenREZ3NJN2h1amtKbGxMUEdJQURSeVFmNDZuL3FWZHVSU283TnpmQXVwUGMyS1pKVVVraEdKMlRUUmRWby9TMXpIakVhQXZYT1BtNzltRzZOanNCa1piNGliL2xmR2pzVHJNdUxocmRHTy83Rk45dmY1NGVUdHJWNU55RHV1Wjd4ZEM4anpNakJZbkNvb0FsYzFOTmsvSTc0PXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
39d8b22242b96b4c1c1af89dccbafaf6c2b94ad6de1167c198ab5c010ba86a53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1486898
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:21 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=SquIcXxHRmxBaGd5YmFTQnZPV0kvZmtqZGJuTHZqbkU3aEdHMzNVQXNLNVE0STgrK3k1ajRTVmE2eHFQWDR6YXR2dWxyeXpZT2hHQnAvU3lUMUdjMGdoenREZ3NJN2h1amtKbGxMUEdJQURSeVFmNDZuL3FWZHVSU283TnpmQXVwUGMyS1pKVVVraEdKMlRUUmRWby9TMXpIakVhQXZYT1BtNzltRzZOanNCa1piNGliL2xmR2pzVHJNdUxocmRHTy83Rk45dmY1NGVUdHJWNU55RHV1Wjd4ZEM4anpNakJZbkNvb0FsYzFOTmsvSTc0PXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
518580
content-length
0
expires
0
62f2322273a2d-kasus-polisi-tembak-polisi-siapa-yang-bertanggung-jawab_663_372.jpg
thumb.viva.co.id/media/frontend/thumbs3/2022/08/09/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.viva.co.id/media/frontend/thumbs3/2022/08/09/62f2322273a2d-kasus-polisi-tembak-polisi-siapa-yang-bertanggung-jawab_663_372.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:9570 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
906a8f9b7d667e5e375fe03b700fc50552e368a5c06f8874c00eebb67588d3e2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:22 GMT
vary
Accept
cf-cache-status
HIT
x-amz-request-id
187ZVTAQY60S623A
cf-polished
qual=85, origFmt=jpeg, origSize=41744
content-disposition
inline; filename="62f2322273a2d-kasus-polisi-tembak-polisi-siapa-yang-bertanggung-jawab_663_372.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20258
x-amz-id-2
iR8ahDnPrCCZAB68DEfMeqzELa2JTZEK1sMf+doF+MAbE5cvBbejDcSWhd2W89LIYU+oB/whodA=
last-modified
Tue, 09 Aug 2022 10:08:37 GMT
server
cloudflare
etag
"80a8e9b667213d4f39bdf5216708596a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
745ca8898b48bbd9-FRA
cf-bgj
imgq:85,h2pri
5d5bb787f297c-steffi-zamora_325_183.jpg
thumb.intipseleb.com/media/frontend/thumbs3/2019/08/20/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.intipseleb.com/media/frontend/thumbs3/2019/08/20/5d5bb787f297c-steffi-zamora_325_183.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4677 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfeb870162228c764b5991a755eb25eeb970d1d937ebb9d782b5ab3042a3a772
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:22 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43285
cf-polished
qual=85, origFmt=jpeg, origSize=17889
cf-ray
745ca889bdb19a24-FRA
content-disposition
inline; filename="5d5bb787f297c-steffi-zamora_325_183.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11320
x-amz-id-2
Xi1n/IRA6Urlinx5Hfrdq1Hx+uYDNi3Oaauj17qp6Ctc3der6jRGQMsXpBGX3G6IGWNVERZqKNM=
last-modified
Tue, 20 Aug 2019 09:04:10 GMT
server
cloudflare
etag
"ec0b2db4973840d2103a009dec9c0796"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKUtv3SBwGPTiXX%2FaMUKeZ7zaGAWrzwySWivK4lLbh%2BJ4%2FRWzxCHfhi%2Fvn3OJcExlpbAqIcFwaRJnpeD2gAUbR8iV4s2ejfu55Ci4xXcCOrVnrcaXl7yDLigfLHbTyoZaf13DUvY7v97dasmjGDXnQzq"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
4SH76G69555QS7S3
cache-control
max-age=86400
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
5c6a379410fbd-dewi-perssik-dan-angga_dangdut_325_183.jpg
thumb-jagodangdut.intipseleb.com/thumbnail/2019/02/18/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb-jagodangdut.intipseleb.com/thumbnail/2019/02/18/5c6a379410fbd-dewi-perssik-dan-angga_dangdut_325_183.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
019cc2e3e3b56d309938ac3bb405415155ad57d8916b89001e231130e1c6d0e7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:22 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50373
cf-polished
qual=85, origFmt=jpeg, origSize=16023
cf-ray
745ca889bff79b71-FRA
content-disposition
inline; filename="5c6a379410fbd-dewi-perssik-dan-angga_dangdut_325_183.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9172
x-amz-id-2
MUJVxv7PqoTDyfwDe08DNYMslU4ORPylr203RABBa/alHHHkPxnKYiuqvRhC9GHx9cU0wAot3XI=
last-modified
Mon, 13 Sep 2021 04:16:31 GMT
server
cloudflare
etag
"b97835d921775f11b1011414a69fc8f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9W24tKc5v0MDP22RzZbErCl8%2FoKwcu5rH7yIX37RLy0M94DfNdru4K18skPtDOOgenQk03F56iiGuXRcQFtu%2BUjHMvVKM%2FoeenjTvYqz4dpE4qBluLIIjhllSQVM4oFHrLKVI7f2oCRILnrR9d9DYtRrx8mnJCf%2BCq4Irh%2B"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
HSX6SJFAZDTRZ6GA
cache-control
max-age=86400
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
614be3ebb3daf-nayeon-twice_325_183.jpg
thumb.intipseleb.com/media/frontend/thumbs3/2021/09/23/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.intipseleb.com/media/frontend/thumbs3/2021/09/23/614be3ebb3daf-nayeon-twice_325_183.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4677 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa2f456b4a38fe08e8de5baec5f25dc6819298006b5a06e872597de3dee0bc67
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:22 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50484
cf-polished
qual=85, origFmt=jpeg, origSize=20113
cf-ray
745ca889bdb29a24-FRA
content-disposition
inline; filename="614be3ebb3daf-nayeon-twice_325_183.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8900
x-amz-id-2
t1olnSaXgipBjybmBBXjg7Kyz+urgkk/mdHDr+TTlbyG9KxfO0qkkzaVCfz0PLLhq8uQDWszrZs=
last-modified
Thu, 23 Sep 2021 02:18:23 GMT
server
cloudflare
etag
"b634985f871b60d0d5bdb8caba954447"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMtRVmnanthMrMGh0TkMQ6o2UK9l1Ft2IiFY5MFGtO5JGaHUZgSIs%2Bvok8JoJuGWT7LgZHpHuLGqzdzp7o04eN706twAs2kwH16JMw851cKiTBuKeIiJ6jmlGMyCXH%2BCu3erCixUcwHXHd7lDvEMJaY8"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
FB4ENPTEDGTQ3HY8
cache-control
max-age=86400
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
6311cd21ba7e7-lindsay-lohan_325_183.jpg
thumb.intipseleb.com/media/frontend/thumbs3/2022/09/02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.intipseleb.com/media/frontend/thumbs3/2022/09/02/6311cd21ba7e7-lindsay-lohan_325_183.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4677 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
399df1354a8c1c52af09007b0467037c13905a3dc981d6593965379d23da5396
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:22 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56232
cf-polished
qual=85, origFmt=jpeg, origSize=18620
cf-ray
745ca889bdb39a24-FRA
content-disposition
inline; filename="6311cd21ba7e7-lindsay-lohan_325_183.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7850
x-amz-id-2
c3MAv26utsTr8WwegYn0PLjq9/clPPsAMS8yGPBqvzMya9wD6C+xrSjRsJxQWxcNgKnNdXw4pe0=
last-modified
Fri, 02 Sep 2022 09:30:12 GMT
server
cloudflare
etag
"8a34d35ad745aff6998f71049fd4416e"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhlXAo4tZkQ9vBuCFhmX78oVZUTfcS%2BPlp5m5accwO2a95Ja85T%2BeqxljstxXksrxfnyKQlDTGxiBd3qwNVT00HuJYrkshN%2FwempW2KhbRM4vm3ciDG5YsaNglyyPSAJm0%2F9yNs2U8FD6ZPFCwW9KWj9"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
8FKB3YKHNQ9MGYSN
cache-control
max-age=86400
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
pubads_impl_2022083101.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f5d18b1769507b97d8718a598fcecd3bc9e270bc11a520d769b2d06452418f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 20:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131962
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 08:36:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Sep 2023 20:19:35 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		873 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.viva.co.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fe49076149c3434419e870ec812e5b13622c79a79652a94e89cc7e7473dcc84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
303
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:22 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=SquIcXxHRmxBaGd5YmFTQnZPV0kvZmtqZGJuTHZqbkU3aEdHMzNVQXNLNVE0STgrK3k1ajRTVmE2eHFQWDR6YXR2dWxyeXpZT2hHQnAvU3lUMUdjMGdoenREZ3NJN2h1amtKbGxMUEdJQURSeVFmNDZuL3FWZHVSU283TnpmQXVwUGMyS1pKVVVraEdKMlRUUmRWby9TMXpIakVhQXZYT1BtNzltRzZOanNCa1piNGliL2xmR2pzVHJNdUxocmRHTy83Rk45dmY1NGVUdHJWNU55RHV1Wjd4ZEM4anpNakJZbkNvb0FsYzFOTmsvSTc0PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 05 Sep 2022 05:45:21 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
357600
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
v1
prg-apac.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:22 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:22 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:22 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:22 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:22 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:22 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:21 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cygnus
htlb.casalemedia.com/ 		37 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=313582&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2212de9ef94d296ff%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22139a401a541e06%22%2C%22ext%22%3A%7B%22siteID%22%3A%22313582%22%2C%22sid%22%3A%2205%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22142f43a2d73ac7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22313582%22%2C%22sid%22%3A%2205%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2215fe9af497322d3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22313582%22%2C%22sid%22%3A%2205%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22163bf471d45a9e8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22313582%22%2C%22sid%22%3A%2205%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2217953c4ea0a552b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22313582%22%2C%22sid%22%3A%2205%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2218e00c8a9d89c55%22%2C%22ext%22%3A%7B%22siteID%22%3A%22313582%22%2C%22sid%22%3A%2205%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e05ec5a1ac4e92f77a78657358959a2dd0da58c5c9a83d18add8adc8965ca60

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mP3qTl%2Bhejpc6fak3Y4sSBVLaMe%2F2w8RqXN%2FXK2Au86QzrOyTgASFaOzU3DCCtRGC1%2BeTYFZTytCr%2BYeLpzbkUrQKYMutlMeyZ0kf5zpSpZIKdodBWCAzLtm5%2FFk3baVANEOOzu3"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
745ca88bb9169b7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.viva.co.id
date
Mon, 05 Sep 2022 05:45:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.viva.co.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.viva.co.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		439 KB
91 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2520529319726392&correlator=930229145159992&eid=31069203%2C31069312%2C31067825&output=ldjh&gdfp_req=1&vrg=2022083101&ptt=17&impl=fifs&iu_parts=11225321%2CVIVA.CO.ID%2CBerita%2Cinterstitial%2Coutstream&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=728x90%7C970x250%2C300x250%2C1x1%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C160x600%2C160x600%2C1x1%2C728x90%2C1x1%2C1x1&ifi=1&adks=1032522175%2C390710445%2C3482815306%2C390710434%2C390710435%2C390710432%2C2626688717%2C2626688718%2C1411660821%2C3481637858%2C4091369916%2C2821835629%2C1653184459%2C566311233&sfv=1-0-38&ists=3&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0&fsapi=false&prev_scp=pos%3Dleaderboard%7Cpos%3Drectangle_1%7Cpos%3Dslider%7Cpos%3Drectangle_2%7Cpos%3Drectangle_3%7Cpos%3Drectangle_4%7Cpos%3Dinarticle_1%7Cpos%3Dinarticle_2%7Cpos%3Dskin-left%7Cpos%3Dskin-right%7Cpos%3Drmb%7Cpos%3Dbottomframe%7C%7C&sc=1&cookie_enabled=1&abxe=1&dt=1662356722748&lmt=1662311126&dlt=1662356721223&idt=1216&adxs=436%2C985%2C315%2C985%2C985%2C485%2C485%2C-9%2C140%2C1300%2C315%2C-9%2C-9%2C315&adys=200%2C1086%2C155%2C1894%2C2973%2C3002%2C1928%2C-9%2C359%2C359%2C1347%2C-9%2C-9%2C2191&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C-1%7C0%7C0%7C5%7C-1%7C-1%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&frm=20&vis=1&psz=970x90%7C300x250%7C970x4843%7C300x250%7C300x250%7C640x250%7C640x250%7C0x-1%7C160x600%7C160x600%7C640x1845%7C0x-1%7C0x-1%7C640x1845&msz=728x0%7C300x0%7C970x0%7C300x0%7C300x0%7C300x0%7C300x0%7C0x-1%7C160x0%7C160x0%7C640x0%7C0x-1%7C0x-1%7C640x0&fws=4%2C516%2C4%2C516%2C516%2C4%2C4%2C2%2C516%2C516%2C4%2C2%2C2%2C4&ohw=970%2C300%2C1600%2C300%2C300%2C640%2C640%2C0%2C160%2C160%2C1600%2C0%2C0%2C1600&ga_vid=1280455543.1662356722&ga_sid=1662356723&ga_hid=587828710&ga_fc=true&ga_cid=471711825.1662356722
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7169050ffd9c2e7767cde81407153dac88c4d93f578331b12e6bacce4649b64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93255
x-xss-protection
0
google-lineitem-id
-1,-1,6082266624,5161031482,-1,-1,-1,-1,-1,-1,-2,-1,-1,5969580174
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,138400457840,138286001753,-1,-1,-1,-1,-1,-1,-2,-1,-1,138389373686
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.viva.co.id
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022083101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de590e702f4d25be07060c1081c92ec8d3771e5b093ae49645589e80623fa013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11006
x-xss-protection
0
container.html
39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 290D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viva.co.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:22 GMT
expires
Tue, 05 Sep 2023 05:45:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022083101.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022083101.js?cb=31069312
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c961539bdea05629dbcd160e681e5b4490386aeb13c22bd36d905dbf3c545bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 11:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326006
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13594
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 08:36:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Sep 2023 11:11:56 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame CA1D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.viva.co.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 05:45:22 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9FAF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.viva.co.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132605
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 05 Sep 2022 05:45:22 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 06 Sep 2022 18:35:27 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 9FAF 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27327897&p=157005&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:21 GMT
content-length
0
usermatch
r.casalemedia.com/ Frame D317
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7dd271762e5197288478c0b5998e2b62aea8da4dc7e45152faed120043f059a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
745ca88e58fb9274-FRA
content-encoding
br
content-type
text/html
date
Mon, 05 Sep 2022 05:45:22 GMT
dropped-udsids
241|45|39|230|47|65|8|188
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lY2VyGnqYhQh6WrWkVWfZaba6twrAn%2BRj%2F3%2FzrQnB7YPN6OiHChvS6a63xqatg7HDTwlA%2Biv%2F%2BtwdfEhbi6VaHsWwcRHR4WbguYU6p7bAN15cyyjB0575Rj2cW3mac%2FeBLS6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
745ca88debe35bed-FRA
content-type
text/html; charset=iso-8859-1
date
Mon, 05 Sep 2022 05:45:22 GMT
expires
0
location
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBAXBjxSWUPZrSlBAZPGL%2BlmsLQyOnCJuc0q6NonO0idryge1gCPmqbeZVlz5jeD4hnLWa6DLVYm8a2j00fOCOK9744EA6k58eSVYmufwFejPgGDnhvcDg7a1om3wtXrshrF3JViYezwOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 05:45:23 GMT
dcm
s.amazon-adsystem.com/ Frame D317
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxWM8lxjmMCJg8zGRvlwPgAABJAAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxWM8lxjmMCJg8zGRvlwPgAABJAAAAIB&dcc=t
43 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxWM8lxjmMCJg8zGRvlwPgAABJAAAAIB&dcc=t
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:23 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0Y5GS4Z6FED69XNFMP7A
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:23 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RWHHRK0R5S88MGXP137G
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxWM8lxjmMCJg8zGRvlwPgAABJAAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D317
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YxWM8lxjmMCJg8zGRvlwPgAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YxWM8lxjmMCJg8zGRvlwPgAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1&gdpr=1
43 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca89039719963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6zO9jNQxNyKBvXhoCr2MXANiu089529o582oa6stRejWB3VntzGG3AHUUtF446vq1DLF45pc4ymJZku3VH5frf1DJMgA5vIeffYB0LnbXxevEfvKDR5znvHm1UkRhEcdyPCbKrpNA%2FS%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame D317 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D317 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YxWM8lxjmMCJg8zGRvlwPgAABJAAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D317
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=O4bsfP7d1Ov4Vd5&gdpr=1
43 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=O4bsfP7d1Ov4Vd5&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca88f0b309a17-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNrvPV2ZyT%2FMyrecrogoLHAS612RNJKzed%2BjNYffqdKHRFJ2oLtMd7oUxWkEWKMx33HuFf6xzO2Sw%2FL%2Bd0icKZ74crGdD7ooE6valUpcOJFxUZe%2FuwIo5%2F6FKWa5023Hy%2FdqrLXhtaWxfA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:22 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0b4514da13a8bc28c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=O4bsfP7d1Ov4Vd5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame D317
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1662443123&gdpr=1
43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1662443123&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca88f9e619b94-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sl61ZKDxKRBxhd15efiCu54CRZpUm9GEloEWbV%2Bevo2Ugzst4afhWg2H9%2F9aRjXlGpq6HtRA6Rw0Jotx9ZnZ4AW%2FHsARvl8sEP9XAhoU7d43dnu%2F97rIFqSMrGY55Osp%2FZiRymFF"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1662443123&gdpr=1
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame D317
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f58c3882-71cb-4858-8422-bb0e44f0211f&expiration=1693892723
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f58c3882-71cb-4858-8422-bb0e44f0211f&expiration=1693892723
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca890a9ed9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uynEdFFydr%2Fraj9El1sZqAvP7s40mcgPo17NhT9MDVz0EWArJ0kuzSHHpi%2F6ZhntrdM4anR1hNlHfC7plYxmQlZGJ4S9sBjp1mQoLPpkZjgPahum34n8JD%2BVc99AhLK2dE813dBZXX2DmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f58c3882-71cb-4858-8422-bb0e44f0211f&expiration=1693892723
Date
Mon, 05 Sep 2022 05:45:23 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
CookieIndex
rtb.adentifi.com/ Frame D317 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.70.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-70-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame D317 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YxWM8lxjmMCJg8zGRvlwPgAA%261168
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca88efdf0bc01-FRA
date
Mon, 05 Sep 2022 05:45:23 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
76
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 05 Sep 2022 09:45:23 GMT
container.html
39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DAA2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viva.co.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:22 GMT
expires
Tue, 05 Sep 2023 05:45:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D700 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viva.co.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 03:18:25 GMT
expires
Tue, 05 Sep 2023 03:18:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 30D5 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7fc478deecb19ce2f6d8248414c571b632b9a738b442dd9acf8e8a30c98c6a6a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-u57MDLyIN1F-J7Zhz587TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.viva.co.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-u57MDLyIN1F-J7Zhz587TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:23 GMT
expires
Mon, 05 Sep 2022 05:45:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8482 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viva.co.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:22 GMT
expires
Tue, 05 Sep 2023 05:45:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4E39 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viva.co.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:22 GMT
expires
Tue, 05 Sep 2023 05:45:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B45 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viva.co.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:22 GMT
expires
Tue, 05 Sep 2023 05:45:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame EC20 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvzd4dktyhvzFSnWLgHzqmycSSEEG_edZwSmGoysfO5wJDz9qC-6x4UY-Db36yM4KiMLpWV8z7AwX2lZUMz2NvE-I3UeoTbct1nbyyKAJbtzUsUEDvJz9yNesHq757qbh4G4_HhM9hUc_2S3_8aCeUSdq5uCUpN4emcVIpGiblP9XSNms1MlxE45ai5e7w3H_jmBixrhAYYDfw_eRTK6Ku4hCL7kOmDbIZBxDKQ16kNe93lQoYRTNEvSbp4IdgIF24YBZgffh_eAfVQIExNfzNk-n0_o-xlM1SGJr-qOooUxyKGt92n8PV8r_jdl2dLNXKBJ5ofDji1zu6&sai=AMfl-YTZ86Gs0Q_9CJbsOXeO7PpF5x83UUIGi06rNNF9wUpHjjmKbVQDCQ_aWZGjTUxupLzUnLMJIt52Ga91_xH-U-zGvTzn-Tfwi1YAguBzy-CfDqk04NqzHNW-sFeob9mixg&sig=Cg0ArKJSzH0DFBSW4uNBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tag_ce184343-205d-450f-a6f8-357e4d8516c5.js
sm1.selectmedia.asia/cdn/tags/ Frame EC20 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sm1.selectmedia.asia/cdn/tags/tag_ce184343-205d-450f-a6f8-357e4d8516c5.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1cb1e656c944178e0372dc8aa57a530581b10e282740ff2aba50c265280fd32d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:02:49 GMT
age
2554
x-guploader-uploadid
ADPycduqoK8lEQhfG8dbhe8SrCYf7nkmcMrne3gudbtdQPwR_7gkfGskt9L8PByo41Ufsxz2OyF6MFWAa0QHWwqgAfB9fQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23680
last-modified
Sun, 04 Sep 2022 09:05:34 GMT
server
UploadServer
etag
"61f1b1d2e239ca1d3db6bdcbe2701bfc"
x-goog-hash
crc32c=Zi2K8g==, md5=YfGx0uI5yh09tr3L4nAb/A==
x-goog-generation
1662282334739857
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
23680
accept-ranges
bytes
content-type
text/javascript;charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC20 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 05:45:23 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2B18 		624 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGN6Ay88BMAE&v=APEucNXIpe6ULbEvwCq96VOVgyvG4JqxAWF2FV_kYy1s3gfq9QcOyddrslal-Xynai0HoB3umAnlcyk_9DaRVBpHT2Ev-TcSElI3ulvSLsr53js-aOupQCq8vz4JHqiLtlaVW9zUZE8SVGXceBGJvrNuhFhCdA4OplEMj9Gt-BNThhbBDHJ2iPs
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:23 GMT
expires
Mon, 05 Sep 2022 05:45:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame DAA2 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7u_REuHlvo8w4CjRcv9cRRSy9CTcGy2FIyWKP-XHSr9CNULD49G3QuQGxRF40HyeE7uEtyyhyK6FmyEqPpu2AErt4ikcKkIRRe5HGPwxR-zv8nj7S32tynbAdG2rWF-82yg0CLJYd2YsU1j-cT6rfuT9Cag&cry=1&dbm_d=AKAmf-B4iayqGHWsqL9G0mAwLeWQXJxfIVgvkhR-ke4Iob1xfxu1Nl3EWl6KpM6I6WLu9kXrxAD7HF9wjd4sU9O85y1qCCD7TPa-ft8CbMbd1ekX6AEFfSWqoUdPLP7-dRZPUoRptU2GSkHD0Wi5HsJxjoBkVtg9zTNXdxE5BaYzzTA2hAx6JwRLXqhBJRXXZdNaNAoVbWXJgzQgcwKcZTTHZ2fdhl9j-U1CTmyj49wVe3HHN8eyEBtIbJnvwAFlma3xhLiwZ2bxEfqJZFCMqgoLudrCxMZP8y06mwvOInsxxTvDae5AnEQPQcarRnO0IaOcKZpl_rsrfvNselEAgPOHaFZhBnR3XhoroE42BDGi6tcblUNZWROcf_j8-sMuMPxBm9r1MfzRenUMLTGEqKg3J1gVCm5MiDC1-_1xrgyUD_nx8JnJpbSsdg2JsGEH0E3McBKDcMiaCIE6YaOyYMx-Gdf2pYoyMGOgA2Wz_GcIWAVsa-eqoPwEAagXkkPT36Ro44YbuJh7sHEom35gMsoJHZ5w_QTmRIgu38jURH8oQXsp0kyiWEW0zmpucxKIH_yVr5ZDjaa7FOexm2f5BvXVmI-Oei3xpO9a3eKrihzB8OZL5oDirHb3vaUysOTOa41MurtEz6z-Bsr2-Bh1atrXZSb--6YdnSMe4bwYH5oL2UoxS3SFDZ9k2PXvufOccpxAjVLxl6hlHUF-AhFj_iS10Y30g0oL0iKkChEBKmDg5QqzU2X-mtdHqvTnhyiOcEAV1vjrag94gbhZhZhh6uXNMCUlcSdWsTScbj6qrXSqWdJ9o8WyzLcCgw7yiXQVvOmiArnwZojvHsFaq-OH6Ztb_AOnG2LRq02u9xeWKjJpEawfbWAmK2V4Zz94cTBiMew_T1u5kiUNsxEYQlKrhOG25F4AKtTrnNS5ouxa8zllu1MYKSjorPNfCF2F5fGFafzLV6_u-kCkzRBpt_0kVSfyuFz2-PGkvYdpZiol9Jyd9qLm5AMYc-Cx_1YTLL_Dm3smJ0VEa3EPWPjupb2EB-UKFBg75EifDZLYi3oNUuhKEcWfkrxdZTPb_0JlJw_1OsAqJg1uxUFujW_CX_aWeEUObLMIZj0HVH1pOUlAFrgvj-aAu4Zuuf6U3MpegJt2NIliSavvdqbjafGCSDT1lSkec_LHn1dcDEYMRkVZgb99FY6LXDt6uHRs61lq2RI3sEpj-RtjZ2UbRPoaQ_WvNgjfavNl53OqDgctnKKVLaRSs_-CeMa5XEd_Ncj6N2fDTuE-2lizegpYfOf1nDTomlcQY9jJwQImUbC1rxW24cP1ujIuOIkabqrQmlfamgc_rayeyJV1ywEElug_20Fg3JCiDUqrI0ex82C9aUHRT6OtbPLvBsiYD5JWDfGiGMwitvJDyvFl3mvcdaeF5EuI37vWO7Y339zFM2Gf-uzryhlsYBgbxfwqqlJa3rAOIvpGOX7wyWn9t50Em4d2bqB5A7JfoM5q-EjW-PqfGqQohYpUr7GPTZ_Y1OrIbvPOYrYQLcmAnxy0LvfA0wQlMoAzoexby675A9Lxke0_O-FBG63CGql_QTAIU1gObm6QJqFBAh6mdGBBRGMDPJTN9C23mfsdj3rqv7iTyqlOBeYeDoCEcnmGvZBzK9m4G4K0Ka0eyzw3URk_Te7jruP5pcyxQf8TlYPhjtVZqa2SAMrAEPt0Wv5_TfbN5e6jBQlHbmFCVdyH3mw08Fl0AHzPS4nL62uMtfCmEfWpIDY_xhz_QoEcNNlDaj0LSV0EgwKwfSUIyGAsfrOkfLTVoQPm9Pj9jRuL78vyV4pJnxpTOIDfbedadQxJpJIsmGXtZB1uWgDpxbVDLkTNAWgCypNw3BwTloR096cIoC_cflNKU6TMNiVG2sqny60qfPPOMWaB4zgDu5ul4Ji5CeYeYws3-rypT2g4u1ykMKqzvNGFCIKCcHj02SwPoARXy3MTeCLRH258Bk5Xr0gokh2xeBmXMOIHl88ZR-dgW-OvXwkYVr_stlO7p75iC3X_7DZSG-7dj9XF3CziRdeqvEBHFG29grTySXG6oBEY7TLRmGtuo5zrhwQvusC8GWAKYZ0t8z7rkf5iFsVoFzcKl5-K7jHz9pjuzDYVpjnWw-UYdtDivV-6IKLVLzcTR5SGMFoUmAvYxtT3kTRnIEgiO8PDgDrsUg2y9FKC6z3aWRwPE03_MBInR8L2i7YtpYt28MPDiKLm1hd9cYu4T_ap2o8c4WL90S0YYzhnN7Lkwk_5fN2YkgMutNPLTPxCna1-S80rgVV5RWsgg0WYc7VFN1rHg-qDtFkNZhttBDIHzjbXXczATT_WHsnCNcTtIzP7CNXEEE5a0U8r-ij3H9o9eegwVxD__gjCjCYesb9eUiC51LN-Swaffg2clpxwXI77YC6Tzdj5y3aM3d71ovfJa5Tr2-XY8bQRY-JsOpuGDJ8D0oRUZU7GGLVEJjdd6GTaBg9giScZUgTMXkVg39gjLegjssD0dkhEIsEeua00kvOHK1ci7htKrKTz0Q9oEqR_vsPBRhbQaX3Oei9Xf049UUV1Nlq02LwF3To_MoIhkk2T7h_xnzDIvAQn4a2g9bUfRgDphST1ADEXE3h5b67AzExiuElGPl-izCD_J01rtki0-5mdXnhEnIublS8Z3QKu5zCyEriSR1rQx-AoRnngeZoQ1qi6Zsc6Ita6K384VgBy-L2zV3G-oM3RpO8Rap2RXbIeOAgzPqVgZ4YB0a-32lfQSPuWh3fv4DxtkC2X-gZoYdrAR9YHMdOXjSS0zycJ9qDX896ECNUn9RZJ_To-UjnEGMFLw5IXXjaNwB_rwFI2V6dhBnVYGJJyiZAOdfIvMat0bsZeAREt_GFjoD9z0TtZwzaRdBtUYPomi0PP2JebfA&cid=CAASJ-RoeayDVrMwNyuWzd3ziors-3CrTyNQKwVM1qZTvnBUV7PBBKGniw&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1247f6a7b302385d94fb2a3783529a94d3761436805ac3700a25235c8ccda228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11084
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAA2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DHlkdfu1_U7_hzibDZaQ14Fp7xkdx09Tpz02QmDRSurG0L5imE73IlijBxQZNdppbKiUq5FYDmjInozY4d6ILP4MoKq0x-DKVo7s9fJGVczEHHJwI
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1103447/64557517/xbbe/creative/ Frame DAA2 		243 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1103447/64557517/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CnkAoCZ_4B3sPhPSwLvf-_miE75UPTZhaizLiUY5EbEg7Hp5k3jbtJYk7N5xKleZWXdVGY4zGL0kvLm7gOQD56-rPbqc8ubBE6AX7EU4wQ2TgxqDf4mlI8ptpK20bKgdISt8yLmbVqsIo-4vexCgFzFwjcwA65GuoODPErkUAKAmf-AbxGRy8N8ioiLeLJzOHM80ApxzyNGs_RMO1e--Tyix56cLG-nrhz1YRchn-AQ6O4wVw1tPSV2bJ_g6S1FuK6Ba39RD5hayqTeDkfP9lgo2j2rOSCMpdF9V2ELYbQxyyOND9nTjY50997mUtKVx4GdMXWKNRPUXgIr8jVYh-JEj-eb6dl33nU3V1QXx0y8eXzFJ_U_tgLv-IomjumVpUHCULM1_6TNLG2hlOhl8Qajpep7XRi09WKUysYBj1RhqPoSX46oxbteqXwJ8CQ2kBShFEWsL69ffGy8NWO16XmcLOljPcp2KMj8_DNRukj5JHK8wCJAc5dG6mFyX5YO8MX8nBqk9qRFgFi3c72DEFotEElzUVql9p4iAA6lDP48LPRiM0nbxgale2REfZPQzXwulJzseQYEkikzR8YOeP6RqKMbr7LdEwOywUwtHKHGudMRAQTTcb_6xtIi-tesLvV-olReuNyoEzUrFgtb5LGhbL_SkCsQWHxSQocbqOdiliLGmRFjKiCHdQeuf1Cv4OlD1OLHB52iEybGnPW1xrtZOIhwfZIEqjJVVPCjPWBD2bMBe9DFTFUikF886pYtcoovs4-B5AuM3nuLX9YKndX467WFnYK9I4ZoXa61efOd41xWM77fzGrHm5U21sV8JrwDb9qhRgKKOvgUymGc2qbPEXY5IEyHCo_YfLAsCMo72E6y95BKbEqQZKTHT0OrWSE7QtHhhU65IDp-zLxi93wAw2VPbgVNMGIabk8_oQs6nk4NX6wEeqO11TLaEvbG7HoJrPEEz09wtQdKl0kP6kdeunbmLvtW9QjkPsTfyZwk3Kz3lhpk3PO7BkmM6ScgTQq4A6c8Cp5T1SL7FcIyA8e9NxcyVi3pAHbTQIwW_LhVsghJ4gmBayuqzhcPjrO0x3sW6MTRVhvGZMjRjKbgs1izhlYVeaEy-0RfnxHh-2_T6dnjgfP_iqbWmEn4npCUGJZRlVXxSpX2XeN7vanxH1lC_Ji30tSrFfjvV7OUoBi6n6XIOQ5OT14yBt3g4pDyjBUhJytMCSFQICyNrF19TGrzozJUzA51JPBjljAhWFF2JuicSc39MvMokYx3snVT7h1GFxfJfPyr5p7GW2XDeWAQAL9xohxNAqYndqRw6yI1zg3sYdw08A_FNQSV81rnjrG1-KBcjZOFCXPKU3Ss-zQSYZfFlERdTmvsrI9OhvH67cvKZxcHRSgQMtmpsZderGinC6911I-zOqqpqeSefHqz0UF3xujAJmz0jqADS2lgxpNE9M5TGfz8CJHHHEHp65dbeIHA-GXygJ2Q84LNB3cXgVa7t_L5nV7dxrAfC_E9vwTguQ8QYuK4yqKujOY25P1ig83bY2weHQnhicUlouQ1wTOFLdBtTnsYHunAGL3BKf9PHlioVYIUDO4RDsg_m-BpK2izXJ3kRgAkpPp2hF12kGsvKtl3jo4llhtNdQdqCqJVae1PD_khD0OxvZcIiLF2L6KXPG5CjHnUphmwAxkWWNQWBahY_Iig49bDPXZWrjgnb3ugRqFvJ28VMM-zT1J_4RI3WC29XznrCESfiEz_gH2KpG-aqVUUXdGZ8Gu_m_s1a1OVwRV1NDMGZ8ipUYH7jzTXjMqm1Qr_WGZeyrUbGYLHS87e3N9cExwEAOg6mafGjM9i6fJHvy4AJlJFrZBDc_mX3MmgFl7dTF1oFIlCQrMRDBwTZ3r4JEpzOvim_uM9FnBTbqmttKWzu8-TbYKuf55lP5puLftbuMkNp4RdBvdCzvYU7PMBxo7znT1javU5jdxt5Zoz6PcczQtQPxI8hlQLAj3EJe1X9VAWLJVwCwUl3lph2EpKgvfexPOYcezRlSikkXE1NPMFKINqViGnCloSaS0MW8m89IrQNurZZxiBYVO1P-XIgNnEyzHi4ZbkLRvL1yXD8Ma9KsMuIt6BGnrZdy9XGtDw3iEUjJgzcSqRDfMtFPK4L_kwDkHAjvsaKLmr1Bn-sIvm-659BsE-TgAhKCP_sAdpaCxhgIfBzDK-XdptftmVebT-CiftIP5pgZpyKvGvEHA-1Yggg8B968yDkEuHZliy6FBnvVWEWVpIgdSxvpYrmM3N3fYMxZFEtlHH_yEeYkRi9Y0K2HW4NZlxHlFEWrpZ7VZjH0sTUCUuKPRaRtpT9IMzYJfKVjvqsGQDl5RbEwfNBWESwo4k9rIu2JEJe3ODBLCOZ5xSSZYCDXrm7EaR3TJ-bDyKo-BKzR7lXw0EDvprLbGNCOmllOSfD5wID7xc-m02y14nLiGerUWiFW0kRnUpCveg74EWdZcgQs7R0CCl1DVXVNqwPa_5E3wTmROtlda50-qu3rY_t72pf6QNk7fJNAgr6718MFjxUa-8R7JICSOViD7gtm4pEPm1PUilvO2Wy-gSs0N7ujnBpLej7mcg46rYJq3uI3ON8PZ5v7hZq4ZUwyYo63CaO8PR_HIw-gHf5Ludrnl2Z04V1dONPEczlRa-p1NSW_TDQbnYFH1g6J_slCdUQ_Mnhp-IbVvhg_AOGIpERLTuH8X1VbC-Z-wbMHB9Uanp5RdKFkVy_qG3I_vpZaBhjt0LogpqbA2ptcK1AwTofddV_nK5_4kMWUg6OxGb8FZjtOGuJfmZOXdaLq3GPHKPFjRq3z7MAjKRqJuql03aGQr1xrPcQ5GP3HKMFwF111t80_KOK_H3-UB47-qVFd6hibIMoxy8CviuuG8sI-QZzD8Prr-6XyawQcpqE3fwTUhkLriXaYoheblMQOpbkxRupqPLXzIsB8g9h_ip2tK6tuhCz09DPbY21TodOhRfCjlSHiOUb1O5PHTpwZf83DAbuYECob5hkoBNf4-Ze_aElDg-HBxolWd_NWpzZATWanRROWoBvLG3RpbyDNO-2bDrtKbHQGnC-uFGEnaFhWPyBRwo2vG9SJk-42wbWtUaW4NuBQmn36_9v_eJWD64McGTbmeT2rKGzlu9HS-vwOQkLB6Gw8xGeylaB1jVS7rxT1QiTyvPLS0OjSoqx3LBicD3_di80UzuxO0aQUnUOo9R9No35PdTjDQmlnps0R-bulY3lt10204pMwerRW0iDeaKmeSLalamoJYitipjVNO4cAt_Wz8hRl-wACK6fzl58UBtX1wuX9yFg7nez96yYQm5lr5cXBB3eDRmUL8Q04vpCkjsOxTCwMVRuAEdy7cTPxUPYbzokQH038s-RRCs1_VKn_g3FyCgAJTjVCS3LAlcYvs_bfln_n3x7oN4aZ1yMH7JVVbeyvn5JPCshyil26riv9nELQ1_EBogT4DsWFmFHaEl5kBPPnv6cu5KmgkIQ6qTolbfB6xLbfPMzzYGDmoX6FRjMPlTvoQ3QdG3BshBe6Z5FqbQNT517Lxo_xx3xeTZvJmL4mpMBeUyT0h2PE5mB2MkCn9dED_SDgkp3xwI88UY3mS90NAsPWRRqgr4Gq_btrj7BJITox5fH0EBDR_UEWhQ4fxorCAASJ-RoeayDVrMwNyuWzd3ziors-3CrTyNQKwVM1qZTvnBUV7PBBKGni2AB&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_placementId=17669653609&bidurl=https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jHr_aQUngJ-zijFFfKP0_u
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.197.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-197-140.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
70c3a8d5302be5f687da1e905610e04520579b2da789c9bd3de3a27aa94df580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame DAA2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:40:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame DAA2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:44:02 GMT
l
www.google.com/ads/measurement/ Frame DAA2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCVq6vpYTHin3otdSemx2JFc2tnSL8I03xfIzvUVfm2RH5R7XTh3vB_D38nE7BlfgPbo2i9vCevYGCDFYweQHYQI4y-w
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DAA2 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 05:45:23 GMT
/
track-selectmedia.com/trackv4/ Frame EC20 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?&d5=viva.co.id&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d2=1662356723&e=0&cb=1662356723753
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
style.css
serv-selectmedia.com/cdn/player/ 		1 KB
864 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/style.css
Requested by
Host: sm1.selectmedia.asia
URL: https://sm1.selectmedia.asia/cdn/tags/tag_ce184343-205d-450f-a6f8-357e4d8516c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4672b37f99a355152ea5257ba3187597fb9a12fb33a06492131461f469f5dd09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:17:12 GMT
content-encoding
gzip
age
62891
x-guploader-uploadid
ADPycdsf_7NCAqqjyWdrk6_7GvjatNxU5glmbGaK2pszzBVbGmPwp4UN5d_fpYvDvtkCuXnVmwCoHUE_hh8jXQr6hum6bA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
571
last-modified
Mon, 15 Aug 2022 09:39:19 GMT
server
UploadServer
etag
"3a8d6c993f0a7e34ae07f8e86c31e632"
vary
Accept-Encoding
x-goog-hash
crc32c=GiK3YQ==, md5=Oo1smT8KfjSuB/jobDHmMg==
x-goog-generation
1660556359399621
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
571
accept-ranges
bytes
content-type
text/css
selectmedia-player.umd.js
serv-selectmedia.com/cdn/player/test/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Requested by
Host: sm1.selectmedia.asia
URL: https://sm1.selectmedia.asia/cdn/tags/tag_ce184343-205d-450f-a6f8-357e4d8516c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fae8dd0a0770d369ebd63a9c0a638f97a57aa94688a58240409590bf0959db18

Request headers

Referer
https://www.viva.co.id/
Origin
https://www.viva.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:17:29 GMT
content-encoding
gzip
age
62874
x-guploader-uploadid
ADPycdtcV4VfUN3sj8Ub0ImXwCpOAghuRQRVUYU1XkVlU773Fzl9IcppsHA16X-Eiju5fw2iGlEGlW6q9-MXeq-k16ahIjP2A6rA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27379
last-modified
Sun, 04 Sep 2022 12:14:52 GMT
server
UploadServer
etag
"9ee5b36c8cf1220ad77c8efa0de0a6d7"
vary
Accept-Encoding
x-goog-hash
crc32c=OsgEIQ==, md5=nuWzbIzxIgrXfI76DeCm1w==
x-goog-generation
1662293692481852
access-control-allow-origin
*
access-control-expose-headers
Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
27379
accept-ranges
bytes
content-type
application/javascript
pixel
googleads.g.doubleclick.net/xbbe/ Frame D795 		624 B
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNV0VHRTaYouUJW21y7gTL-_RXMFbNjAk2StRqiSV-1Tyt_b_MFWAAONJWGbwt6xdUaJk6e3uQ4r1KxgjD0AdK4aYq-BUzAsH5E11fzoaeDblsrHvqMbF2u2fMJNYcyMiZgGV5471tWfRlxmki18TRq8b5BCuNnvlks9dZ0PUdf3xOU0-ko
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:23 GMT
expires
Mon, 05 Sep 2022 05:45:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4E39 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0M31Iqh30zTpxTfZtHRy9dXvYye7VdRMXRsFKte-a8qzcsVXwScEI4JhHxuKJFVwLOnQ0FMMxWepw5HOV2YEbjktYYJujb0iAr0lO7G4kPmFHrRW2T14TdsKsLSGAI6r8R3acy069lLkOSOaU27Qwc0DW7A&dbm_d=AKAmf-BW1B09Cxn2GJ57xOOrMKZtk3EcLrAUdnymyuY6pOOVWp78vengZB2hoUm-dWJBp1fpHhjUKvZn0GePu9XWsCPt1JrnOZbOVLSpmUf1IEP9rGYOSgi_CMv4EfGs6R9brNhbyOyJemRnQHCRggBvWg3Coi47yCGCz72TJrujbNb08JjgSs34_5_SPW9zFDVzltwx2_1Ou7uyTMA-H4oFQ1KjgoBkFBjwGDwuMkVH6PZ3vyrh6QziBCfBmXsE2I4G0nXMBHPtc_lIE9-vmgakmLvRORUAQ9SmBI7VSaKd7mkIHliDpJe79MEyHhG6MNb5uP0o0QveVCLKup5quWbTkjcyUdLZeazD0JkIKswShOd8L5TGnn_zEItqAKT1PwNSNrpuoSrN6zhktJF3fp3qVKdHiO0eJ0XnPdt_Ph9q-qot8SIVFm1no8-qR6SE3OGqcBd7oBa4nQDuFTQfJx5QCgYUwYMBPG14jv6s3008k3WvKNJ6SnDW5jdEnz2N2_SxHqgPlj6lTkvbg0xIMi6gOFR7ZC7Lj1_cxJLmQ6mfll9fM_NPM-ss3hvFDMBdCI-uxNDE_Jybl04KzDf1oknTIQ3EL7P5BlhcYHBo6E5gPhms77UPfa8ziMUv2ZmkciKW05B7O7qA_2Tw2XnZRexV6PV9aZsvbL6IhupK605Er3J-VFCcjwb9kBcC0MtD9I07XPjtLn0iZ3l7_R2qAjEuMgjHzXDfkHChnyDdKT6aGJVUiKBIjFcj98N5QF1lWTm7hXlPw_DWRWALnwwKCP-8dwT3FjuF6iQam1FN6VoRv7wUuVlPBsYxc_Kvg-RVvr4Tjz8pojpPGiR3Vb6MHeu2tMFIBHISKd9zhEpFaLuVxDWLY0OKzfuxPRmc-FAT0TGqNSBDF9KYTyfgfxl4XiKSHagpdmc67ixUKutj8olIYMgREJLcyaQG0JhbiBOjJmAlO7iTbUoDMDF2IEQ-5vlkqye1nQuADEL-1rd71HDQhGx39u8GURwQckzt-NMyYQibpvN-OT2AevkDvkmKS4JJ5O4-y8FQjoNVdfNzWsuHCGh-69h35i_Ts7uuee9216HUQ2IPCQMWXJRS5ZFUW4Aa149tT0cNUAQ5NQjnfjzB4RJ9nb7M-IZytIPWCkZqqUeR4SIDGNtI1D6J2uTNN1pLMzyCyd4ImjTwTUSrilku8Uu4nu6lm3g6nO7PM64jsFOOGRMwoOep-1dZ6xB3VceIYD_Afob1qwce15p0OU5z7vTcaVXOCXq1bxgYjb9cid-eQFKX7S_nmHvrbVZgUFPsvSa3hgIp44zHqTYG1FqxQ4EqGRSw1ElDgKUCDkRV22T3BNP6O4zfKx2WoW35gh949WbU6kAW--N1ZGiQi806UeloTT7CZ3ecT8YiJab10RBu9Hl9UDUhlUOX7NxOjPossIz2upqMjMA_MjF5Gbr53XUj-RSMdLTQcxJoZCl6iWQdLhjw7U4qR4OXsa3MHMz6EoQVI0EJ4w9eRLyB2TEWoaNpFAHXts_eXHjh_0pkB3zwU--zXMmvu3cBMqT4a5h9hhgjZsIS9Y1z-GdxY1Jw4XRyKrMiAfbDajYVAlq5_-cvIzD4FzhrKRlcucDBlJxrESEnZPN5Vq8QtZJxiCkZHn79yxgxAP-faXSmhwdFfe5FeeuPiM9529rIPw-bxYNPvXbrzRQ9X_s6MghT-gmWRZCAQE8sMAeECrznSV99FJZ1v9YTBLGQABwYzqp-AFQ1kVUQrdAJgf8ZENuqjYcdCQdWLbBdenPwoWxP56lSbLd0JBQYkeZhNgS-LUuYrBkv8xWjD7IKUQuniQzTvrwZ_9EPYOnP6qg4JNL1yYn4eXsiIyi9drwLF5J1xE58UBsPPcC79FeFho81UHTy34Sscj4H3Hj68uygNgBMIz3DFemKjE0a6tvHAYBRfV6y3xZfUZJGGlhckx23MFgSCxroxIvAybCvD2SO0fs7BEveLsooU16f8C5YwJwTzxsVvBrCYdB6Bexan-U_safNeOVkPmC0EsY1_zPwSs4kDZGnCzUcgpDyaPRIxdfC1Z3-We3VUp_gpqFEWelEHOzCuhwR_LEr415o78phpDWfpyU8qiEdSJ4eL9kuTHOHXDG2rzdei7X4MvSzePvXFoGQoylOG4m2GeBpdPhbPBN5pEaT2U68paUXzo3nXCf6UBehdg4FQ4fv3qCA0gaF-mTCXjkheUX-1xPQF2ClwrWft5Lqh9d0gWbhPuNobHc7K7a9yfDbNO_pYGQMQ2PH4Exig5ZW17npIgYfWj1dCASQQWNOs6vATgY1RcEcu0Wlqgts1w08tjJzLf_NW0siiLJWnrp6FGmR3Hbgt77hY0eMLvk4nG6J3m1nblJ5-hXBnxCFgJ-iNKiwHCtjV0h1b4ojd-kco4qc8Z8tu4glZmvY9NoCQbk5U0KYIFwsfw-6AtaeJy03iAdGJcwNkUR6Q5qkKVhHNCq4g_CxezNb0_8Hytdlish7shH-VvVnvdZKR_Nok_Fc7zoRb938mhFuomYelJreaEVnZOFQZowqn8zvrMhvi-OW4lVKl6Wm6XaMfC9nyNbMTjbwmZzThfTVGjZyq05xjZj3CBqqEEA4MfwImNI79j0SajT8o_FTobZRnkwqFZQKSGZGVmgKMlJLMCGKRz-0z6mbN5J-IpFOFU0ejzSr2PF1wNWOciY9UAwll-Y6fga-Xf4gSy6niOSJYF5ZuQ2j5MzRKFDJrgQOAioZ_TaNyOXRG0Iv0C3x3F2aIkkwz_SiZB3WDjjGHAF6FYHFagvaeXQMnI7VV7ye6ucDHc2nvE4iHoUH-fe1MXc8Q49H_FHHtgWK9mUevmHrjetOHfiFVpPGrVI2GPpYjc8U8lEL6Di6o9eYxIInpklFZ1QV6Rn98H2iMEw9u3FKrJctUcidxtcD9w5H2EsbFxjcrjQzeq1FH5BxtFEd3kf-JQOyEJBXPIsbg2h9t6KNho8tPjbR47GekjGhXemPycq2I5j9u_piNwbOixUsIWzuTpLsvw8LPyg_KPW_P1Snzci58975-0pJGH-xmYDjeEzM_-vblJP6EQMfzMnFQsa_S8CE9-HlxfeI9mdu1sOtCoDKuriUNIGqRE3lwn33MYSSA1TxRMUFsvLRTZGwYjDRxKtAqC4Gfd-Ou0zWP15phMsQgapFeBlAXmhOjOVktlTKruiCZ6OWKJ5ZKcoOtB9YbmoEEqoy0cEs8Hn2A3_jDlKPqYuZ6BxW9Wm6kddiLpQxnW8yoC5kwPYNElLUDWjNrl5hhtlJgtQEoBoTlF4GNBG5yqwT_EON8uDVVVtybYNXECrSrcvjx7cZE3vZFJZem-um7cwoFjakcqCrfr7muNgz_xFnJJyJzdIsu1nARLv7ssN6GXSY9j3bnw296wlwBohHQ1uwW3njdowM23R7N1D2VJIRVofFIbpJrBg&cid=CAASJ-RoPM7XC3VeJ5iRwRDJw-iViWZsJrlzKN9wdOOV8l9yFeZvFSHwTw&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14e647240f4d3ea29934faad8443ca4d3b66d03ad000cf38853e1d541faa797a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34896
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E39 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A56wKMRgt-PzooKXkbUKWcGdhizqEf0T4LP2z9P7qjhI01boFPRJrjtJtdd3mt3ABPB924PFqqwTx08kc3Y6DMKa727CWWVyrI9iC89rhAZt1u-l4
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ Frame 4E39
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1083870/64162795/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_placementId=179...
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:223f:9e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
etag
"45cf913e5d9d3c9b2058033056d3dd23"
age
6187946
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
date
Sat, 06 Aug 2022 16:14:34 GMT
content-type
image/gif
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
wMbmyAQmSwQNjQ_otquaVzh-NoHQNNUoLkRlObI8i29Euv6BQmgzXw==

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control
no-cache
content-length
0
server
nginx
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 4E39 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:40:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 4E39 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:44:02 GMT
l
www.google.com/ads/measurement/ Frame 4E39 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeWtMO-hv3jnEZzW1XPjHF5Rwrp7Mu_-HjsXJ_48L5C4tqh4RPlRCZne8k5gCk9XCPQA3mqdBbNaTGSf-KL2QbJ4AeyQ
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E39 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 05:45:23 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4CEA 		640 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNX_-XOJBHLdpKtMFZuCgN2BF9L1Dt9S92jze2c2pRI3c3rXQbQYZApXOtaepQFmUuM97dtUQWefT_kKKEQ1dZG-BY5P2OVjpe-gKq2forJG_FBpJmL9Clnyn2PPF-VFdavYd6BpucDSRlugEItxc5GOx2lpadV3evhHPGGpZann-IJ6KNA
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:23 GMT
expires
Mon, 05 Sep 2022 05:45:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 5B45 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFPQZBr-f-YpWtcdXH55jl-OLzpB_DNuuqXe0_Mn0w6eczaKtWu9lSljJGIoOn23rF2rK9jT2yuuIA-g559wKFL2SwVH6uJUj5u_403Nf4yOZq4-B2u61Y8MEmPy5QedYYQi_VfSUwhiaHUWowctgljmEBMA&dbm_d=AKAmf-C3SrduWniwdfqRbNz9ZuHUBfRUqZBpqmFAWZdUmLtX_IzY9mGTmRQCZWzuH7c-WVYdS1FtUwbMnCu4Kif2-3RZywL4CgcueuU9695N00q5asSzSLNnQlxMEW110h4OxdJH96JhUQPiIlAktaxqd5sftlaF4CWXslp6zciJAO_ZksDCDidYGwy1SQT0zxShQ7Rc0IM2p6zjttTbZLl-4uAYSTHYQpXjN4gFL2L5f_hBTXTUM7Vm-EyDMslyKK-qOGStfariw9dK3cb4JLXfZYzLq_GShAJ8ovCxtmYHgL7c94JRObeCi004lKWMZBVayN0jo6e9rRuDHoTZ-jr_4DwWiF7uOo-J8QPDl3caRjenziQ5WHs_Ov9bQCV0uETlnvqBCe8GYzSD5b19Xg_vu4g8jZ1VDjRZHoYqeCBry6O5kZe2MgZPJ73HL33zxy7fBTqXDxW1kv89iCfey-hPn6eJFmCHvqOQ6-fG-TSk1D-3J94SfwEgZTRN6tl7x22muZjM0ziWaiLTjqfAypc0zM_c14RO11U2Xk-ckj_DBBmGcf1aY1AF1OhZd4OxvO7I4G9ewDvTM49e0Wwg9OgowK3cZgsWkw7Goa-cn3vNbMus4i7-A11Nzv4YYmOWwbQnXM4Gqebtn5v5WMCy7H9kMrk33keEYKZk-7uz9WbEOyRvLQo5tUg2ToNuC_vSYBAdeFw8K3trt5cz5hzeIuWDVtQZRATvUIKQji_wdRYi4RY0gQwNOX1kEA9g5OGk4X-7H3o8j1dRzmYid6vh35BrCS3p2efZKWleP-AqaAQwP17wkggAyShFDQuvhUqXzcKWqSuG5nygSIIlCoCfAVioJH92SlKQoyvh9NMgIRZGhH2d5t3tvZqoS37UokoT2Hq2bZ7_aRq8cFbGmgMt94tO9btaC1J7L36J_hERG-w20YQ0_wkorphHkGn2V3uJGSjQfFjeIycRmdW2ovwSdmcibw70GIi3z_DVpHGWg7Ctyv8ArIIl80PUmxJHLlDQBPMT1WyktREW-PwGvcjWlVyCqhIiQboXH9K66V8vJjxc_FUag5xtswhdkxNoZ0fwa2Vjo4S4Os64w1eTmSNbis0Iu1DkrGQFlaXA319vkgMww14Res8RkGAL75YKgufH8QKmOwD5pPZCeijzjdthZ1pDyOeJVVS-Bv0ydc92d-YoEb9bDPtab5AGBpZhHOzADDzKSu7rkMorrCcRqF1YgrLG5o7i794IqYA9rKLUHIOShpSo1eBsQu8mP_g6WDGDUcSKsftOwtzCoryqxZ9XHPpFe5lJmUB1KKEHxTCPSonjJ2qCHJWzsDD4j5CbLTq0GP2RgQBxofE_xqsCsvvv8_DklCSLcQ-Sz_Jrq0MPvZRgmzEhVTKMVUJYEqEfkZRAVPo7Rox8kWZV__VlBud2Pvy1RV9vBrxb9TTK-2nHche5l2IKCTPwjApIt2tcyYlh5Lwr75bzaFGOHHN25gR6ofiV2RhFT4e-pJos7d3jEXg6Dnj0hpKhgvEwNwWFnHmSw0rVxQ58kiajcD9m9KBsi4oOeUGny9MCkZ-hTb9yeHra8pTRN-d70haUp7tU9Gt1ocExX5Rmqd_F9S2IowtwAF7z2laslqq7V_3ZXhSuUe2F76Cwvnc2SnQ1gkAPgEjNAxy25gCMhb14Daahwx3aYYPloKmZ1NQ2DzK8IZSs80-DjgD5p5_3-_Pmn_UWWUVcc1jcRW5tDstJB6Tj-wj8w4mJFxBnk7gr0fcGoaygqnlPcrc4Sbyzz6MAK8Ud2DqhufM7VBB_q_RQt1dX8kqPxlkA0PYFYQGpVW2N3qnqqYlj7ANEphX6r_cGDug7qK3PJorkpvvY3WNEDTsTWo5RWo7nn50xncmbEkZq3IQ5P3J8HiqrZd6RlJXH3ZEOgvyPH22RdoALr78i_xQLHpoRfl-_POtovwLWryIRjvWr-loZrsWNSKy2Ovu_VF9XL1uw7XEmBoz9vk8qqYscFyAQLImje2aLwm3c-Ag1GXNfjtYMpNf_6OALU-Tjb-afB6NZo2lHKCnpJ8rp0jk0bu6zeYVjjnvnxAyob-K7lcXw8osM6uBlfNhCK0FCixpXbCIS-ElSyYNJDQZYT58bk3St59u3jrwiHgEoqrzB49JtAYJ_YHI5KXEYxBqZT51vVU-f6kOI0A7B7WK3snA4U7FugvPdwFK21E5lxll5KiWNPJlnBWAphQ5dBgxiKYOo8MVtwfaP4MAc1lXrv87TqaqmfBPGdtWPHNT45Ghbg3n5IZEhUOQWpuW0jftu-23wE1QsjhTbclYKSS6XQ2yhQEMr8tzA9QuY_9woSF9hdLngA_6vUJYuZgImieIq83GQYLpUKZsE72yEmkA0W-o-vw3YcyaE55FrKBCWgAuxKDfSNaVkuQkoSK0qCEN0Sd6bQ_jZDAe-iIsJf0MTXHu-7QaKaLjrSWrKsU9Rr92YOA_G-Uiz_LH0FXzv0P7JqZ0sRnWag9x6eq1NpB6LebOmrL6lAVJRlJpip2yISj6BrWyASuJJxA-ToP8Vxjmebdvl7-p8v8__VRWCIrrVmZ0bqFN8jc646DC0ON1yHUruuixgE_USu7toeeKzbwG_iiGHyZNoAfKdI17LO3EE6lZBJ38sX1K5c7EwYakj090em49BXziykik-isZL48DyeyKmCyJOSV0M9slTgQuqosrawfngk5PF8EnKvHudpDSI69ViEVhPEI9Hb8FSqan7TlmfWfunSIHACGJoZBj5iufPmuuIoWgCj0QXrDTFVSbT8KtHCJ1U7wJjN7LpikJL3DDrqw7GR9wvMZXfXucEyHd7bNTj-rroixKfTHV8gUQEMr4OwT0UPjfelYGOcZ-2LxQrD3ep92vw5Mzu14gwKem8a2yAQyUxFEhiH9mufKcusVTym8L7h0JWUj1TQRWq6D1E3vcqwPtc4T_zvj-rlN4UQWysntWi8nADBgZJHtkwZ4B9nn_lXt2Ky-Qgu31_Pi5Vbh7HDuULrLRVszRM-s5F1EdeeQ2ZkR7gykKDMpJn8iMT3Ivgs7sAQ1A8u10cL21pK-qtDD-kSDxymggvh9ADIQeiAdaNem_QTiw62UmfSbQFucMkvm54-FSkjQaQTjRFv6ZmMHbl1gQXPBN9gCrxBRxMPu_kibG2gzdZ86YxBNb02AkO_E44LiWpVk-YZ9JfucOUd_W0T__qD7iyCSCV0jB5CmBlO8NX7X-JmPpEP_uBPxmOVX0lK-c8p71b1xT8MFSRXbGwAJX4aUtE7bCE1mR0P7tmXcmfBnMgpibr4yz3-iejOZEEtKNBS6k6fCracib9KxgJlhHn5ZB7bfLSKCQI3tEc4vFXGRWOKSaAcNkIO6w7WqWX5SkBiTSkk5KHyaEJIE76s2O-UupAG0DWIip_AjwE_zX6pY0uVuyL1_3ieKZEdOR7u9xGe_w&cid=CAASJ-RorMnGFRlmQ-4iU_oVhWPS9TtUMZIorHPglipUR-1xZ4L8sfNT0w&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fa5b01ba0b6a2c1fd0671c1f07b7a834cba959227b83b27ea8b48c90ea3ba66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34957
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B45 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMGvMQaZ33f4hYE5deB1iQuOGdVp91t6AWvWRthm1ENnE-mojmaeqn9S425xSxtT0wTvRoRf2ayxbhh8FW6pODejMAGGuwQ1x5w4_MArsalDo4OMs
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ Frame 5B45
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1083870/64162795/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_placementId=179...
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:223f:9e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
etag
"45cf913e5d9d3c9b2058033056d3dd23"
age
6187946
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
date
Sat, 06 Aug 2022 16:14:34 GMT
content-type
image/gif
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
3bd2suCz24dlujPEHamgCC52dz08Gsw7Q_h5CUGDJ77Gp0IIEtDXDA==

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:23 GMT
x-server-name
app03.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control
no-cache
content-length
0
server
nginx
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 5B45 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:40:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 5B45 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:44:02 GMT
l
www.google.com/ads/measurement/ Frame 5B45 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYxPIBPdjuaCaJ4PIt4p0c-hCgfbeNwii4mxOFSfOk3UJIDV52KcZr3zPGTxDZIwqiREon_zU1NOaBCqs_Eq5JSzrgQg
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5B45 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 05:45:23 GMT
css2
fonts.googleapis.com/ Frame 8482 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 04:12:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 05 Sep 2022 05:45:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Sep 2022 05:45:23 GMT
css
fonts.googleapis.com/ Frame 975A 		5 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1535199f71b96d423d3f991a5a0a92ca5779e74d2e23a509b5022ef347129a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 05:38:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 05 Sep 2022 05:45:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Sep 2022 05:45:23 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 975A 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:33:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:33:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 975A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:43:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 975A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:40:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 975A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:44:02 GMT
l
www.google.com/ads/measurement/ Frame 975A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8AiU-krJz4iM-gz5ye6m4C_al-jZCPQ4F6rwLx6O3xANPSgUHebqlN-f7twF5WWVvCFTmhYyqxviKju_1uQ6wCaBJuw
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 975A 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 05:45:23 GMT
e3ca5db921b3b46420ba257a4c2f6b26.js
www.gstatic.com/mysidia/ Frame 975A 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 13:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13683
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 19:26:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Dec 2022 13:15:13 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 8482 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 04:46:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3546
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8311
x-xss-protection
0
server
cafe
etag
13410161823615325117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 04:46:17 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8482 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 02:12:51 GMT
x-content-type-options
nosniff
age
12752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 05 Sep 2023 02:12:51 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8482 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 00:57:07 GMT
x-content-type-options
nosniff
age
17296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 05 Sep 2023 00:57:07 GMT
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame D700 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 20:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 20:17:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 30D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022083101&jk=2520529319726392&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
59c90be728a061224b14efc8.json
serv-selectmedia.com/cdn/mcm/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/mcm/59c90be728a061224b14efc8.json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cbb6c86e1b1bffbd46fd53d0f468b8e5d97818bae9e2d9c83f69ff4a5889077a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:02:50 GMT
age
2553
x-guploader-uploadid
ADPycdsn2LOBLSTsK1V1QtXU5gK3NzcCHisjr9w4KApAdGJH6y1SLh8cZi5fhOALu8nF3S7qRFKRQYY9tHFBFvJ_yZjWYg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4748
last-modified
Mon, 05 Sep 2022 04:30:54 GMT
server
UploadServer
etag
"d90f75f65b223ee728ae62a32efb2ee5"
x-goog-hash
crc32c=QNj3ig==, md5=2Q919lsiPucormKjLvsu5Q==
x-goog-generation
1660203824187084
access-control-allow-origin
*
access-control-expose-headers
Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
4748
accept-ranges
bytes
content-type
text/plain; charset=utf-8
2539698496735950919
tpc.googlesyndication.com/simgad/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2539698496735950919
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eba8f958f96c2043d58e7ac7b785d69c2388905b6178f0382dcb5dc9c80dd98b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 12:22:45 GMT
x-content-type-options
nosniff
age
408158
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23825
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 11:07:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 31 Aug 2023 12:22:45 GMT
/
track-selectmedia.com/trackv4/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=dce12634-2212-42af-bbe8-925f0e70fd45&d2=1662356723&d5=viva.co.id&d28=548&d26=640x330&d27=-1&cb=1662356723951-ea191ee2-4c8f-4b03-bfe7-9a644b9d39bd&e=47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame EC20 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de5337c4b900f0202f38afa98c5e156d58d2ba713a29db3e5fb410a19b65423a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame 2232 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2232 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2232 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
NdpWMIdvrNF0spxmY9RmlqhGgIbpoIyGKQjaL4zJmpTI5JL7cCQkUQ==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame 5677 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5677 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5677 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
VdaFfynTH6O9RgPFyqKm0eQ5Y0sq2k5SuF5TMaT_ppr-5SjLnTkEKw==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame 58D9 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 58D9 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 58D9 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
9zlGfhXgKBBZvFDrOKy6QVLYM90TYt0jJY_5vFXnVU7nYS3XAYi5Tw==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame 1E27 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 1E27 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 1E27 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
fnwOKOygvTqJxjzhgX8mo6KhuDAkhpnLvNeHMeefJfrl3uPcHYhbng==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame 41F3 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 41F3 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 41F3 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
s9LUxVyDp_y-01ohhFvFniHlLjAqIXnDdlwXFGqRvDI-wu9xQ1kgRQ==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame 5F76 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5F76 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5F76 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
2CLPA9SdrUpe10FqECMeXESFeNpOHlQKnOqcivIOXcbGx2AJDKM4_A==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame 8427 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8427 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 8427 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
kuYGf5IZVBmiNrFIbTHvNAkG7u85OCRE4M-xhe3QggB6C0wFYmMrmA==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame FB21 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame FB21 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame FB21 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
FI22Ni6lLxjC3APj0FI1INIfb55Yt1gdEysEOR1TZ3R8Ott8cufM8A==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame AEB6 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame AEB6 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame AEB6 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
8ZAVutnvpxGtwsfYQioQkX-gnRw76udjLEE34OVcLO9QoChxl8LeIw==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame 2A59 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2A59 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2A59 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
FPM-LB7hNib8sR38MQ3DrYUDFC5jk8e4dfcPnLdUpP3K48kK0cdT0w==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame 9C9F 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 9C9F 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 9C9F 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
-YyQsO7ZTVKOL8RLb5AnKbBiZvdoNZpmCxzfCq6X2jRVYNuCOmcCwQ==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame F18B 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame F18B 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame F18B 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
LBp9vhBITPtFIsGozXuZeyYM_D1rsgY8OH06Aa87sFRa9kU6QSPRwQ==
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4E79 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
364
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 05 Sep 2022 05:39:20 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame 53D6 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 53D6 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 53D6 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
HTNZI_TrrW8Nhu0QXM8XYRc41ryLZd9MEIxy21gkHmoZYtDPL04s1g==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame 0190 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0190 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0190 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
7qQjcmGIPR0oLF7xXCL_mvEcdzpxU2K04zblhWv2Lu1UmtRmlMBTrg==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame C048 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C048 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame C048 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
vZLStg7YhQ68BDNcR8gzgs5aHZHGswpnf_Bkha_ltm1C7h32-juX-A==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame A380 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A380 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame A380 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
gUF1I7lxhcpQdvqApsQYbIFs1cB0SybKFk8NBt6lpTIGW5UwiNhzJQ==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame B2CA 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B2CA 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame B2CA 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
HhDO3jFRUCQlICo4jy7R-gvvwMwyEymz6zWJ6tYRZ_BOVWsywjy3jw==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame 5835 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5835 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5835 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
_I4UDwq2tsd3Jdw2sSjPOWu5E3yPKVSFrbuHH1JBQ_TWusKUOGCSyg==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame EA4E 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame EA4E 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame EA4E 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
qBuxipEe2giPavCbnDAAC9is2xshcqQjEw1vUqVESrlGFQkFgvzIeg==
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_9_0/ Frame 4203 		376 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:33 GMT
content-encoding
gzip
age
62931
x-guploader-uploadid
ADPycdvSfu88wQVT3rDR1awK0SXWjt3OkCwOoNloxOpc3FHS0onWpkyrgRJ_uF0kVdUl48ivGATha5ijfoqdb2VnylbkwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122061
last-modified
Mon, 22 Aug 2022 13:26:37 GMT
server
UploadServer
etag
"42dbb016993fb8f087e17d549e5890d5"
vary
Accept-Encoding
x-goog-hash
crc32c=lrNC0g==, md5=QtuwFpk/uPCH4X1UnliQ1Q==
x-goog-generation
1661174797385640
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
122061
accept-ranges
bytes
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4203 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 05:45:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4203 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 05:44:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
75
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
PJUfRCYQIexLTtFJAm8Sjv92KQry1xeRh-BZXuB07rUelwdnEkgHCA==
/
serv-selectmedia.com/serving_v3/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/serving_v3/?channelid=dce12634-2212-42af-bbe8-925f0e70fd45&height=250&publisherid=9405327d-534e-48b3-b878-0b16989e4a9c&tagid=tag_ce184343-205d-450f-a6f8-357e4d8516c5&templateid=f6b3eb87-2011-41e7-beab-d9c8a37181a2&width=300&domain=viva.co.id&hostname=viva.co.id&url=viva.co.id&cb=1662356724151-88e942cb-575a-4763-84ac-6cd739003b91&is_desktop=1
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
/
Resource Hash
43203c66b949f45d33fcd81f14991f16ec87dee97a6344cc71256f9705c944b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
access-control-allow-origin
*
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
via
1.1 google
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
x-accel-expires
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame D795
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNV0VHRTaYouUJW21y7gTL-_RXMFbNjAk2StRqiSV-1Tyt_b_MFWAAONJWGbwt6xdUaJk6e3uQ4r1KxgjD0AdK4aYq-BUzAsH5E11fzoaeDblsrHvqMbF2u2fMJNYcyMiZgGV5471tWfRlxmki18TRq8b5BCuNnvlks9dZ0PUdf3xOU0-ko
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca897194e9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPSQDS1rzli3HgIfihWU9fYGVUsLfNfYRlfLLEMDSvHJEu2fYZYkVkeJ4amykc4N1qs3WXMnScmApsPZE2c4K325l%2Bv%2Br6KIDVI1XiItVDtd%2BL05fPwE6Pqlc09R5E0iXnGxCtwT3ZMMsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D795
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxWM8lxjmMCJg8zGRvlwPgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNV0VHRTaYouUJW21y7gTL-_RXMFbNjAk2StRqiSV-1Tyt_b_MFWAAONJWGbwt6xdUaJk6e3uQ4r1KxgjD0AdK4aYq-BUzAsH5E11fzoaeDblsrHvqMbF2u2fMJNYcyMiZgGV5471tWfRlxmki18TRq8b5BCuNnvlks9dZ0PUdf3xOU0-ko
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca897da5a9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I81BF9GH%2F9113VxEoaqMiYf%2FQVGHYTNCpZo5xQj0uLxORvTt%2FpuRhfi7XBe1k7%2B3%2F6CWI%2F8K34vhxvjQ0J48sxW7pmjxJuF5pJSqomcj9Uuzmdy3FNj85UI0nNjl%2Ft29NWsCHfe%2F966UXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D795
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJM5T3MdwVvoZlBXZxTEQFY&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJM5T3MdwVvoZlBXZxTEQFY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNV0VHRTaYouUJW21y7gTL-_RXMFbNjAk2StRqiSV-1Tyt_b_MFWAAONJWGbwt6xdUaJk6e3uQ4r1KxgjD0AdK4aYq-BUzAsH5E11fzoaeDblsrHvqMbF2u2fMJNYcyMiZgGV5471tWfRlxmki18TRq8b5BCuNnvlks9dZ0PUdf3xOU0-ko
Protocol
HTTP/1.1
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:24 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
9a433c37-f8b9-45ee-841c-21d9d1ab997b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJM5T3MdwVvoZlBXZxTEQFY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D795
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA5MzQ4MjUxNjY2NjU4OTk5MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA5MzQ4MjUxNjY2NjU4OTk5MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNV0VHRTaYouUJW21y7gTL-_RXMFbNjAk2StRqiSV-1Tyt_b_MFWAAONJWGbwt6xdUaJk6e3uQ4r1KxgjD0AdK4aYq-BUzAsH5E11fzoaeDblsrHvqMbF2u2fMJNYcyMiZgGV5471tWfRlxmki18TRq8b5BCuNnvlks9dZ0PUdf3xOU0-ko
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:24 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
a64ac0bc-042a-4a5b-921f-a5825b501ec3
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA5MzQ4MjUxNjY2NjU4OTk5MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2B18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGN6Ay88BMAE&v=APEucNXIpe6ULbEvwCq96VOVgyvG4JqxAWF2FV_kYy1s3gfq9QcOyddrslal-Xynai0HoB3umAnlcyk_9DaRVBpHT2Ev-TcSElI3ulvSLsr53js-aOupQCq8vz4JHqiLtlaVW9zUZE8SVGXceBGJvrNuhFhCdA4OplEMj9Gt-BNThhbBDHJ2iPs
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca897399c9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSMI5bVrx05hhh%2FGzewY0ulg48EeX%2FJo6JiLJddqEsGV2OrXqFvMDPXbIuTZodWzqmkjfodImyWBx6vIgzLAJRN2PAplPr2GaotYf0xJAx3A32Z58g%2BZrw0Yo6yvJP0mM0yvgm%2BUKAjPUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2B18
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxWM8lxjmMCJg8zGRvlwPgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGN6Ay88BMAE&v=APEucNXIpe6ULbEvwCq96VOVgyvG4JqxAWF2FV_kYy1s3gfq9QcOyddrslal-Xynai0HoB3umAnlcyk_9DaRVBpHT2Ev-TcSElI3ulvSLsr53js-aOupQCq8vz4JHqiLtlaVW9zUZE8SVGXceBGJvrNuhFhCdA4OplEMj9Gt-BNThhbBDHJ2iPs
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca897ea659963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdR7ns5s0ONIJSosNH3T0Ua0LbvbjIeWdhxGUOEZH6aIu2hxzkrPpvFPTbpSHLrct5sKZhm6OAb1zBzlL8Jw7T2jCgSgimRPiS6oHmq%2BOvEJECZkS89m%2Fm6IOuREePGzIR1p2qgQ4qCbiw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPUM_ZMQG67SyTvp4k-pdE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2B18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJM5T3MdwVvoZlBXZxTEQFY&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJM5T3MdwVvoZlBXZxTEQFY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGN6Ay88BMAE&v=APEucNXIpe6ULbEvwCq96VOVgyvG4JqxAWF2FV_kYy1s3gfq9QcOyddrslal-Xynai0HoB3umAnlcyk_9DaRVBpHT2Ev-TcSElI3ulvSLsr53js-aOupQCq8vz4JHqiLtlaVW9zUZE8SVGXceBGJvrNuhFhCdA4OplEMj9Gt-BNThhbBDHJ2iPs
Protocol
HTTP/1.1
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:24 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
24cb7243-0301-480b-96ec-e1911eb4bc3e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJM5T3MdwVvoZlBXZxTEQFY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2B18
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA5MzQ4MjUxNjY2NjU4OTk5MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA5MzQ4MjUxNjY2NjU4OTk5MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGN6Ay88BMAE&v=APEucNXIpe6ULbEvwCq96VOVgyvG4JqxAWF2FV_kYy1s3gfq9QcOyddrslal-Xynai0HoB3umAnlcyk_9DaRVBpHT2Ev-TcSElI3ulvSLsr53js-aOupQCq8vz4JHqiLtlaVW9zUZE8SVGXceBGJvrNuhFhCdA4OplEMj9Gt-BNThhbBDHJ2iPs
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:24 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
0eac67b5-7fbd-4364-9a48-27207308c651
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA5MzQ4MjUxNjY2NjU4OTk5MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4CEA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFs1t5Ls4wKDNGkBA4UrLF4&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFs1t5Ls4wKDNGkBA4UrLF4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNX_-XOJBHLdpKtMFZuCgN2BF9L1Dt9S92jze2c2pRI3c3rXQbQYZApXOtaepQFmUuM97dtUQWefT_kKKEQ1dZG-BY5P2OVjpe-gKq2forJG_FBpJmL9Clnyn2PPF-VFdavYd6BpucDSRlugEItxc5GOx2lpadV3evhHPGGpZann-IJ6KNA
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFs1t5Ls4wKDNGkBA4UrLF4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 4CEA 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNX_-XOJBHLdpKtMFZuCgN2BF9L1Dt9S92jze2c2pRI3c3rXQbQYZApXOtaepQFmUuM97dtUQWefT_kKKEQ1dZG-BY5P2OVjpe-gKq2forJG_FBpJmL9Clnyn2PPF-VFdavYd6BpucDSRlugEItxc5GOx2lpadV3evhHPGGpZann-IJ6KNA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 4CEA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEJk8iKvUrKk-DwbiqKFnWLA&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEJk8iKvUrKk-DwbiqKFnWLA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNX_-XOJBHLdpKtMFZuCgN2BF9L1Dt9S92jze2c2pRI3c3rXQbQYZApXOtaepQFmUuM97dtUQWefT_kKKEQ1dZG-BY5P2OVjpe-gKq2forJG_FBpJmL9Clnyn2PPF-VFdavYd6BpucDSRlugEItxc5GOx2lpadV3evhHPGGpZann-IJ6KNA
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 05 Sep 2022 05:45:24 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEJk8iKvUrKk-DwbiqKFnWLA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 4CEA 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNX_-XOJBHLdpKtMFZuCgN2BF9L1Dt9S92jze2c2pRI3c3rXQbQYZApXOtaepQFmUuM97dtUQWefT_kKKEQ1dZG-BY5P2OVjpe-gKq2forJG_FBpJmL9Clnyn2PPF-VFdavYd6BpucDSRlugEItxc5GOx2lpadV3evhHPGGpZann-IJ6KNA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 05 Sep 2022 05:45:24 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DAA2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7u_REuHlvo8w4CjRcv9cRRSy9CTcGy2FIyWKP-XHSr9CNULD49G3QuQGxRF40HyeE7uEtyyhyK6FmyEqPpu2AErt4ikcKkIRRe5HGPwxR-zv8nj7S32tynbAdG2rWF-82yg0CLJYd2YsU1j-cT6rfuT9Cag&cry=1&dbm_d=AKAmf-B4iayqGHWsqL9G0mAwLeWQXJxfIVgvkhR-ke4Iob1xfxu1Nl3EWl6KpM6I6WLu9kXrxAD7HF9wjd4sU9O85y1qCCD7TPa-ft8CbMbd1ekX6AEFfSWqoUdPLP7-dRZPUoRptU2GSkHD0Wi5HsJxjoBkVtg9zTNXdxE5BaYzzTA2hAx6JwRLXqhBJRXXZdNaNAoVbWXJgzQgcwKcZTTHZ2fdhl9j-U1CTmyj49wVe3HHN8eyEBtIbJnvwAFlma3xhLiwZ2bxEfqJZFCMqgoLudrCxMZP8y06mwvOInsxxTvDae5AnEQPQcarRnO0IaOcKZpl_rsrfvNselEAgPOHaFZhBnR3XhoroE42BDGi6tcblUNZWROcf_j8-sMuMPxBm9r1MfzRenUMLTGEqKg3J1gVCm5MiDC1-_1xrgyUD_nx8JnJpbSsdg2JsGEH0E3McBKDcMiaCIE6YaOyYMx-Gdf2pYoyMGOgA2Wz_GcIWAVsa-eqoPwEAagXkkPT36Ro44YbuJh7sHEom35gMsoJHZ5w_QTmRIgu38jURH8oQXsp0kyiWEW0zmpucxKIH_yVr5ZDjaa7FOexm2f5BvXVmI-Oei3xpO9a3eKrihzB8OZL5oDirHb3vaUysOTOa41MurtEz6z-Bsr2-Bh1atrXZSb--6YdnSMe4bwYH5oL2UoxS3SFDZ9k2PXvufOccpxAjVLxl6hlHUF-AhFj_iS10Y30g0oL0iKkChEBKmDg5QqzU2X-mtdHqvTnhyiOcEAV1vjrag94gbhZhZhh6uXNMCUlcSdWsTScbj6qrXSqWdJ9o8WyzLcCgw7yiXQVvOmiArnwZojvHsFaq-OH6Ztb_AOnG2LRq02u9xeWKjJpEawfbWAmK2V4Zz94cTBiMew_T1u5kiUNsxEYQlKrhOG25F4AKtTrnNS5ouxa8zllu1MYKSjorPNfCF2F5fGFafzLV6_u-kCkzRBpt_0kVSfyuFz2-PGkvYdpZiol9Jyd9qLm5AMYc-Cx_1YTLL_Dm3smJ0VEa3EPWPjupb2EB-UKFBg75EifDZLYi3oNUuhKEcWfkrxdZTPb_0JlJw_1OsAqJg1uxUFujW_CX_aWeEUObLMIZj0HVH1pOUlAFrgvj-aAu4Zuuf6U3MpegJt2NIliSavvdqbjafGCSDT1lSkec_LHn1dcDEYMRkVZgb99FY6LXDt6uHRs61lq2RI3sEpj-RtjZ2UbRPoaQ_WvNgjfavNl53OqDgctnKKVLaRSs_-CeMa5XEd_Ncj6N2fDTuE-2lizegpYfOf1nDTomlcQY9jJwQImUbC1rxW24cP1ujIuOIkabqrQmlfamgc_rayeyJV1ywEElug_20Fg3JCiDUqrI0ex82C9aUHRT6OtbPLvBsiYD5JWDfGiGMwitvJDyvFl3mvcdaeF5EuI37vWO7Y339zFM2Gf-uzryhlsYBgbxfwqqlJa3rAOIvpGOX7wyWn9t50Em4d2bqB5A7JfoM5q-EjW-PqfGqQohYpUr7GPTZ_Y1OrIbvPOYrYQLcmAnxy0LvfA0wQlMoAzoexby675A9Lxke0_O-FBG63CGql_QTAIU1gObm6QJqFBAh6mdGBBRGMDPJTN9C23mfsdj3rqv7iTyqlOBeYeDoCEcnmGvZBzK9m4G4K0Ka0eyzw3URk_Te7jruP5pcyxQf8TlYPhjtVZqa2SAMrAEPt0Wv5_TfbN5e6jBQlHbmFCVdyH3mw08Fl0AHzPS4nL62uMtfCmEfWpIDY_xhz_QoEcNNlDaj0LSV0EgwKwfSUIyGAsfrOkfLTVoQPm9Pj9jRuL78vyV4pJnxpTOIDfbedadQxJpJIsmGXtZB1uWgDpxbVDLkTNAWgCypNw3BwTloR096cIoC_cflNKU6TMNiVG2sqny60qfPPOMWaB4zgDu5ul4Ji5CeYeYws3-rypT2g4u1ykMKqzvNGFCIKCcHj02SwPoARXy3MTeCLRH258Bk5Xr0gokh2xeBmXMOIHl88ZR-dgW-OvXwkYVr_stlO7p75iC3X_7DZSG-7dj9XF3CziRdeqvEBHFG29grTySXG6oBEY7TLRmGtuo5zrhwQvusC8GWAKYZ0t8z7rkf5iFsVoFzcKl5-K7jHz9pjuzDYVpjnWw-UYdtDivV-6IKLVLzcTR5SGMFoUmAvYxtT3kTRnIEgiO8PDgDrsUg2y9FKC6z3aWRwPE03_MBInR8L2i7YtpYt28MPDiKLm1hd9cYu4T_ap2o8c4WL90S0YYzhnN7Lkwk_5fN2YkgMutNPLTPxCna1-S80rgVV5RWsgg0WYc7VFN1rHg-qDtFkNZhttBDIHzjbXXczATT_WHsnCNcTtIzP7CNXEEE5a0U8r-ij3H9o9eegwVxD__gjCjCYesb9eUiC51LN-Swaffg2clpxwXI77YC6Tzdj5y3aM3d71ovfJa5Tr2-XY8bQRY-JsOpuGDJ8D0oRUZU7GGLVEJjdd6GTaBg9giScZUgTMXkVg39gjLegjssD0dkhEIsEeua00kvOHK1ci7htKrKTz0Q9oEqR_vsPBRhbQaX3Oei9Xf049UUV1Nlq02LwF3To_MoIhkk2T7h_xnzDIvAQn4a2g9bUfRgDphST1ADEXE3h5b67AzExiuElGPl-izCD_J01rtki0-5mdXnhEnIublS8Z3QKu5zCyEriSR1rQx-AoRnngeZoQ1qi6Zsc6Ita6K384VgBy-L2zV3G-oM3RpO8Rap2RXbIeOAgzPqVgZ4YB0a-32lfQSPuWh3fv4DxtkC2X-gZoYdrAR9YHMdOXjSS0zycJ9qDX896ECNUn9RZJ_To-UjnEGMFLw5IXXjaNwB_rwFI2V6dhBnVYGJJyiZAOdfIvMat0bsZeAREt_GFjoD9z0TtZwzaRdBtUYPomi0PP2JebfA&cid=CAASJ-RoeayDVrMwNyuWzd3ziors-3CrTyNQKwVM1qZTvnBUV7PBBKGniw&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 16:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:11:26 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 5B45 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
Origin
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 16:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 16:51:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 5B45 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFPQZBr-f-YpWtcdXH55jl-OLzpB_DNuuqXe0_Mn0w6eczaKtWu9lSljJGIoOn23rF2rK9jT2yuuIA-g559wKFL2SwVH6uJUj5u_403Nf4yOZq4-B2u61Y8MEmPy5QedYYQi_VfSUwhiaHUWowctgljmEBMA&dbm_d=AKAmf-C3SrduWniwdfqRbNz9ZuHUBfRUqZBpqmFAWZdUmLtX_IzY9mGTmRQCZWzuH7c-WVYdS1FtUwbMnCu4Kif2-3RZywL4CgcueuU9695N00q5asSzSLNnQlxMEW110h4OxdJH96JhUQPiIlAktaxqd5sftlaF4CWXslp6zciJAO_ZksDCDidYGwy1SQT0zxShQ7Rc0IM2p6zjttTbZLl-4uAYSTHYQpXjN4gFL2L5f_hBTXTUM7Vm-EyDMslyKK-qOGStfariw9dK3cb4JLXfZYzLq_GShAJ8ovCxtmYHgL7c94JRObeCi004lKWMZBVayN0jo6e9rRuDHoTZ-jr_4DwWiF7uOo-J8QPDl3caRjenziQ5WHs_Ov9bQCV0uETlnvqBCe8GYzSD5b19Xg_vu4g8jZ1VDjRZHoYqeCBry6O5kZe2MgZPJ73HL33zxy7fBTqXDxW1kv89iCfey-hPn6eJFmCHvqOQ6-fG-TSk1D-3J94SfwEgZTRN6tl7x22muZjM0ziWaiLTjqfAypc0zM_c14RO11U2Xk-ckj_DBBmGcf1aY1AF1OhZd4OxvO7I4G9ewDvTM49e0Wwg9OgowK3cZgsWkw7Goa-cn3vNbMus4i7-A11Nzv4YYmOWwbQnXM4Gqebtn5v5WMCy7H9kMrk33keEYKZk-7uz9WbEOyRvLQo5tUg2ToNuC_vSYBAdeFw8K3trt5cz5hzeIuWDVtQZRATvUIKQji_wdRYi4RY0gQwNOX1kEA9g5OGk4X-7H3o8j1dRzmYid6vh35BrCS3p2efZKWleP-AqaAQwP17wkggAyShFDQuvhUqXzcKWqSuG5nygSIIlCoCfAVioJH92SlKQoyvh9NMgIRZGhH2d5t3tvZqoS37UokoT2Hq2bZ7_aRq8cFbGmgMt94tO9btaC1J7L36J_hERG-w20YQ0_wkorphHkGn2V3uJGSjQfFjeIycRmdW2ovwSdmcibw70GIi3z_DVpHGWg7Ctyv8ArIIl80PUmxJHLlDQBPMT1WyktREW-PwGvcjWlVyCqhIiQboXH9K66V8vJjxc_FUag5xtswhdkxNoZ0fwa2Vjo4S4Os64w1eTmSNbis0Iu1DkrGQFlaXA319vkgMww14Res8RkGAL75YKgufH8QKmOwD5pPZCeijzjdthZ1pDyOeJVVS-Bv0ydc92d-YoEb9bDPtab5AGBpZhHOzADDzKSu7rkMorrCcRqF1YgrLG5o7i794IqYA9rKLUHIOShpSo1eBsQu8mP_g6WDGDUcSKsftOwtzCoryqxZ9XHPpFe5lJmUB1KKEHxTCPSonjJ2qCHJWzsDD4j5CbLTq0GP2RgQBxofE_xqsCsvvv8_DklCSLcQ-Sz_Jrq0MPvZRgmzEhVTKMVUJYEqEfkZRAVPo7Rox8kWZV__VlBud2Pvy1RV9vBrxb9TTK-2nHche5l2IKCTPwjApIt2tcyYlh5Lwr75bzaFGOHHN25gR6ofiV2RhFT4e-pJos7d3jEXg6Dnj0hpKhgvEwNwWFnHmSw0rVxQ58kiajcD9m9KBsi4oOeUGny9MCkZ-hTb9yeHra8pTRN-d70haUp7tU9Gt1ocExX5Rmqd_F9S2IowtwAF7z2laslqq7V_3ZXhSuUe2F76Cwvnc2SnQ1gkAPgEjNAxy25gCMhb14Daahwx3aYYPloKmZ1NQ2DzK8IZSs80-DjgD5p5_3-_Pmn_UWWUVcc1jcRW5tDstJB6Tj-wj8w4mJFxBnk7gr0fcGoaygqnlPcrc4Sbyzz6MAK8Ud2DqhufM7VBB_q_RQt1dX8kqPxlkA0PYFYQGpVW2N3qnqqYlj7ANEphX6r_cGDug7qK3PJorkpvvY3WNEDTsTWo5RWo7nn50xncmbEkZq3IQ5P3J8HiqrZd6RlJXH3ZEOgvyPH22RdoALr78i_xQLHpoRfl-_POtovwLWryIRjvWr-loZrsWNSKy2Ovu_VF9XL1uw7XEmBoz9vk8qqYscFyAQLImje2aLwm3c-Ag1GXNfjtYMpNf_6OALU-Tjb-afB6NZo2lHKCnpJ8rp0jk0bu6zeYVjjnvnxAyob-K7lcXw8osM6uBlfNhCK0FCixpXbCIS-ElSyYNJDQZYT58bk3St59u3jrwiHgEoqrzB49JtAYJ_YHI5KXEYxBqZT51vVU-f6kOI0A7B7WK3snA4U7FugvPdwFK21E5lxll5KiWNPJlnBWAphQ5dBgxiKYOo8MVtwfaP4MAc1lXrv87TqaqmfBPGdtWPHNT45Ghbg3n5IZEhUOQWpuW0jftu-23wE1QsjhTbclYKSS6XQ2yhQEMr8tzA9QuY_9woSF9hdLngA_6vUJYuZgImieIq83GQYLpUKZsE72yEmkA0W-o-vw3YcyaE55FrKBCWgAuxKDfSNaVkuQkoSK0qCEN0Sd6bQ_jZDAe-iIsJf0MTXHu-7QaKaLjrSWrKsU9Rr92YOA_G-Uiz_LH0FXzv0P7JqZ0sRnWag9x6eq1NpB6LebOmrL6lAVJRlJpip2yISj6BrWyASuJJxA-ToP8Vxjmebdvl7-p8v8__VRWCIrrVmZ0bqFN8jc646DC0ON1yHUruuixgE_USu7toeeKzbwG_iiGHyZNoAfKdI17LO3EE6lZBJ38sX1K5c7EwYakj090em49BXziykik-isZL48DyeyKmCyJOSV0M9slTgQuqosrawfngk5PF8EnKvHudpDSI69ViEVhPEI9Hb8FSqan7TlmfWfunSIHACGJoZBj5iufPmuuIoWgCj0QXrDTFVSbT8KtHCJ1U7wJjN7LpikJL3DDrqw7GR9wvMZXfXucEyHd7bNTj-rroixKfTHV8gUQEMr4OwT0UPjfelYGOcZ-2LxQrD3ep92vw5Mzu14gwKem8a2yAQyUxFEhiH9mufKcusVTym8L7h0JWUj1TQRWq6D1E3vcqwPtc4T_zvj-rlN4UQWysntWi8nADBgZJHtkwZ4B9nn_lXt2Ky-Qgu31_Pi5Vbh7HDuULrLRVszRM-s5F1EdeeQ2ZkR7gykKDMpJn8iMT3Ivgs7sAQ1A8u10cL21pK-qtDD-kSDxymggvh9ADIQeiAdaNem_QTiw62UmfSbQFucMkvm54-FSkjQaQTjRFv6ZmMHbl1gQXPBN9gCrxBRxMPu_kibG2gzdZ86YxBNb02AkO_E44LiWpVk-YZ9JfucOUd_W0T__qD7iyCSCV0jB5CmBlO8NX7X-JmPpEP_uBPxmOVX0lK-c8p71b1xT8MFSRXbGwAJX4aUtE7bCE1mR0P7tmXcmfBnMgpibr4yz3-iejOZEEtKNBS6k6fCracib9KxgJlhHn5ZB7bfLSKCQI3tEc4vFXGRWOKSaAcNkIO6w7WqWX5SkBiTSkk5KHyaEJIE76s2O-UupAG0DWIip_AjwE_zX6pY0uVuyL1_3ieKZEdOR7u9xGe_w&cid=CAASJ-RorMnGFRlmQ-4iU_oVhWPS9TtUMZIorHPglipUR-1xZ4L8sfNT0w&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:35:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 5B45 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFPQZBr-f-YpWtcdXH55jl-OLzpB_DNuuqXe0_Mn0w6eczaKtWu9lSljJGIoOn23rF2rK9jT2yuuIA-g559wKFL2SwVH6uJUj5u_403Nf4yOZq4-B2u61Y8MEmPy5QedYYQi_VfSUwhiaHUWowctgljmEBMA&dbm_d=AKAmf-C3SrduWniwdfqRbNz9ZuHUBfRUqZBpqmFAWZdUmLtX_IzY9mGTmRQCZWzuH7c-WVYdS1FtUwbMnCu4Kif2-3RZywL4CgcueuU9695N00q5asSzSLNnQlxMEW110h4OxdJH96JhUQPiIlAktaxqd5sftlaF4CWXslp6zciJAO_ZksDCDidYGwy1SQT0zxShQ7Rc0IM2p6zjttTbZLl-4uAYSTHYQpXjN4gFL2L5f_hBTXTUM7Vm-EyDMslyKK-qOGStfariw9dK3cb4JLXfZYzLq_GShAJ8ovCxtmYHgL7c94JRObeCi004lKWMZBVayN0jo6e9rRuDHoTZ-jr_4DwWiF7uOo-J8QPDl3caRjenziQ5WHs_Ov9bQCV0uETlnvqBCe8GYzSD5b19Xg_vu4g8jZ1VDjRZHoYqeCBry6O5kZe2MgZPJ73HL33zxy7fBTqXDxW1kv89iCfey-hPn6eJFmCHvqOQ6-fG-TSk1D-3J94SfwEgZTRN6tl7x22muZjM0ziWaiLTjqfAypc0zM_c14RO11U2Xk-ckj_DBBmGcf1aY1AF1OhZd4OxvO7I4G9ewDvTM49e0Wwg9OgowK3cZgsWkw7Goa-cn3vNbMus4i7-A11Nzv4YYmOWwbQnXM4Gqebtn5v5WMCy7H9kMrk33keEYKZk-7uz9WbEOyRvLQo5tUg2ToNuC_vSYBAdeFw8K3trt5cz5hzeIuWDVtQZRATvUIKQji_wdRYi4RY0gQwNOX1kEA9g5OGk4X-7H3o8j1dRzmYid6vh35BrCS3p2efZKWleP-AqaAQwP17wkggAyShFDQuvhUqXzcKWqSuG5nygSIIlCoCfAVioJH92SlKQoyvh9NMgIRZGhH2d5t3tvZqoS37UokoT2Hq2bZ7_aRq8cFbGmgMt94tO9btaC1J7L36J_hERG-w20YQ0_wkorphHkGn2V3uJGSjQfFjeIycRmdW2ovwSdmcibw70GIi3z_DVpHGWg7Ctyv8ArIIl80PUmxJHLlDQBPMT1WyktREW-PwGvcjWlVyCqhIiQboXH9K66V8vJjxc_FUag5xtswhdkxNoZ0fwa2Vjo4S4Os64w1eTmSNbis0Iu1DkrGQFlaXA319vkgMww14Res8RkGAL75YKgufH8QKmOwD5pPZCeijzjdthZ1pDyOeJVVS-Bv0ydc92d-YoEb9bDPtab5AGBpZhHOzADDzKSu7rkMorrCcRqF1YgrLG5o7i794IqYA9rKLUHIOShpSo1eBsQu8mP_g6WDGDUcSKsftOwtzCoryqxZ9XHPpFe5lJmUB1KKEHxTCPSonjJ2qCHJWzsDD4j5CbLTq0GP2RgQBxofE_xqsCsvvv8_DklCSLcQ-Sz_Jrq0MPvZRgmzEhVTKMVUJYEqEfkZRAVPo7Rox8kWZV__VlBud2Pvy1RV9vBrxb9TTK-2nHche5l2IKCTPwjApIt2tcyYlh5Lwr75bzaFGOHHN25gR6ofiV2RhFT4e-pJos7d3jEXg6Dnj0hpKhgvEwNwWFnHmSw0rVxQ58kiajcD9m9KBsi4oOeUGny9MCkZ-hTb9yeHra8pTRN-d70haUp7tU9Gt1ocExX5Rmqd_F9S2IowtwAF7z2laslqq7V_3ZXhSuUe2F76Cwvnc2SnQ1gkAPgEjNAxy25gCMhb14Daahwx3aYYPloKmZ1NQ2DzK8IZSs80-DjgD5p5_3-_Pmn_UWWUVcc1jcRW5tDstJB6Tj-wj8w4mJFxBnk7gr0fcGoaygqnlPcrc4Sbyzz6MAK8Ud2DqhufM7VBB_q_RQt1dX8kqPxlkA0PYFYQGpVW2N3qnqqYlj7ANEphX6r_cGDug7qK3PJorkpvvY3WNEDTsTWo5RWo7nn50xncmbEkZq3IQ5P3J8HiqrZd6RlJXH3ZEOgvyPH22RdoALr78i_xQLHpoRfl-_POtovwLWryIRjvWr-loZrsWNSKy2Ovu_VF9XL1uw7XEmBoz9vk8qqYscFyAQLImje2aLwm3c-Ag1GXNfjtYMpNf_6OALU-Tjb-afB6NZo2lHKCnpJ8rp0jk0bu6zeYVjjnvnxAyob-K7lcXw8osM6uBlfNhCK0FCixpXbCIS-ElSyYNJDQZYT58bk3St59u3jrwiHgEoqrzB49JtAYJ_YHI5KXEYxBqZT51vVU-f6kOI0A7B7WK3snA4U7FugvPdwFK21E5lxll5KiWNPJlnBWAphQ5dBgxiKYOo8MVtwfaP4MAc1lXrv87TqaqmfBPGdtWPHNT45Ghbg3n5IZEhUOQWpuW0jftu-23wE1QsjhTbclYKSS6XQ2yhQEMr8tzA9QuY_9woSF9hdLngA_6vUJYuZgImieIq83GQYLpUKZsE72yEmkA0W-o-vw3YcyaE55FrKBCWgAuxKDfSNaVkuQkoSK0qCEN0Sd6bQ_jZDAe-iIsJf0MTXHu-7QaKaLjrSWrKsU9Rr92YOA_G-Uiz_LH0FXzv0P7JqZ0sRnWag9x6eq1NpB6LebOmrL6lAVJRlJpip2yISj6BrWyASuJJxA-ToP8Vxjmebdvl7-p8v8__VRWCIrrVmZ0bqFN8jc646DC0ON1yHUruuixgE_USu7toeeKzbwG_iiGHyZNoAfKdI17LO3EE6lZBJ38sX1K5c7EwYakj090em49BXziykik-isZL48DyeyKmCyJOSV0M9slTgQuqosrawfngk5PF8EnKvHudpDSI69ViEVhPEI9Hb8FSqan7TlmfWfunSIHACGJoZBj5iufPmuuIoWgCj0QXrDTFVSbT8KtHCJ1U7wJjN7LpikJL3DDrqw7GR9wvMZXfXucEyHd7bNTj-rroixKfTHV8gUQEMr4OwT0UPjfelYGOcZ-2LxQrD3ep92vw5Mzu14gwKem8a2yAQyUxFEhiH9mufKcusVTym8L7h0JWUj1TQRWq6D1E3vcqwPtc4T_zvj-rlN4UQWysntWi8nADBgZJHtkwZ4B9nn_lXt2Ky-Qgu31_Pi5Vbh7HDuULrLRVszRM-s5F1EdeeQ2ZkR7gykKDMpJn8iMT3Ivgs7sAQ1A8u10cL21pK-qtDD-kSDxymggvh9ADIQeiAdaNem_QTiw62UmfSbQFucMkvm54-FSkjQaQTjRFv6ZmMHbl1gQXPBN9gCrxBRxMPu_kibG2gzdZ86YxBNb02AkO_E44LiWpVk-YZ9JfucOUd_W0T__qD7iyCSCV0jB5CmBlO8NX7X-JmPpEP_uBPxmOVX0lK-c8p71b1xT8MFSRXbGwAJX4aUtE7bCE1mR0P7tmXcmfBnMgpibr4yz3-iejOZEEtKNBS6k6fCracib9KxgJlhHn5ZB7bfLSKCQI3tEc4vFXGRWOKSaAcNkIO6w7WqWX5SkBiTSkk5KHyaEJIE76s2O-UupAG0DWIip_AjwE_zX6pY0uVuyL1_3ieKZEdOR7u9xGe_w&cid=CAASJ-RorMnGFRlmQ-4iU_oVhWPS9TtUMZIorHPglipUR-1xZ4L8sfNT0w&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11778
x-xss-protection
0
server
cafe
etag
15541287485089275602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:35:40 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 4E39 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
Origin
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 16:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 16:51:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 4E39 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0M31Iqh30zTpxTfZtHRy9dXvYye7VdRMXRsFKte-a8qzcsVXwScEI4JhHxuKJFVwLOnQ0FMMxWepw5HOV2YEbjktYYJujb0iAr0lO7G4kPmFHrRW2T14TdsKsLSGAI6r8R3acy069lLkOSOaU27Qwc0DW7A&dbm_d=AKAmf-BW1B09Cxn2GJ57xOOrMKZtk3EcLrAUdnymyuY6pOOVWp78vengZB2hoUm-dWJBp1fpHhjUKvZn0GePu9XWsCPt1JrnOZbOVLSpmUf1IEP9rGYOSgi_CMv4EfGs6R9brNhbyOyJemRnQHCRggBvWg3Coi47yCGCz72TJrujbNb08JjgSs34_5_SPW9zFDVzltwx2_1Ou7uyTMA-H4oFQ1KjgoBkFBjwGDwuMkVH6PZ3vyrh6QziBCfBmXsE2I4G0nXMBHPtc_lIE9-vmgakmLvRORUAQ9SmBI7VSaKd7mkIHliDpJe79MEyHhG6MNb5uP0o0QveVCLKup5quWbTkjcyUdLZeazD0JkIKswShOd8L5TGnn_zEItqAKT1PwNSNrpuoSrN6zhktJF3fp3qVKdHiO0eJ0XnPdt_Ph9q-qot8SIVFm1no8-qR6SE3OGqcBd7oBa4nQDuFTQfJx5QCgYUwYMBPG14jv6s3008k3WvKNJ6SnDW5jdEnz2N2_SxHqgPlj6lTkvbg0xIMi6gOFR7ZC7Lj1_cxJLmQ6mfll9fM_NPM-ss3hvFDMBdCI-uxNDE_Jybl04KzDf1oknTIQ3EL7P5BlhcYHBo6E5gPhms77UPfa8ziMUv2ZmkciKW05B7O7qA_2Tw2XnZRexV6PV9aZsvbL6IhupK605Er3J-VFCcjwb9kBcC0MtD9I07XPjtLn0iZ3l7_R2qAjEuMgjHzXDfkHChnyDdKT6aGJVUiKBIjFcj98N5QF1lWTm7hXlPw_DWRWALnwwKCP-8dwT3FjuF6iQam1FN6VoRv7wUuVlPBsYxc_Kvg-RVvr4Tjz8pojpPGiR3Vb6MHeu2tMFIBHISKd9zhEpFaLuVxDWLY0OKzfuxPRmc-FAT0TGqNSBDF9KYTyfgfxl4XiKSHagpdmc67ixUKutj8olIYMgREJLcyaQG0JhbiBOjJmAlO7iTbUoDMDF2IEQ-5vlkqye1nQuADEL-1rd71HDQhGx39u8GURwQckzt-NMyYQibpvN-OT2AevkDvkmKS4JJ5O4-y8FQjoNVdfNzWsuHCGh-69h35i_Ts7uuee9216HUQ2IPCQMWXJRS5ZFUW4Aa149tT0cNUAQ5NQjnfjzB4RJ9nb7M-IZytIPWCkZqqUeR4SIDGNtI1D6J2uTNN1pLMzyCyd4ImjTwTUSrilku8Uu4nu6lm3g6nO7PM64jsFOOGRMwoOep-1dZ6xB3VceIYD_Afob1qwce15p0OU5z7vTcaVXOCXq1bxgYjb9cid-eQFKX7S_nmHvrbVZgUFPsvSa3hgIp44zHqTYG1FqxQ4EqGRSw1ElDgKUCDkRV22T3BNP6O4zfKx2WoW35gh949WbU6kAW--N1ZGiQi806UeloTT7CZ3ecT8YiJab10RBu9Hl9UDUhlUOX7NxOjPossIz2upqMjMA_MjF5Gbr53XUj-RSMdLTQcxJoZCl6iWQdLhjw7U4qR4OXsa3MHMz6EoQVI0EJ4w9eRLyB2TEWoaNpFAHXts_eXHjh_0pkB3zwU--zXMmvu3cBMqT4a5h9hhgjZsIS9Y1z-GdxY1Jw4XRyKrMiAfbDajYVAlq5_-cvIzD4FzhrKRlcucDBlJxrESEnZPN5Vq8QtZJxiCkZHn79yxgxAP-faXSmhwdFfe5FeeuPiM9529rIPw-bxYNPvXbrzRQ9X_s6MghT-gmWRZCAQE8sMAeECrznSV99FJZ1v9YTBLGQABwYzqp-AFQ1kVUQrdAJgf8ZENuqjYcdCQdWLbBdenPwoWxP56lSbLd0JBQYkeZhNgS-LUuYrBkv8xWjD7IKUQuniQzTvrwZ_9EPYOnP6qg4JNL1yYn4eXsiIyi9drwLF5J1xE58UBsPPcC79FeFho81UHTy34Sscj4H3Hj68uygNgBMIz3DFemKjE0a6tvHAYBRfV6y3xZfUZJGGlhckx23MFgSCxroxIvAybCvD2SO0fs7BEveLsooU16f8C5YwJwTzxsVvBrCYdB6Bexan-U_safNeOVkPmC0EsY1_zPwSs4kDZGnCzUcgpDyaPRIxdfC1Z3-We3VUp_gpqFEWelEHOzCuhwR_LEr415o78phpDWfpyU8qiEdSJ4eL9kuTHOHXDG2rzdei7X4MvSzePvXFoGQoylOG4m2GeBpdPhbPBN5pEaT2U68paUXzo3nXCf6UBehdg4FQ4fv3qCA0gaF-mTCXjkheUX-1xPQF2ClwrWft5Lqh9d0gWbhPuNobHc7K7a9yfDbNO_pYGQMQ2PH4Exig5ZW17npIgYfWj1dCASQQWNOs6vATgY1RcEcu0Wlqgts1w08tjJzLf_NW0siiLJWnrp6FGmR3Hbgt77hY0eMLvk4nG6J3m1nblJ5-hXBnxCFgJ-iNKiwHCtjV0h1b4ojd-kco4qc8Z8tu4glZmvY9NoCQbk5U0KYIFwsfw-6AtaeJy03iAdGJcwNkUR6Q5qkKVhHNCq4g_CxezNb0_8Hytdlish7shH-VvVnvdZKR_Nok_Fc7zoRb938mhFuomYelJreaEVnZOFQZowqn8zvrMhvi-OW4lVKl6Wm6XaMfC9nyNbMTjbwmZzThfTVGjZyq05xjZj3CBqqEEA4MfwImNI79j0SajT8o_FTobZRnkwqFZQKSGZGVmgKMlJLMCGKRz-0z6mbN5J-IpFOFU0ejzSr2PF1wNWOciY9UAwll-Y6fga-Xf4gSy6niOSJYF5ZuQ2j5MzRKFDJrgQOAioZ_TaNyOXRG0Iv0C3x3F2aIkkwz_SiZB3WDjjGHAF6FYHFagvaeXQMnI7VV7ye6ucDHc2nvE4iHoUH-fe1MXc8Q49H_FHHtgWK9mUevmHrjetOHfiFVpPGrVI2GPpYjc8U8lEL6Di6o9eYxIInpklFZ1QV6Rn98H2iMEw9u3FKrJctUcidxtcD9w5H2EsbFxjcrjQzeq1FH5BxtFEd3kf-JQOyEJBXPIsbg2h9t6KNho8tPjbR47GekjGhXemPycq2I5j9u_piNwbOixUsIWzuTpLsvw8LPyg_KPW_P1Snzci58975-0pJGH-xmYDjeEzM_-vblJP6EQMfzMnFQsa_S8CE9-HlxfeI9mdu1sOtCoDKuriUNIGqRE3lwn33MYSSA1TxRMUFsvLRTZGwYjDRxKtAqC4Gfd-Ou0zWP15phMsQgapFeBlAXmhOjOVktlTKruiCZ6OWKJ5ZKcoOtB9YbmoEEqoy0cEs8Hn2A3_jDlKPqYuZ6BxW9Wm6kddiLpQxnW8yoC5kwPYNElLUDWjNrl5hhtlJgtQEoBoTlF4GNBG5yqwT_EON8uDVVVtybYNXECrSrcvjx7cZE3vZFJZem-um7cwoFjakcqCrfr7muNgz_xFnJJyJzdIsu1nARLv7ssN6GXSY9j3bnw296wlwBohHQ1uwW3njdowM23R7N1D2VJIRVofFIbpJrBg&cid=CAASJ-RoPM7XC3VeJ5iRwRDJw-iViWZsJrlzKN9wdOOV8l9yFeZvFSHwTw&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:35:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 4E39 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0M31Iqh30zTpxTfZtHRy9dXvYye7VdRMXRsFKte-a8qzcsVXwScEI4JhHxuKJFVwLOnQ0FMMxWepw5HOV2YEbjktYYJujb0iAr0lO7G4kPmFHrRW2T14TdsKsLSGAI6r8R3acy069lLkOSOaU27Qwc0DW7A&dbm_d=AKAmf-BW1B09Cxn2GJ57xOOrMKZtk3EcLrAUdnymyuY6pOOVWp78vengZB2hoUm-dWJBp1fpHhjUKvZn0GePu9XWsCPt1JrnOZbOVLSpmUf1IEP9rGYOSgi_CMv4EfGs6R9brNhbyOyJemRnQHCRggBvWg3Coi47yCGCz72TJrujbNb08JjgSs34_5_SPW9zFDVzltwx2_1Ou7uyTMA-H4oFQ1KjgoBkFBjwGDwuMkVH6PZ3vyrh6QziBCfBmXsE2I4G0nXMBHPtc_lIE9-vmgakmLvRORUAQ9SmBI7VSaKd7mkIHliDpJe79MEyHhG6MNb5uP0o0QveVCLKup5quWbTkjcyUdLZeazD0JkIKswShOd8L5TGnn_zEItqAKT1PwNSNrpuoSrN6zhktJF3fp3qVKdHiO0eJ0XnPdt_Ph9q-qot8SIVFm1no8-qR6SE3OGqcBd7oBa4nQDuFTQfJx5QCgYUwYMBPG14jv6s3008k3WvKNJ6SnDW5jdEnz2N2_SxHqgPlj6lTkvbg0xIMi6gOFR7ZC7Lj1_cxJLmQ6mfll9fM_NPM-ss3hvFDMBdCI-uxNDE_Jybl04KzDf1oknTIQ3EL7P5BlhcYHBo6E5gPhms77UPfa8ziMUv2ZmkciKW05B7O7qA_2Tw2XnZRexV6PV9aZsvbL6IhupK605Er3J-VFCcjwb9kBcC0MtD9I07XPjtLn0iZ3l7_R2qAjEuMgjHzXDfkHChnyDdKT6aGJVUiKBIjFcj98N5QF1lWTm7hXlPw_DWRWALnwwKCP-8dwT3FjuF6iQam1FN6VoRv7wUuVlPBsYxc_Kvg-RVvr4Tjz8pojpPGiR3Vb6MHeu2tMFIBHISKd9zhEpFaLuVxDWLY0OKzfuxPRmc-FAT0TGqNSBDF9KYTyfgfxl4XiKSHagpdmc67ixUKutj8olIYMgREJLcyaQG0JhbiBOjJmAlO7iTbUoDMDF2IEQ-5vlkqye1nQuADEL-1rd71HDQhGx39u8GURwQckzt-NMyYQibpvN-OT2AevkDvkmKS4JJ5O4-y8FQjoNVdfNzWsuHCGh-69h35i_Ts7uuee9216HUQ2IPCQMWXJRS5ZFUW4Aa149tT0cNUAQ5NQjnfjzB4RJ9nb7M-IZytIPWCkZqqUeR4SIDGNtI1D6J2uTNN1pLMzyCyd4ImjTwTUSrilku8Uu4nu6lm3g6nO7PM64jsFOOGRMwoOep-1dZ6xB3VceIYD_Afob1qwce15p0OU5z7vTcaVXOCXq1bxgYjb9cid-eQFKX7S_nmHvrbVZgUFPsvSa3hgIp44zHqTYG1FqxQ4EqGRSw1ElDgKUCDkRV22T3BNP6O4zfKx2WoW35gh949WbU6kAW--N1ZGiQi806UeloTT7CZ3ecT8YiJab10RBu9Hl9UDUhlUOX7NxOjPossIz2upqMjMA_MjF5Gbr53XUj-RSMdLTQcxJoZCl6iWQdLhjw7U4qR4OXsa3MHMz6EoQVI0EJ4w9eRLyB2TEWoaNpFAHXts_eXHjh_0pkB3zwU--zXMmvu3cBMqT4a5h9hhgjZsIS9Y1z-GdxY1Jw4XRyKrMiAfbDajYVAlq5_-cvIzD4FzhrKRlcucDBlJxrESEnZPN5Vq8QtZJxiCkZHn79yxgxAP-faXSmhwdFfe5FeeuPiM9529rIPw-bxYNPvXbrzRQ9X_s6MghT-gmWRZCAQE8sMAeECrznSV99FJZ1v9YTBLGQABwYzqp-AFQ1kVUQrdAJgf8ZENuqjYcdCQdWLbBdenPwoWxP56lSbLd0JBQYkeZhNgS-LUuYrBkv8xWjD7IKUQuniQzTvrwZ_9EPYOnP6qg4JNL1yYn4eXsiIyi9drwLF5J1xE58UBsPPcC79FeFho81UHTy34Sscj4H3Hj68uygNgBMIz3DFemKjE0a6tvHAYBRfV6y3xZfUZJGGlhckx23MFgSCxroxIvAybCvD2SO0fs7BEveLsooU16f8C5YwJwTzxsVvBrCYdB6Bexan-U_safNeOVkPmC0EsY1_zPwSs4kDZGnCzUcgpDyaPRIxdfC1Z3-We3VUp_gpqFEWelEHOzCuhwR_LEr415o78phpDWfpyU8qiEdSJ4eL9kuTHOHXDG2rzdei7X4MvSzePvXFoGQoylOG4m2GeBpdPhbPBN5pEaT2U68paUXzo3nXCf6UBehdg4FQ4fv3qCA0gaF-mTCXjkheUX-1xPQF2ClwrWft5Lqh9d0gWbhPuNobHc7K7a9yfDbNO_pYGQMQ2PH4Exig5ZW17npIgYfWj1dCASQQWNOs6vATgY1RcEcu0Wlqgts1w08tjJzLf_NW0siiLJWnrp6FGmR3Hbgt77hY0eMLvk4nG6J3m1nblJ5-hXBnxCFgJ-iNKiwHCtjV0h1b4ojd-kco4qc8Z8tu4glZmvY9NoCQbk5U0KYIFwsfw-6AtaeJy03iAdGJcwNkUR6Q5qkKVhHNCq4g_CxezNb0_8Hytdlish7shH-VvVnvdZKR_Nok_Fc7zoRb938mhFuomYelJreaEVnZOFQZowqn8zvrMhvi-OW4lVKl6Wm6XaMfC9nyNbMTjbwmZzThfTVGjZyq05xjZj3CBqqEEA4MfwImNI79j0SajT8o_FTobZRnkwqFZQKSGZGVmgKMlJLMCGKRz-0z6mbN5J-IpFOFU0ejzSr2PF1wNWOciY9UAwll-Y6fga-Xf4gSy6niOSJYF5ZuQ2j5MzRKFDJrgQOAioZ_TaNyOXRG0Iv0C3x3F2aIkkwz_SiZB3WDjjGHAF6FYHFagvaeXQMnI7VV7ye6ucDHc2nvE4iHoUH-fe1MXc8Q49H_FHHtgWK9mUevmHrjetOHfiFVpPGrVI2GPpYjc8U8lEL6Di6o9eYxIInpklFZ1QV6Rn98H2iMEw9u3FKrJctUcidxtcD9w5H2EsbFxjcrjQzeq1FH5BxtFEd3kf-JQOyEJBXPIsbg2h9t6KNho8tPjbR47GekjGhXemPycq2I5j9u_piNwbOixUsIWzuTpLsvw8LPyg_KPW_P1Snzci58975-0pJGH-xmYDjeEzM_-vblJP6EQMfzMnFQsa_S8CE9-HlxfeI9mdu1sOtCoDKuriUNIGqRE3lwn33MYSSA1TxRMUFsvLRTZGwYjDRxKtAqC4Gfd-Ou0zWP15phMsQgapFeBlAXmhOjOVktlTKruiCZ6OWKJ5ZKcoOtB9YbmoEEqoy0cEs8Hn2A3_jDlKPqYuZ6BxW9Wm6kddiLpQxnW8yoC5kwPYNElLUDWjNrl5hhtlJgtQEoBoTlF4GNBG5yqwT_EON8uDVVVtybYNXECrSrcvjx7cZE3vZFJZem-um7cwoFjakcqCrfr7muNgz_xFnJJyJzdIsu1nARLv7ssN6GXSY9j3bnw296wlwBohHQ1uwW3njdowM23R7N1D2VJIRVofFIbpJrBg&cid=CAASJ-RoPM7XC3VeJ5iRwRDJw-iViWZsJrlzKN9wdOOV8l9yFeZvFSHwTw&rfl=1%2Chttps%253A%252F%252Fwww.viva.co.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11778
x-xss-protection
0
server
cafe
etag
15541287485089275602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:35:40 GMT
blank.mp4
serv-selectmedia.com/cdn/video/ Frame 2232 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame 5677 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame 58D9 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame 1E27 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame 41F3 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame 5F76 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame 8427 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame FB21 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame AEB6 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame 2A59 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame 9C9F 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame F18B 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame 53D6 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame 0190 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame C048 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame A380 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame B2CA 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame 5835 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame EA4E 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
blank.mp4
serv-selectmedia.com/cdn/video/ Frame 4203 		665 B
700 B 		Media
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/video/blank.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 05 Sep 2022 05:45:03 GMT
age
21
x-guploader-uploadid
ADPycdt0BwUxXPHnqrAGq3jJEc1E3rVw7F2kCT9UZFSlOv7OCS0IgJhJvV46zGdKTL0Eb6yye0QNm3L35GUl00g42QYWvefl1_zp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
665
Content-Range
bytes 0-664/665
last-modified
Mon, 07 Mar 2022 14:33:47 GMT
server
UploadServer
etag
"f7f20339ab057ced24b02205d581ad7a"
x-goog-hash
crc32c=WemZoQ==, md5=9/IDOasFfO0ksCIF1YGteg==
x-goog-generation
1646663627457276
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
665
accept-ranges
bytes
content-type
video/mp4
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		63 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.46.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-46-176.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
37c37f61c24bf637defc8a3b6b2b65f36c418fbc42f171d02fc5f0407efe21ff

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache
x-server
10.45.1.245
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
5da0696e31f43c9a68313c1cce2754a3166ff9997e5b7b968a505015e0e73c4b

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:24 GMT
hb_310028_7816.js
player.hb.selectmedia.asia/prebidlink/461765/ Frame 4CD7 		447 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/461765/hb_310028_7816.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
1f0aa5d1701197f101192749dabd683261a1f86d4fe54d7134d790994451b68a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 20:02:40 GMT
server
nginx
etag
W/"62fe9ae0-6fb2d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Wed, 07 Sep 2022 05:45:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4CD7 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28557
x-xss-protection
0
server
sffe
etag
"1324 / 191 of 1000 / last-modified: 1662156382"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 05 Sep 2022 05:45:24 GMT
wrapper_hb_310028_7816.js
player.hb.selectmedia.asia/prebidlink/461765/ Frame 4CD7 		791 B
738 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/461765/wrapper_hb_310028_7816.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
9032fd52e1476503fa601ca09f86a3a81f586c668145afb095ce04e369583a34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
last-modified
Thu, 01 Sep 2022 09:40:58 GMT
server
nginx
etag
W/"63107e2a-317"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Wed, 07 Sep 2022 05:45:24 GMT
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=dce12634-2212-42af-bbe8-925f0e70fd45&d2=1662356723&d5=viva.co.id&d28=548&cb=1662356724250-be6326dd-22d9-4167-a770-f5c4ccd231df&e=42
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adj
bid.g.doubleclick.net/xbbe/creative/ Frame DAA2
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1103447/64557517/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CnkAoCZ_4B3sPhPSwLvf-_miE75UPTZhaizLiUY5EbEg7Hp5k3jbtJYk7N5xKle...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CnkAoCZ_4B3sPhPSwLvf-_miE75UPTZhaizLiUY5EbEg7Hp5k3jbtJYk7N5xKleZWXdVGY4zGL0kvLm7gOQD56-rP...
63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CnkAoCZ_4B3sPhPSwLvf-_miE75UPTZhaizLiUY5EbEg7Hp5k3jbtJYk7N5xKleZWXdVGY4zGL0kvLm7gOQD56-rPbqc8ubBE6AX7EU4wQ2TgxqDf4mlI8ptpK20bKgdISt8yLmbVqsIo-4vexCgFzFwjcwA65GuoODPErkUAKAmf-AbxGRy8N8ioiLeLJzOHM80ApxzyNGs_RMO1e--Tyix56cLG-nrhz1YRchn-AQ6O4wVw1tPSV2bJ_g6S1FuK6Ba39RD5hayqTeDkfP9lgo2j2rOSCMpdF9V2ELYbQxyyOND9nTjY50997mUtKVx4GdMXWKNRPUXgIr8jVYh-JEj-eb6dl33nU3V1QXx0y8eXzFJ_U_tgLv-IomjumVpUHCULM1_6TNLG2hlOhl8Qajpep7XRi09WKUysYBj1RhqPoSX46oxbteqXwJ8CQ2kBShFEWsL69ffGy8NWO16XmcLOljPcp2KMj8_DNRukj5JHK8wCJAc5dG6mFyX5YO8MX8nBqk9qRFgFi3c72DEFotEElzUVql9p4iAA6lDP48LPRiM0nbxgale2REfZPQzXwulJzseQYEkikzR8YOeP6RqKMbr7LdEwOywUwtHKHGudMRAQTTcb_6xtIi-tesLvV-olReuNyoEzUrFgtb5LGhbL_SkCsQWHxSQocbqOdiliLGmRFjKiCHdQeuf1Cv4OlD1OLHB52iEybGnPW1xrtZOIhwfZIEqjJVVPCjPWBD2bMBe9DFTFUikF886pYtcoovs4-B5AuM3nuLX9YKndX467WFnYK9I4ZoXa61efOd41xWM77fzGrHm5U21sV8JrwDb9qhRgKKOvgUymGc2qbPEXY5IEyHCo_YfLAsCMo72E6y95BKbEqQZKTHT0OrWSE7QtHhhU65IDp-zLxi93wAw2VPbgVNMGIabk8_oQs6nk4NX6wEeqO11TLaEvbG7HoJrPEEz09wtQdKl0kP6kdeunbmLvtW9QjkPsTfyZwk3Kz3lhpk3PO7BkmM6ScgTQq4A6c8Cp5T1SL7FcIyA8e9NxcyVi3pAHbTQIwW_LhVsghJ4gmBayuqzhcPjrO0x3sW6MTRVhvGZMjRjKbgs1izhlYVeaEy-0RfnxHh-2_T6dnjgfP_iqbWmEn4npCUGJZRlVXxSpX2XeN7vanxH1lC_Ji30tSrFfjvV7OUoBi6n6XIOQ5OT14yBt3g4pDyjBUhJytMCSFQICyNrF19TGrzozJUzA51JPBjljAhWFF2JuicSc39MvMokYx3snVT7h1GFxfJfPyr5p7GW2XDeWAQAL9xohxNAqYndqRw6yI1zg3sYdw08A_FNQSV81rnjrG1-KBcjZOFCXPKU3Ss-zQSYZfFlERdTmvsrI9OhvH67cvKZxcHRSgQMtmpsZderGinC6911I-zOqqpqeSefHqz0UF3xujAJmz0jqADS2lgxpNE9M5TGfz8CJHHHEHp65dbeIHA-GXygJ2Q84LNB3cXgVa7t_L5nV7dxrAfC_E9vwTguQ8QYuK4yqKujOY25P1ig83bY2weHQnhicUlouQ1wTOFLdBtTnsYHunAGL3BKf9PHlioVYIUDO4RDsg_m-BpK2izXJ3kRgAkpPp2hF12kGsvKtl3jo4llhtNdQdqCqJVae1PD_khD0OxvZcIiLF2L6KXPG5CjHnUphmwAxkWWNQWBahY_Iig49bDPXZWrjgnb3ugRqFvJ28VMM-zT1J_4RI3WC29XznrCESfiEz_gH2KpG-aqVUUXdGZ8Gu_m_s1a1OVwRV1NDMGZ8ipUYH7jzTXjMqm1Qr_WGZeyrUbGYLHS87e3N9cExwEAOg6mafGjM9i6fJHvy4AJlJFrZBDc_mX3MmgFl7dTF1oFIlCQrMRDBwTZ3r4JEpzOvim_uM9FnBTbqmttKWzu8-TbYKuf55lP5puLftbuMkNp4RdBvdCzvYU7PMBxo7znT1javU5jdxt5Zoz6PcczQtQPxI8hlQLAj3EJe1X9VAWLJVwCwUl3lph2EpKgvfexPOYcezRlSikkXE1NPMFKINqViGnCloSaS0MW8m89IrQNurZZxiBYVO1P-XIgNnEyzHi4ZbkLRvL1yXD8Ma9KsMuIt6BGnrZdy9XGtDw3iEUjJgzcSqRDfMtFPK4L_kwDkHAjvsaKLmr1Bn-sIvm-659BsE-TgAhKCP_sAdpaCxhgIfBzDK-XdptftmVebT-CiftIP5pgZpyKvGvEHA-1Yggg8B968yDkEuHZliy6FBnvVWEWVpIgdSxvpYrmM3N3fYMxZFEtlHH_yEeYkRi9Y0K2HW4NZlxHlFEWrpZ7VZjH0sTUCUuKPRaRtpT9IMzYJfKVjvqsGQDl5RbEwfNBWESwo4k9rIu2JEJe3ODBLCOZ5xSSZYCDXrm7EaR3TJ-bDyKo-BKzR7lXw0EDvprLbGNCOmllOSfD5wID7xc-m02y14nLiGerUWiFW0kRnUpCveg74EWdZcgQs7R0CCl1DVXVNqwPa_5E3wTmROtlda50-qu3rY_t72pf6QNk7fJNAgr6718MFjxUa-8R7JICSOViD7gtm4pEPm1PUilvO2Wy-gSs0N7ujnBpLej7mcg46rYJq3uI3ON8PZ5v7hZq4ZUwyYo63CaO8PR_HIw-gHf5Ludrnl2Z04V1dONPEczlRa-p1NSW_TDQbnYFH1g6J_slCdUQ_Mnhp-IbVvhg_AOGIpERLTuH8X1VbC-Z-wbMHB9Uanp5RdKFkVy_qG3I_vpZaBhjt0LogpqbA2ptcK1AwTofddV_nK5_4kMWUg6OxGb8FZjtOGuJfmZOXdaLq3GPHKPFjRq3z7MAjKRqJuql03aGQr1xrPcQ5GP3HKMFwF111t80_KOK_H3-UB47-qVFd6hibIMoxy8CviuuG8sI-QZzD8Prr-6XyawQcpqE3fwTUhkLriXaYoheblMQOpbkxRupqPLXzIsB8g9h_ip2tK6tuhCz09DPbY21TodOhRfCjlSHiOUb1O5PHTpwZf83DAbuYECob5hkoBNf4-Ze_aElDg-HBxolWd_NWpzZATWanRROWoBvLG3RpbyDNO-2bDrtKbHQGnC-uFGEnaFhWPyBRwo2vG9SJk-42wbWtUaW4NuBQmn36_9v_eJWD64McGTbmeT2rKGzlu9HS-vwOQkLB6Gw8xGeylaB1jVS7rxT1QiTyvPLS0OjSoqx3LBicD3_di80UzuxO0aQUnUOo9R9No35PdTjDQmlnps0R-bulY3lt10204pMwerRW0iDeaKmeSLalamoJYitipjVNO4cAt_Wz8hRl-wACK6fzl58UBtX1wuX9yFg7nez96yYQm5lr5cXBB3eDRmUL8Q04vpCkjsOxTCwMVRuAEdy7cTPxUPYbzokQH038s-RRCs1_VKn_g3FyCgAJTjVCS3LAlcYvs_bfln_n3x7oN4aZ1yMH7JVVbeyvn5JPCshyil26riv9nELQ1_EBogT4DsWFmFHaEl5kBPPnv6cu5KmgkIQ6qTolbfB6xLbfPMzzYGDmoX6FRjMPlTvoQ3QdG3BshBe6Z5FqbQNT517Lxo_xx3xeTZvJmL4mpMBeUyT0h2PE5mB2MkCn9dED_SDgkp3xwI88UY3mS90NAsPWRRqgr4Gq_btrj7BJITox5fH0EBDR_UEWhQ4fxorCAASJ-RoeayDVrMwNyuWzd3ziors-3CrTyNQKwVM1qZTvnBUV7PBBKGni2AB
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
64.233.184.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f155.1e100.net
Software
cafe /
Resource Hash
26adad5957319e97c300694427022f67b32738a2555705eb495da49eca589e6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22510
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CnkAoCZ_4B3sPhPSwLvf-_miE75UPTZhaizLiUY5EbEg7Hp5k3jbtJYk7N5xKleZWXdVGY4zGL0kvLm7gOQD56-rPbqc8ubBE6AX7EU4wQ2TgxqDf4mlI8ptpK20bKgdISt8yLmbVqsIo-4vexCgFzFwjcwA65GuoODPErkUAKAmf-AbxGRy8N8ioiLeLJzOHM80ApxzyNGs_RMO1e--Tyix56cLG-nrhz1YRchn-AQ6O4wVw1tPSV2bJ_g6S1FuK6Ba39RD5hayqTeDkfP9lgo2j2rOSCMpdF9V2ELYbQxyyOND9nTjY50997mUtKVx4GdMXWKNRPUXgIr8jVYh-JEj-eb6dl33nU3V1QXx0y8eXzFJ_U_tgLv-IomjumVpUHCULM1_6TNLG2hlOhl8Qajpep7XRi09WKUysYBj1RhqPoSX46oxbteqXwJ8CQ2kBShFEWsL69ffGy8NWO16XmcLOljPcp2KMj8_DNRukj5JHK8wCJAc5dG6mFyX5YO8MX8nBqk9qRFgFi3c72DEFotEElzUVql9p4iAA6lDP48LPRiM0nbxgale2REfZPQzXwulJzseQYEkikzR8YOeP6RqKMbr7LdEwOywUwtHKHGudMRAQTTcb_6xtIi-tesLvV-olReuNyoEzUrFgtb5LGhbL_SkCsQWHxSQocbqOdiliLGmRFjKiCHdQeuf1Cv4OlD1OLHB52iEybGnPW1xrtZOIhwfZIEqjJVVPCjPWBD2bMBe9DFTFUikF886pYtcoovs4-B5AuM3nuLX9YKndX467WFnYK9I4ZoXa61efOd41xWM77fzGrHm5U21sV8JrwDb9qhRgKKOvgUymGc2qbPEXY5IEyHCo_YfLAsCMo72E6y95BKbEqQZKTHT0OrWSE7QtHhhU65IDp-zLxi93wAw2VPbgVNMGIabk8_oQs6nk4NX6wEeqO11TLaEvbG7HoJrPEEz09wtQdKl0kP6kdeunbmLvtW9QjkPsTfyZwk3Kz3lhpk3PO7BkmM6ScgTQq4A6c8Cp5T1SL7FcIyA8e9NxcyVi3pAHbTQIwW_LhVsghJ4gmBayuqzhcPjrO0x3sW6MTRVhvGZMjRjKbgs1izhlYVeaEy-0RfnxHh-2_T6dnjgfP_iqbWmEn4npCUGJZRlVXxSpX2XeN7vanxH1lC_Ji30tSrFfjvV7OUoBi6n6XIOQ5OT14yBt3g4pDyjBUhJytMCSFQICyNrF19TGrzozJUzA51JPBjljAhWFF2JuicSc39MvMokYx3snVT7h1GFxfJfPyr5p7GW2XDeWAQAL9xohxNAqYndqRw6yI1zg3sYdw08A_FNQSV81rnjrG1-KBcjZOFCXPKU3Ss-zQSYZfFlERdTmvsrI9OhvH67cvKZxcHRSgQMtmpsZderGinC6911I-zOqqpqeSefHqz0UF3xujAJmz0jqADS2lgxpNE9M5TGfz8CJHHHEHp65dbeIHA-GXygJ2Q84LNB3cXgVa7t_L5nV7dxrAfC_E9vwTguQ8QYuK4yqKujOY25P1ig83bY2weHQnhicUlouQ1wTOFLdBtTnsYHunAGL3BKf9PHlioVYIUDO4RDsg_m-BpK2izXJ3kRgAkpPp2hF12kGsvKtl3jo4llhtNdQdqCqJVae1PD_khD0OxvZcIiLF2L6KXPG5CjHnUphmwAxkWWNQWBahY_Iig49bDPXZWrjgnb3ugRqFvJ28VMM-zT1J_4RI3WC29XznrCESfiEz_gH2KpG-aqVUUXdGZ8Gu_m_s1a1OVwRV1NDMGZ8ipUYH7jzTXjMqm1Qr_WGZeyrUbGYLHS87e3N9cExwEAOg6mafGjM9i6fJHvy4AJlJFrZBDc_mX3MmgFl7dTF1oFIlCQrMRDBwTZ3r4JEpzOvim_uM9FnBTbqmttKWzu8-TbYKuf55lP5puLftbuMkNp4RdBvdCzvYU7PMBxo7znT1javU5jdxt5Zoz6PcczQtQPxI8hlQLAj3EJe1X9VAWLJVwCwUl3lph2EpKgvfexPOYcezRlSikkXE1NPMFKINqViGnCloSaS0MW8m89IrQNurZZxiBYVO1P-XIgNnEyzHi4ZbkLRvL1yXD8Ma9KsMuIt6BGnrZdy9XGtDw3iEUjJgzcSqRDfMtFPK4L_kwDkHAjvsaKLmr1Bn-sIvm-659BsE-TgAhKCP_sAdpaCxhgIfBzDK-XdptftmVebT-CiftIP5pgZpyKvGvEHA-1Yggg8B968yDkEuHZliy6FBnvVWEWVpIgdSxvpYrmM3N3fYMxZFEtlHH_yEeYkRi9Y0K2HW4NZlxHlFEWrpZ7VZjH0sTUCUuKPRaRtpT9IMzYJfKVjvqsGQDl5RbEwfNBWESwo4k9rIu2JEJe3ODBLCOZ5xSSZYCDXrm7EaR3TJ-bDyKo-BKzR7lXw0EDvprLbGNCOmllOSfD5wID7xc-m02y14nLiGerUWiFW0kRnUpCveg74EWdZcgQs7R0CCl1DVXVNqwPa_5E3wTmROtlda50-qu3rY_t72pf6QNk7fJNAgr6718MFjxUa-8R7JICSOViD7gtm4pEPm1PUilvO2Wy-gSs0N7ujnBpLej7mcg46rYJq3uI3ON8PZ5v7hZq4ZUwyYo63CaO8PR_HIw-gHf5Ludrnl2Z04V1dONPEczlRa-p1NSW_TDQbnYFH1g6J_slCdUQ_Mnhp-IbVvhg_AOGIpERLTuH8X1VbC-Z-wbMHB9Uanp5RdKFkVy_qG3I_vpZaBhjt0LogpqbA2ptcK1AwTofddV_nK5_4kMWUg6OxGb8FZjtOGuJfmZOXdaLq3GPHKPFjRq3z7MAjKRqJuql03aGQr1xrPcQ5GP3HKMFwF111t80_KOK_H3-UB47-qVFd6hibIMoxy8CviuuG8sI-QZzD8Prr-6XyawQcpqE3fwTUhkLriXaYoheblMQOpbkxRupqPLXzIsB8g9h_ip2tK6tuhCz09DPbY21TodOhRfCjlSHiOUb1O5PHTpwZf83DAbuYECob5hkoBNf4-Ze_aElDg-HBxolWd_NWpzZATWanRROWoBvLG3RpbyDNO-2bDrtKbHQGnC-uFGEnaFhWPyBRwo2vG9SJk-42wbWtUaW4NuBQmn36_9v_eJWD64McGTbmeT2rKGzlu9HS-vwOQkLB6Gw8xGeylaB1jVS7rxT1QiTyvPLS0OjSoqx3LBicD3_di80UzuxO0aQUnUOo9R9No35PdTjDQmlnps0R-bulY3lt10204pMwerRW0iDeaKmeSLalamoJYitipjVNO4cAt_Wz8hRl-wACK6fzl58UBtX1wuX9yFg7nez96yYQm5lr5cXBB3eDRmUL8Q04vpCkjsOxTCwMVRuAEdy7cTPxUPYbzokQH038s-RRCs1_VKn_g3FyCgAJTjVCS3LAlcYvs_bfln_n3x7oN4aZ1yMH7JVVbeyvn5JPCshyil26riv9nELQ1_EBogT4DsWFmFHaEl5kBPPnv6cu5KmgkIQ6qTolbfB6xLbfPMzzYGDmoX6FRjMPlTvoQ3QdG3BshBe6Z5FqbQNT517Lxo_xx3xeTZvJmL4mpMBeUyT0h2PE5mB2MkCn9dED_SDgkp3xwI88UY3mS90NAsPWRRqgr4Gq_btrj7BJITox5fH0EBDR_UEWhQ4fxorCAASJ-RoeayDVrMwNyuWzd3ziors-3CrTyNQKwVM1qZTvnBUV7PBBKGni2AB
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame D1B6 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
9666651
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
Wdhq6rOHO8n8-DIWqz9bT83X8WTGE_Go6uj3Sp1aj-sOdOpazViOEQ==
view
securepubads.g.doubleclick.net/pcs/ Frame EC20 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBV0iEOBhNgdcXJ6WDG9_2uZ8Ls0EBxroY1bP5-S5SpHlmsSdTJTRPYHU5QCutz0bk4MX6zabJsz3HQ1bl3PG2_rxFKWynx5wrOSfguChy8JvE9lXdGo9uk-eta7xdQrzCz3IZ6XLDLau9M5uCGxhUpbZbtIBcIpLnARdEu3GrXW6rkgJ6cIOTLxOtwo3PNBD5w_nCJojFbDrCxM9MTM0aEljU44vPEdXWQfC2b-PrFQ06vidPrafD6bdFOztAtgUfdN5WYNcO94pSHKBbJ_U2CdcHCWGTS2GsQ2kvpAB8ERqICn9m4BOKdeq88IHXd26qErp20dkGxHHYW5w&sai=AMfl-YSkwPMy9uQSX8jCrGBlUpE3Bn-fVBKXNyxOSUXjTaz8e3OrVJFAW8mdKmiY4lmIdCp3KT6wxUK1eej44BTNyQKO1doxpo9FoxDPawy_JQlpOOgdHYIlO5f4eL08tG63Fw&sig=Cg0ArKJSzGKh2T7ESSZfEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 05 Sep 2022 05:45:24 GMT
dt
dt.adsafeprotected.com/ Frame DAA2 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=bdf84ec0-c8af-80da-7fbe-edae03003897&tv=%7Bc:njEMjp,pingTime:-3,time:103,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:103,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B96~0%5D,as:%5B96~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgxhp3S+11%7C121%7C13%7C14*.1103447-64557517%7C141%7C151%7C16%7C1711%7C181%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:14*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:f6d6:134f:4507:dfcf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame DAA2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=bdf84ec0-c8af-80da-7fbe-edae03003897&tv=%7Bc:njEMjq,pingTime:-6,time:104,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:104,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B97~0%5D,as:%5B97~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgxhp3S+11%7C121%7C13%7C14*.1103447-64557517%7C141%7C151%7C16%7C1711%7C181%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:14*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.viva.co.id*&br=c
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:f6d6:134f:4507:dfcf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame DAA2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=bdf84ec0-c8af-80da-7fbe-edae03003897&tv=%7Bc:njEMkN,pingTime:-2,time:189,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:654,beZ:656,mfA:658,cmA:660,inA:660,inZ:663,prA:663,prZ:670,si:675,poA:676,poZ:703,cmZ:703,mfZ:703,loA:759,loZ:761,ltA:843,ltZ:843%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:189,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B182~0%5D,as:%5B182~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgxhp3S+11%7C121%7C13%7C14*.1103447-64557517%7C141%7C151%7C16%7C1711%7C181%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,sinceFw:168,readyFired:false%7D&br=c
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:f6d6:134f:4507:dfcf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FE85 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
48837
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 16:11:27 GMT
expires
Mon, 04 Sep 2023 16:11:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame A20F 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 9C9F 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:24 GMT
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=640x330&d27=0&cb=1662356724543-a05cf540-b044-4f6c-938c-58dcfbad2e81&e=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=640x330&d27=0&cb=1662356724543-f5a4fc71-6729-498a-a5cf-b0391e831eeb&e=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&cb=1662356724543-0e09f958-aaf1-4452-9e2e-46ab6066be3b&e=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT0zZWIwZWEyMS0wNDQ0LTQ1MmYtOWY4OC05ZjYyYzk0YTgyMDImYWRzMj0yJmFkczM9MCZhZHM0PTAuNCZhZHM2PTAmYWRzNz0xJmFkczg9ZTVlYjU5MDItM2UzMi00YWVkLTg4OWUtMDQwYWI4Mjc3ZTJhJmFkczk9MC4wMw==&adsourceId=3eb0ea21-0444-452f-9f88-9f62c94a8202&cb=1662356724544-9e06aa10-c26f-4622-9ac6-a9f24a851ea9&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 2232 		36 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=485509&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2219d97550eda673%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri%22%2C%22domain%22%3A%22viva.co.id%22%2C%22publisher%22%3A%7B%22domain%22%3A%22viva.co.id%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%227.9.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22about%3Ablank%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22video1%22%2C%22adunitcode%22%3A%22video1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221a3f2f2697b6e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22485509%22%2C%22tid%22%3A%2259405cc1-70bc-4eb1-b75f-ffa0476f8ac8%22%2C%22sid%22%3A%22448x252%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22placement%22%3A3%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A120%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B448%2C252%5D%5D%2C%22w%22%3A448%2C%22h%22%3A252%7D%2C%22bidfloor%22%3A0.4%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22selectmedia.asia%22%2C%22sid%22%3A%2259c90be728a061224b14efc8%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3099d1df4f87199cfd5ba727f0fc5e148ce33ab9d8ffb146ade89bb4abe65a38

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10PeU4mNh1%2BIhtmAr4JdeSMr9NniHUlj39G78pAMtbMkJhRNHkZ2ET5igCsu1c8PvKcUoj2fablaYurG%2B0QeXqhpSUdBDFun%2FYfO0z%2FDozKy7%2BR4lxrCdkWPmFVEFASwgwHg5%2Fht"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
745ca898abe291f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT00M2I4YWNkOC0zN2FmLTQ0OGMtODlmOS0wMjRlY2U1MDRlMTUmYWRzMj0yJmFkczM9MCZhZHM0PTAuNCZhZHM2PTAmYWRzNz0xJmFkczg9ZGJiYTg3YmEtYzkzNS00YzZjLWI2MTItNmZjYjFkY2VjODQ0JmFkczk9MC4xNQ==&adsourceId=43b8acd8-37af-448c-89f9-024ece504e15&cb=1662356724544-c1ab15e0-52db-4251-b7fa-46480befb633&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 5677 		19 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:24 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
a63a06ec-d27e-4eb8-b645-04516dde7040
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.viva.co.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1lNDhhZGI5OC00OWIwLTQ0MzUtOThmYS02NjExZDQ2NmExODgmYWRzMj0yJmFkczM9MCZhZHM0PTAuMzUmYWRzNj0wJmFkczc9MSZhZHM4PTA0YWIxNDlmLWE5MzAtNGE3OC1iN2IwLWQ5MDQ0MDQzN2NhNyZhZHM5PTAuMjU=&adsourceId=e48adb98-49b0-4435-98fa-6611d466a188&cb=1662356724545-2e5c32fc-5fa0-4416-9d1c-5824bd9beca4&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 58D9 		173 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.57.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-57-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6f2f449040ae8f04c199677e26d75732477bcda2d8bfa06312216df67434710c

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT0zZWIwZWEyMS0wNDQ0LTQ1MmYtOWY4OC05ZjYyYzk0YTgyMDImYWRzMj0yJmFkczM9MCZhZHM0PTAuNCZhZHM2PTAmYWRzNz0xJmFkczg9ZTVlYjU5MDItM2UzMi00YWVkLTg4OWUtMDQwYWI4Mjc3ZTJhJmFkczk9MC4wMw==&adsourceId=3eb0ea21-0444-452f-9f88-9f62c94a8202&cb=1662356724545-e3850ba4-e98a-447f-9af9-105f4bd373d7&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 1E27 		36 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=485509&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22118811b2c213ce%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri%22%2C%22domain%22%3A%22viva.co.id%22%2C%22publisher%22%3A%7B%22domain%22%3A%22viva.co.id%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%227.9.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22about%3Ablank%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22video1%22%2C%22adunitcode%22%3A%22video1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222e9f98142d6bde%22%2C%22ext%22%3A%7B%22siteID%22%3A%22485509%22%2C%22tid%22%3A%22ec98c409-a4ef-4a5b-ab6e-50f590fe55b5%22%2C%22sid%22%3A%22448x252%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22placement%22%3A3%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A120%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B448%2C252%5D%5D%2C%22w%22%3A448%2C%22h%22%3A252%7D%2C%22bidfloor%22%3A0.4%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22selectmedia.asia%22%2C%22sid%22%3A%2259c90be728a061224b14efc8%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a037ee1ccea384096d351e51889a72902058b870f9dcbbeb4603c9100f62ea

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1OV3tw0UHs289EJfl9Ojj%2BL9EVunquxRipySYTXWnZ%2FgXuxEnzmAg7IuwZqV4eNn%2FFx%2BzRuan9lNXrd8qsQ5A%2FpFUqBx%2FjC8n7z6DitupmwqHOGKvo%2FXMGWzllHVYe0e8ODuL7d"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
745ca898abdf91f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT00M2I4YWNkOC0zN2FmLTQ0OGMtODlmOS0wMjRlY2U1MDRlMTUmYWRzMj0yJmFkczM9MCZhZHM0PTAuNCZhZHM2PTAmYWRzNz0xJmFkczg9ZGJiYTg3YmEtYzkzNS00YzZjLWI2MTItNmZjYjFkY2VjODQ0JmFkczk9MC4xNQ==&adsourceId=43b8acd8-37af-448c-89f9-024ece504e15&cb=1662356724545-5ed6f3f4-68c9-419b-b2d8-34ca9c42e1fe&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 41F3 		19 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:24 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
9641af66-ba37-4f54-87b1-16629c9ff177
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.viva.co.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1lNDhhZGI5OC00OWIwLTQ0MzUtOThmYS02NjExZDQ2NmExODgmYWRzMj0yJmFkczM9MCZhZHM0PTAuMzUmYWRzNj0wJmFkczc9MSZhZHM4PTA0YWIxNDlmLWE5MzAtNGE3OC1iN2IwLWQ5MDQ0MDQzN2NhNyZhZHM5PTAuMjU=&adsourceId=e48adb98-49b0-4435-98fa-6611d466a188&cb=1662356724545-9879e59e-c6e1-4824-bf90-8d7229e5bf21&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 5F76 		173 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.57.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-57-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1f8e0192c92e7c35ad7a22c9ede7eb484655b660a33758c1ef82b670a50b1a79

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT0zZWIwZWEyMS0wNDQ0LTQ1MmYtOWY4OC05ZjYyYzk0YTgyMDImYWRzMj0yJmFkczM9MCZhZHM0PTAuNCZhZHM2PTAmYWRzNz0xJmFkczg9ZTVlYjU5MDItM2UzMi00YWVkLTg4OWUtMDQwYWI4Mjc3ZTJhJmFkczk9MC4wMw==&adsourceId=3eb0ea21-0444-452f-9f88-9f62c94a8202&cb=1662356724545-24b2ad0b-5cd6-46fd-b136-fc3e363c01d3&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 8427 		36 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=485509&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2218693ba11318fe%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri%22%2C%22domain%22%3A%22viva.co.id%22%2C%22publisher%22%3A%7B%22domain%22%3A%22viva.co.id%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%227.9.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22about%3Ablank%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22video1%22%2C%22adunitcode%22%3A%22video1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22214678d6b38aea%22%2C%22ext%22%3A%7B%22siteID%22%3A%22485509%22%2C%22tid%22%3A%22b655de53-7c52-4b11-8452-bd17800b8063%22%2C%22sid%22%3A%22448x252%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22placement%22%3A3%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A120%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B448%2C252%5D%5D%2C%22w%22%3A448%2C%22h%22%3A252%7D%2C%22bidfloor%22%3A0.4%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22selectmedia.asia%22%2C%22sid%22%3A%2259c90be728a061224b14efc8%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4c8bb2f240eba7ed155da7bab290ec400936a4276d0dc29192cfddde025eb48

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BBiJR4gx4WbLznvL2X%2BHDKdxqk0pnvyjJf5BIxMuYb7S3UYHA5kqublc8e%2B2iR%2FWJlHqU2wn2u2TJUbht6eCBfqjCV3Zn7F1c1cx6ZgXLlCvrPt1OasK4ZUGyFQiK02A0tPyqkW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
745ca898bbe991f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT00M2I4YWNkOC0zN2FmLTQ0OGMtODlmOS0wMjRlY2U1MDRlMTUmYWRzMj0yJmFkczM9MCZhZHM0PTAuNCZhZHM2PTAmYWRzNz0xJmFkczg9ZGJiYTg3YmEtYzkzNS00YzZjLWI2MTItNmZjYjFkY2VjODQ0JmFkczk9MC4xNQ==&adsourceId=43b8acd8-37af-448c-89f9-024ece504e15&cb=1662356724545-5269e7a8-9ffb-4bc9-8337-843b7c972751&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame FB21 		19 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:24 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
75bcee28-0a68-4699-9919-ce5941c35ed9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.viva.co.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1lNDhhZGI5OC00OWIwLTQ0MzUtOThmYS02NjExZDQ2NmExODgmYWRzMj0yJmFkczM9MCZhZHM0PTAuMzUmYWRzNj0wJmFkczc9MSZhZHM4PTA0YWIxNDlmLWE5MzAtNGE3OC1iN2IwLWQ5MDQ0MDQzN2NhNyZhZHM5PTAuMjU=&adsourceId=e48adb98-49b0-4435-98fa-6611d466a188&cb=1662356724545-2cfaa4ce-6e25-4c34-8eca-6b5db793126e&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame AEB6 		173 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.57.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-57-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c8f960f9283f98e40e891b4b7009796ff82c7c4dae6beebb6a5b19876d4ad061

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT0zZWIwZWEyMS0wNDQ0LTQ1MmYtOWY4OC05ZjYyYzk0YTgyMDImYWRzMj0yJmFkczM9MCZhZHM0PTAuNCZhZHM2PTAmYWRzNz0xJmFkczg9ZTVlYjU5MDItM2UzMi00YWVkLTg4OWUtMDQwYWI4Mjc3ZTJhJmFkczk9MC4wMw==&adsourceId=3eb0ea21-0444-452f-9f88-9f62c94a8202&cb=1662356724550-e9f193b1-49bd-4f16-8e87-a6c8be930022&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 2A59 		36 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=485509&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221ccb39790ce097%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri%22%2C%22domain%22%3A%22viva.co.id%22%2C%22publisher%22%3A%7B%22domain%22%3A%22viva.co.id%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%227.9.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22about%3Ablank%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22video1%22%2C%22adunitcode%22%3A%22video1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222b15d3482b21ae%22%2C%22ext%22%3A%7B%22siteID%22%3A%22485509%22%2C%22tid%22%3A%226614cafd-71fd-46a9-9bda-a2e63c5ae765%22%2C%22sid%22%3A%22448x252%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22placement%22%3A3%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A120%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B448%2C252%5D%5D%2C%22w%22%3A448%2C%22h%22%3A252%7D%2C%22bidfloor%22%3A0.4%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22selectmedia.asia%22%2C%22sid%22%3A%2259c90be728a061224b14efc8%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f775b8b484fd003de513de74bd16c2e1fde07790eecdaaf9f9e738bffd0a7223

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FuktaJ9dvVygNy9G2gI0dgu%2FvRKlTFCnyWmMVkHPf0k0ZwA5QfG1kPbL59kQMuL%2BTK5FsNBFFm5Bm%2F7THz0CaI9ePNjAzKB6SCXDoIKQhBeM%2FTc4zcuVEFQs36syFm5Fw0N2y5I"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
745ca898cbf291f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT00M2I4YWNkOC0zN2FmLTQ0OGMtODlmOS0wMjRlY2U1MDRlMTUmYWRzMj0yJmFkczM9MCZhZHM0PTAuNCZhZHM2PTAmYWRzNz0xJmFkczg9ZGJiYTg3YmEtYzkzNS00YzZjLWI2MTItNmZjYjFkY2VjODQ0JmFkczk9MC4xNQ==&adsourceId=43b8acd8-37af-448c-89f9-024ece504e15&cb=1662356724550-20dccde4-08e5-4562-815d-f8c56eb6a723&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 9C9F 		19 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:24 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
98be2a93-da5d-4556-bd4f-92aadb11f233
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.viva.co.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1lNDhhZGI5OC00OWIwLTQ0MzUtOThmYS02NjExZDQ2NmExODgmYWRzMj0yJmFkczM9MCZhZHM0PTAuMzUmYWRzNj0wJmFkczc9MSZhZHM4PTA0YWIxNDlmLWE5MzAtNGE3OC1iN2IwLWQ5MDQ0MDQzN2NhNyZhZHM5PTAuMjU=&adsourceId=e48adb98-49b0-4435-98fa-6611d466a188&cb=1662356724550-d1b4c739-4251-48c5-b64e-5d0992b06b56&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame F18B 		173 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.57.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-57-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
877ec4d265efd67e858af4c033447928e2f2b40e142396e535320c7cd3779735

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT0zZWIwZWEyMS0wNDQ0LTQ1MmYtOWY4OC05ZjYyYzk0YTgyMDImYWRzMj0yJmFkczM9MCZhZHM0PTAuNCZhZHM2PTAmYWRzNz0xJmFkczg9ZTVlYjU5MDItM2UzMi00YWVkLTg4OWUtMDQwYWI4Mjc3ZTJhJmFkczk9MC4wMw==&adsourceId=3eb0ea21-0444-452f-9f88-9f62c94a8202&cb=1662356724550-b7083bd6-da58-4620-98ce-f406a2e2344b&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:23 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 53D6 		36 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=485509&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2214469c408a47d9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri%22%2C%22domain%22%3A%22viva.co.id%22%2C%22publisher%22%3A%7B%22domain%22%3A%22viva.co.id%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%227.9.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22about%3Ablank%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22video1%22%2C%22adunitcode%22%3A%22video1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220fbb0ab3dc18f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22485509%22%2C%22tid%22%3A%22d17a30be-cc89-489e-b77e-f0b8525e863d%22%2C%22sid%22%3A%22448x252%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22placement%22%3A3%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A120%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B448%2C252%5D%5D%2C%22w%22%3A448%2C%22h%22%3A252%7D%2C%22bidfloor%22%3A0.4%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22selectmedia.asia%22%2C%22sid%22%3A%2259c90be728a061224b14efc8%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc2fee3ffcb45713946f7e388d16766c366db4c55a9478125a3fbfa94fda576

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2F40oz5oYOwAiobDKkekHoyObKn0C%2BhkTIfPLKef5uca%2BSdxhKEhBbbel61slQyh18pU2hn1Zek2UJpkF6olUtnmgkXzVwIVNkeg3FQNlMpeu%2BLULPzzUpFSOtkl3UfDMWQNLycL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
745ca898dc0591f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT00M2I4YWNkOC0zN2FmLTQ0OGMtODlmOS0wMjRlY2U1MDRlMTUmYWRzMj0yJmFkczM9MCZhZHM0PTAuNCZhZHM2PTAmYWRzNz0xJmFkczg9ZGJiYTg3YmEtYzkzNS00YzZjLWI2MTItNmZjYjFkY2VjODQ0JmFkczk9MC4xNQ==&adsourceId=43b8acd8-37af-448c-89f9-024ece504e15&cb=1662356724551-4f4ab5e0-761a-499a-bc4b-ec6afd29f575&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 0190 		19 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:24 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
60d0d1a2-381e-4cd5-9ade-25eb9122140f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.viva.co.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1lNDhhZGI5OC00OWIwLTQ0MzUtOThmYS02NjExZDQ2NmExODgmYWRzMj0yJmFkczM9MCZhZHM0PTAuMzUmYWRzNj0wJmFkczc9MSZhZHM4PTA0YWIxNDlmLWE5MzAtNGE3OC1iN2IwLWQ5MDQ0MDQzN2NhNyZhZHM5PTAuMjU=&adsourceId=e48adb98-49b0-4435-98fa-6611d466a188&cb=1662356724551-7dc941e3-8bc8-4482-8c20-84e8b95ecae8&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame C048 		173 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.57.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-57-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de57c3f8454642cb36158676bbde860cb45c88bc175ba4e88afd9b77df36c83f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2232 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
RqY5CEOozJMXf94fji_Rs2FlLFK4OgNLAxkZ-AAKQiwKnw9tVle4SQ==
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 1B4F 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 2A59 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:24 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 58D9 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
qJY0iKmUXL828zM0Ky5pHc3RNy58heUs_6CYdPdfYJtfpCtdl5W3hQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5677 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
SZE2rFkGmIpYwNd7cohG_v_kXP3v2sl5uVo6nsGoO0nFT9W_nPHbLQ==
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 7D9A 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame FB21 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:24 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 1E27 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
Ksro31n0HW8dR6DeK8ixfD0im63D7n_AZPdb2KIKfUSDmN7v9RTFvQ==
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame E92E 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 53D6 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:24 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 8427 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
VnPJooVwmxJrUjoszQDA3WjyIOwLKF0tAKdcCgRqQPiQ_w-ARxaMbw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 41F3 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
mQVo5fEgG1V5L93FAXG9U3NSinHY_kfBuWNGSJLGd7np7D0YhsEX3Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame FB21 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
eaTVc88PMIFQyrRn1yJHoSzpIQMxOi_2Or8eR_HM8kKbjjchaIkXfg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame AEB6 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
LrrMPkgsPYqr02wMFrLGivSirbRfi64YW9dKp42_IXbibI6N9e2JUA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2A59 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
di_mm5wVOrI9A_SrTZ7Hnlu1wEw6D3LrFq8h2tAOk7xXYmWhWaoCEQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5F76 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
u0jOuoqY7Teu1MnGhjrzDp7-AKxvfNFnEZorv1h_GocZGRdT_8Pxvw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9C9F 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
3DA55TGsSNi50TnzZwMQBUtxCWfyCdOjV_9Uv2IvKfewxdy4KyBYhA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame F18B 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
t_opxmSkORWXKN__e-73wHAAWZBp6ktN79YbvbmF14xwNelOUjc8BA==
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 957D 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame AEB6 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:24 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 7182 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 41F3 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:24 GMT
truncated
/ Frame 41F3 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/gif
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 30C8 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 2232 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:24 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 8539 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 5677 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:24 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B2CA 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
dAp3UIoxXBPhtjkeBTjL2X9B4NDtPK5CDM9QriFmzw7-ZDrB4Lol9w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame C048 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
fChOMXjopjovGMVXY9UydsfbPGT-9eWU4OaXKgJg8PpB-F5MJWDB9g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame EA4E 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
fdB-SXGxFlK4ltxue4XPmqF8wtMi3j-XWryBodPEd639xEs63p2hXw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0190 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
aMwCbUlKc7MJ4nz_JUGPYFXgZ02CPprScxr43mmJlHTP3k45Gdzh0w==
index.html
s0.2mdn.net/sadbundle/8828632559684167007/ Frame A4F4 		36 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=Z3RElsA5jW&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
748646bc30925c61574071e2cfe947ece6be153f4d4e4b5d1d192cbe2f5e6cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:24 GMT
expires
Tue, 05 Sep 2023 05:45:24 GMT
last-modified
Wed, 05 May 2021 19:27:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5B45 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvP2d7_2mqg7nhUgSdCN_hdnRoRVbZAVF3nG5oqrQ5lHfO_8S9bLf6VBZ49f52tbbb6JVSiRJB3avHoL7D3EUClFys_YCmmYYserSaCbrZGSWnhZsFytC6mChzzzyLyIrPwC11pS_iv87Ci9hOaqkj6DaL-qqo4MsQYqW_cM1efnTkwozrd0mZikfGyZ2BhbCwSQ8RS0RVrjn_N9zx1Rx2ojDHg9mXqo7-cTf4zln1RPJ6f16dq1tKPq0AhFmysJP2X9tKJh0znOlXCZhnE8R4qhSDMifctTz6QUXJ_ufk_RfbOgPo9k67ts0NKPwPh8KykmGAAcxPohwuc3IyxLu4mCSUbbemuIl2EGm-pwBt8VBn6Yx8br_jM6Y7JsTamkh9O6L5IwRHtJmO5HVDO6h_lihNkM8B0Txq44GswH5G8cuXvvpK2vV0G7ZKy1HPkgE8LnmQGxrZUM17NEAlTQOmtvakwMxumwM0caiw5wN1yrZLIDRv10irHNFIN24AMWJPbGwGl-TOBglgqhCFeBW_NHKT911kX5M8REr3WgS49YBT0dICO1fdLAAvnNeYPKwPqtPxZJLXxYMKN958lDR0IT4KI_yfd5qSsQ5SQcabcoy9rGq9jA-U10_oylHtOxIrvl5eTsOGwPD68CXmVPfwdjfKqi8T5_tno2cUgyPzByo-1RpXo6830E_H5xebRkOdN7XcQ4UGWEKmDxzleVS74s6kcS5DHxYRxx-fKLmMIxT-qjA_CPB0R7yp1fhqM1ykUgB5p5o-DIgwsP7jFEEf3-cVRsi7nIA8BTFiWzKq8BPsYCtOy1Ztwjn3BrDR7IIjoQc0SB7fsZ3pJqBoMRKZUj0fxygdMjFfU47QwmHl_iURfSl3ucjlrs0P3knn-FvIrmaSx1t_TWO8cFmIR901DON1INoVdnaFJDUmh89fJ8_iHgiV61K0WY41zfkUABDuVfpeJOP12eZCZ5PzCq-9U3vPL961r36u2HRKgj7BbEE5xJWzBC8wkzliBTsKzoJ3QzwecUwfs5IFjHj-gbvqQqppTIyBQra6oRNHZ_9y8HIvy04Wlesg0ZUG4Z_7blTFbLc4MBiR_4DUCa1piIwfJkUmeYN0b_AEecoRhqUAgbBg1SBpbj60CpPR9imw2-yac3u3I2aqu3n8LlzGD4XNWmx56Y13Of6wuEJ5D7SbUe_h39rRd36dGByzHNJJK-U8_45eTC3CpCW-N&sai=AMfl-YTD4jHBI65o1__SrPPkA85ndQgAWafYcZgaNgKY1nUQobpiLp6lGzOO34mGGmly-QIreu4FP_SK84LqCRKxWN4BLimFFVLq8cOhgwlcS-7JnKrCn69xXHIBSW3OlXNJ586zzxWxuskb987dQDHa1b2PeBBUXL7zyVetWpjzAjjiX4Sr5Hhn2M3SpYI65FbxtEGP9k9QO7QasoBOzt493x-ClHnoCjw&sig=Cg0ArKJSzN1qW_VHvht3EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=627&cbvp=1&cstd=622&cisv=r20220831.16668&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 05 Sep 2022 05:45:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ai.aspx
m.exactag.com/ Frame 5B45 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008209757&extPm=431953134&extCr=17933170054&gdpr=&gdpr_consent=&rnd=1629583566
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
X-ET-Code
0
Last-Modified
Mo, 05 Sep 2022 05:45:24 GMT
Server
Microsoft-IIS/8.5
Date
Mon, 05 Sep 2022 05:45:24 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
923
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
firstevent
skydeutschland.demdex.net/ Frame 5B45
Redirect Chain
  • https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=1629583566&gdpr=&gdpr_con...
  • https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=1629583566&gdpr=&gdp...
42 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=1629583566&gdpr=&gdpr_consent=
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
34.247.103.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-103-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v038-0f7693ade.edge-irl1.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/i6T8kpcQGw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v038-0ca6c1a1c.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
EBeKG4nTS/4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=1629583566&gdpr=&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A380 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
heP4QkIFdN6uWG-xXWnUdn_teHLjmzrHwu2sIHmp0qTV0a4G9qwggQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5835 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
w1WchDuMjFLoWrLqqMEbSBHvOBjbpooNrys2D9ioHxZfmgYLkfVKdQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4203 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
x1SJMqsVEIkE8jfGUS9p3JqQLGTAfC-qi2iacuxGp1VK1FlEpY-W_w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 53D6 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14236
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 01:51:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
3JNhUT9kcEdkH9tB9F8owycr5Pkyp_Wgg_X3ymQFRE56FRZ0MexNmA==
index.html
s0.2mdn.net/sadbundle/8828632559684167007/ Frame D1A2 		36 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
748646bc30925c61574071e2cfe947ece6be153f4d4e4b5d1d192cbe2f5e6cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:24 GMT
expires
Tue, 05 Sep 2023 05:45:24 GMT
last-modified
Wed, 05 May 2021 19:27:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4E39 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvaAp_BGQAJwE2IEMXLWXZEWh0JjoYK1yOn2CQXcQX9f3RHYFicjvVmqs-rj8cS2ID-IWpkFVKLdN7_oHu8L2IIxI7-c-KxNJQweU9UCKO5Qms1_T01XNhita4iW0XlSGVRTnl2TCHa_EPjK12gD8lEnAhWAOe8gEXCTDwGzbWie6LYq6xW7oSNT3kKatTRkUA5UwF6vcWce65Xsvb9Kyq_soxNLfV7Qf-hnynyFfz095ddRlaPkQaeq6-ShUrLxLFUN2jaW1AmGhbjm-p4WZ1qxWxvLHdwNBOGGBNgVcTa9dMFUKiwVCGGhxPVIMEvu-LxggjaDPu80OxfnvTgOxADliL_HHivTtdzO-lZaJ8mgDXmzMisyWg4GsJCfKPqfnayL_PBB5dgMdNC5y3i018TP0JgG3nQqQCpW7bm9vCILDYl2NMDGXlmvgiZcN18E96gPSMbQ_z0LS9xUQu-2axF8Ut_8pvntXnF83n0Qv2ELRtK1PywwhTiuIYTmuz7KsUToDy7cNE4_LIqkKH137zCGN1gHUnUWuv5hEZQujFEcSObU_2rGXBQlit2dTEsRBIaYLlaNUII9XhzrxvAENbNIg6HFpnADl0Ib293GuRm-xdShntMjo-HebXDuXf4K9BzKmgWvSUcE1vjtTY8mdF2GeI8Q8mXYHw8eTSssvoxGB3GF8rrFRdUNjz3fXFBXFI4Cvn7laH90lzqMO417nOyXeZsV4oBcPgTFbzR-u6gtBRzTIVBvucSz9nBDCtLyAF95VXO4oXNjZyDsM5DiFNPO7n1X-vhZ1lvyKPydN0pTld1-WLTPjjwTXY2yTkrENToJJJKd4YwQAEpfFw5HbNhnjl6UxeCF_u1kVF9Qt2HBacO1Rd_WLN24XFVZVvmkZJwpwbfFOEiSRrQv2oqKvvP7ORWrtFtYXy21jgh-dQXNndJUA2OeWj5-NlR6jrwxCloIP912QbBSx1bLgiaPDFeoFUM3Im-fy5scFN4AIXAajMFikRzDl43leP1TknUo0YtrhDpSP4aK9ZhgNaNF37BDZUnEKjmfoL6Wz_NYUcrlCQJRQMnhXReuZhLU-iyH1xIK_G1I2_htq3HCdZ-QtS9oZxX-rtqXILwEwqfauKb2qf_nVzq5FhPKCU4AyT96pEKKCA4pQTbqFWTJ5Rjy-OU4pCF6zUg6RC7yDCx7LEbJxefJ_geTbU67MaMXRFaJXXlq0KwBigFR2zz&sai=AMfl-YRM69IR1-HX91GgsU4Jcx6f4BzHDLBOKblPpxqzVFMhOohrBh5hZ9gLlN8q56TS6FhKSwxekmY331yMHCbwkP4xZj33CwyOybgvw_XcQosWA1DG7jFmjnkGRj7VhWaS2jtirk9Fcg75Q6GbETSyihmIH8lUXnJ3Q5k-N9z1NL3lZGl3F1MorSzEe4bbRWI8psvvLFH-PUCfx3YtgtuDdWOqb4AyE0s&sig=Cg0ArKJSzAxS3c2jI6EdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=657&cbvp=1&cstd=653&cisv=r20220831.92045&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 05 Sep 2022 05:45:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ai.aspx
m.exactag.com/ Frame 4E39 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008209757&extPm=431953134&extCr=17933170054&gdpr=&gdpr_consent=&rnd=3731867320
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
X-ET-Code
0
Last-Modified
Mo, 05 Sep 2022 05:45:24 GMT
Server
Microsoft-IIS/8.5
Date
Mon, 05 Sep 2022 05:45:24 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
923
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
firstevent
skydeutschland.demdex.net/ Frame 4E39
Redirect Chain
  • https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3731867320&gdpr=&gdpr_con...
  • https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3731867320&gdpr=&gdp...
42 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3731867320&gdpr=&gdpr_consent=
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
34.247.103.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-103-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v038-09dbff21a.edge-irl1.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
KRXmKcewTLg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v038-02137e098.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
1zPoHOnaRtI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3731867320&gdpr=&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5B45 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 16:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:11:26 GMT
truncated
/ Frame 5B45 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
590203f5e058dbe831f7b0ef61c7f881ea1057d2fa26cd99d6e3ab2a0f2ff585

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4E39 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 16:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:11:26 GMT
truncated
/ Frame 4E39 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c6ab2e21b02f2aea633cb0449cb9077dad5a5c6eb1597f3bbe7897906cdb559

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 566C 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 5F76 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:24 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 9AC7 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 58D9 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 41F3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?aot=ob&tte=f&lid=158&sdkv=h.3.528.0&e=44750822%2C44754420%2C44760950%2C44765701%2C44771872&id=ima_html5&c=1606388517090640&domain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4E79
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:25 GMT
expires
Mon, 05 Sep 2022 05:45:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame 0598 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 20:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 20:17:39 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 93E4 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame A380 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:25 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 82FF 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 0190 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:25 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 8F0A 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame C048 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:25 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 59F9 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame B2CA 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:25 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame F90F 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame F18B 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:25 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame F0D4 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame EA4E 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:25 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 43EB 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 1E27 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:25 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 70E5 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 4203 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:25 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 1FE5 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 8427 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:25 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 9E04 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 19:36:03 GMT
expires
Mon, 04 Sep 2023 19:36:03 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 5835 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:25 GMT
hbw_master_310028_7816.js
player.hb.selectmedia.asia/prebidlink/x461765/ Frame 4CD7 		1 MB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/x461765/hbw_master_310028_7816.js
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/461765/wrapper_hb_310028_7816.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
6cb479566a749b5bdb65fc64ba288513f441f4413730002bcb1e25ad903d1687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
last-modified
Thu, 01 Sep 2022 09:40:58 GMT
server
nginx
etag
W/"63107e2a-156461"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Wed, 07 Sep 2022 05:45:25 GMT
pubads_impl_2022083001.js
securepubads.g.doubleclick.net/gpt/ Frame 4CD7 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 22:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27565
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131975
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 08:35:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Sep 2023 22:06:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame DAA2 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
Origin
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 16:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 16:51:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame DAA2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1103447/64557517/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CnkAoCZ_4B3sPhPSwLvf-_miE75UPTZhaizLiUY5EbEg7Hp5k3jbtJYk7N5xKleZWXdVGY4zGL0kvLm7gOQD56-rPbqc8ubBE6AX7EU4wQ2TgxqDf4mlI8ptpK20bKgdISt8yLmbVqsIo-4vexCgFzFwjcwA65GuoODPErkUAKAmf-AbxGRy8N8ioiLeLJzOHM80ApxzyNGs_RMO1e--Tyix56cLG-nrhz1YRchn-AQ6O4wVw1tPSV2bJ_g6S1FuK6Ba39RD5hayqTeDkfP9lgo2j2rOSCMpdF9V2ELYbQxyyOND9nTjY50997mUtKVx4GdMXWKNRPUXgIr8jVYh-JEj-eb6dl33nU3V1QXx0y8eXzFJ_U_tgLv-IomjumVpUHCULM1_6TNLG2hlOhl8Qajpep7XRi09WKUysYBj1RhqPoSX46oxbteqXwJ8CQ2kBShFEWsL69ffGy8NWO16XmcLOljPcp2KMj8_DNRukj5JHK8wCJAc5dG6mFyX5YO8MX8nBqk9qRFgFi3c72DEFotEElzUVql9p4iAA6lDP48LPRiM0nbxgale2REfZPQzXwulJzseQYEkikzR8YOeP6RqKMbr7LdEwOywUwtHKHGudMRAQTTcb_6xtIi-tesLvV-olReuNyoEzUrFgtb5LGhbL_SkCsQWHxSQocbqOdiliLGmRFjKiCHdQeuf1Cv4OlD1OLHB52iEybGnPW1xrtZOIhwfZIEqjJVVPCjPWBD2bMBe9DFTFUikF886pYtcoovs4-B5AuM3nuLX9YKndX467WFnYK9I4ZoXa61efOd41xWM77fzGrHm5U21sV8JrwDb9qhRgKKOvgUymGc2qbPEXY5IEyHCo_YfLAsCMo72E6y95BKbEqQZKTHT0OrWSE7QtHhhU65IDp-zLxi93wAw2VPbgVNMGIabk8_oQs6nk4NX6wEeqO11TLaEvbG7HoJrPEEz09wtQdKl0kP6kdeunbmLvtW9QjkPsTfyZwk3Kz3lhpk3PO7BkmM6ScgTQq4A6c8Cp5T1SL7FcIyA8e9NxcyVi3pAHbTQIwW_LhVsghJ4gmBayuqzhcPjrO0x3sW6MTRVhvGZMjRjKbgs1izhlYVeaEy-0RfnxHh-2_T6dnjgfP_iqbWmEn4npCUGJZRlVXxSpX2XeN7vanxH1lC_Ji30tSrFfjvV7OUoBi6n6XIOQ5OT14yBt3g4pDyjBUhJytMCSFQICyNrF19TGrzozJUzA51JPBjljAhWFF2JuicSc39MvMokYx3snVT7h1GFxfJfPyr5p7GW2XDeWAQAL9xohxNAqYndqRw6yI1zg3sYdw08A_FNQSV81rnjrG1-KBcjZOFCXPKU3Ss-zQSYZfFlERdTmvsrI9OhvH67cvKZxcHRSgQMtmpsZderGinC6911I-zOqqpqeSefHqz0UF3xujAJmz0jqADS2lgxpNE9M5TGfz8CJHHHEHp65dbeIHA-GXygJ2Q84LNB3cXgVa7t_L5nV7dxrAfC_E9vwTguQ8QYuK4yqKujOY25P1ig83bY2weHQnhicUlouQ1wTOFLdBtTnsYHunAGL3BKf9PHlioVYIUDO4RDsg_m-BpK2izXJ3kRgAkpPp2hF12kGsvKtl3jo4llhtNdQdqCqJVae1PD_khD0OxvZcIiLF2L6KXPG5CjHnUphmwAxkWWNQWBahY_Iig49bDPXZWrjgnb3ugRqFvJ28VMM-zT1J_4RI3WC29XznrCESfiEz_gH2KpG-aqVUUXdGZ8Gu_m_s1a1OVwRV1NDMGZ8ipUYH7jzTXjMqm1Qr_WGZeyrUbGYLHS87e3N9cExwEAOg6mafGjM9i6fJHvy4AJlJFrZBDc_mX3MmgFl7dTF1oFIlCQrMRDBwTZ3r4JEpzOvim_uM9FnBTbqmttKWzu8-TbYKuf55lP5puLftbuMkNp4RdBvdCzvYU7PMBxo7znT1javU5jdxt5Zoz6PcczQtQPxI8hlQLAj3EJe1X9VAWLJVwCwUl3lph2EpKgvfexPOYcezRlSikkXE1NPMFKINqViGnCloSaS0MW8m89IrQNurZZxiBYVO1P-XIgNnEyzHi4ZbkLRvL1yXD8Ma9KsMuIt6BGnrZdy9XGtDw3iEUjJgzcSqRDfMtFPK4L_kwDkHAjvsaKLmr1Bn-sIvm-659BsE-TgAhKCP_sAdpaCxhgIfBzDK-XdptftmVebT-CiftIP5pgZpyKvGvEHA-1Yggg8B968yDkEuHZliy6FBnvVWEWVpIgdSxvpYrmM3N3fYMxZFEtlHH_yEeYkRi9Y0K2HW4NZlxHlFEWrpZ7VZjH0sTUCUuKPRaRtpT9IMzYJfKVjvqsGQDl5RbEwfNBWESwo4k9rIu2JEJe3ODBLCOZ5xSSZYCDXrm7EaR3TJ-bDyKo-BKzR7lXw0EDvprLbGNCOmllOSfD5wID7xc-m02y14nLiGerUWiFW0kRnUpCveg74EWdZcgQs7R0CCl1DVXVNqwPa_5E3wTmROtlda50-qu3rY_t72pf6QNk7fJNAgr6718MFjxUa-8R7JICSOViD7gtm4pEPm1PUilvO2Wy-gSs0N7ujnBpLej7mcg46rYJq3uI3ON8PZ5v7hZq4ZUwyYo63CaO8PR_HIw-gHf5Ludrnl2Z04V1dONPEczlRa-p1NSW_TDQbnYFH1g6J_slCdUQ_Mnhp-IbVvhg_AOGIpERLTuH8X1VbC-Z-wbMHB9Uanp5RdKFkVy_qG3I_vpZaBhjt0LogpqbA2ptcK1AwTofddV_nK5_4kMWUg6OxGb8FZjtOGuJfmZOXdaLq3GPHKPFjRq3z7MAjKRqJuql03aGQr1xrPcQ5GP3HKMFwF111t80_KOK_H3-UB47-qVFd6hibIMoxy8CviuuG8sI-QZzD8Prr-6XyawQcpqE3fwTUhkLriXaYoheblMQOpbkxRupqPLXzIsB8g9h_ip2tK6tuhCz09DPbY21TodOhRfCjlSHiOUb1O5PHTpwZf83DAbuYECob5hkoBNf4-Ze_aElDg-HBxolWd_NWpzZATWanRROWoBvLG3RpbyDNO-2bDrtKbHQGnC-uFGEnaFhWPyBRwo2vG9SJk-42wbWtUaW4NuBQmn36_9v_eJWD64McGTbmeT2rKGzlu9HS-vwOQkLB6Gw8xGeylaB1jVS7rxT1QiTyvPLS0OjSoqx3LBicD3_di80UzuxO0aQUnUOo9R9No35PdTjDQmlnps0R-bulY3lt10204pMwerRW0iDeaKmeSLalamoJYitipjVNO4cAt_Wz8hRl-wACK6fzl58UBtX1wuX9yFg7nez96yYQm5lr5cXBB3eDRmUL8Q04vpCkjsOxTCwMVRuAEdy7cTPxUPYbzokQH038s-RRCs1_VKn_g3FyCgAJTjVCS3LAlcYvs_bfln_n3x7oN4aZ1yMH7JVVbeyvn5JPCshyil26riv9nELQ1_EBogT4DsWFmFHaEl5kBPPnv6cu5KmgkIQ6qTolbfB6xLbfPMzzYGDmoX6FRjMPlTvoQ3QdG3BshBe6Z5FqbQNT517Lxo_xx3xeTZvJmL4mpMBeUyT0h2PE5mB2MkCn9dED_SDgkp3xwI88UY3mS90NAsPWRRqgr4Gq_btrj7BJITox5fH0EBDR_UEWhQ4fxorCAASJ-RoeayDVrMwNyuWzd3ziors-3CrTyNQKwVM1qZTvnBUV7PBBKGni2AB&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_placementId=17669653609&bidurl=https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jHr_aQUngJ-zijFFfKP0_u&adsafe_url=https%3A%2F%2Fwww.viva.co.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bdf84ec0-c8af-80da-7fbe-edae03003897,c:njEMi3,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-7db66464c7-jh5xk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:audiit1,mtim:3,mot:0,app:0,maw:0,fm:tgxhp3S+11%7C121%7C13%7C14*.1103447-64557517%7C141%7C151%7C16%7C1711%7C181%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:efa6e4a6-2cdd-11ed-8f9b-9a8b7463bf74,v:19.8.346,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:35:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame DAA2 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1103447/64557517/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CnkAoCZ_4B3sPhPSwLvf-_miE75UPTZhaizLiUY5EbEg7Hp5k3jbtJYk7N5xKleZWXdVGY4zGL0kvLm7gOQD56-rPbqc8ubBE6AX7EU4wQ2TgxqDf4mlI8ptpK20bKgdISt8yLmbVqsIo-4vexCgFzFwjcwA65GuoODPErkUAKAmf-AbxGRy8N8ioiLeLJzOHM80ApxzyNGs_RMO1e--Tyix56cLG-nrhz1YRchn-AQ6O4wVw1tPSV2bJ_g6S1FuK6Ba39RD5hayqTeDkfP9lgo2j2rOSCMpdF9V2ELYbQxyyOND9nTjY50997mUtKVx4GdMXWKNRPUXgIr8jVYh-JEj-eb6dl33nU3V1QXx0y8eXzFJ_U_tgLv-IomjumVpUHCULM1_6TNLG2hlOhl8Qajpep7XRi09WKUysYBj1RhqPoSX46oxbteqXwJ8CQ2kBShFEWsL69ffGy8NWO16XmcLOljPcp2KMj8_DNRukj5JHK8wCJAc5dG6mFyX5YO8MX8nBqk9qRFgFi3c72DEFotEElzUVql9p4iAA6lDP48LPRiM0nbxgale2REfZPQzXwulJzseQYEkikzR8YOeP6RqKMbr7LdEwOywUwtHKHGudMRAQTTcb_6xtIi-tesLvV-olReuNyoEzUrFgtb5LGhbL_SkCsQWHxSQocbqOdiliLGmRFjKiCHdQeuf1Cv4OlD1OLHB52iEybGnPW1xrtZOIhwfZIEqjJVVPCjPWBD2bMBe9DFTFUikF886pYtcoovs4-B5AuM3nuLX9YKndX467WFnYK9I4ZoXa61efOd41xWM77fzGrHm5U21sV8JrwDb9qhRgKKOvgUymGc2qbPEXY5IEyHCo_YfLAsCMo72E6y95BKbEqQZKTHT0OrWSE7QtHhhU65IDp-zLxi93wAw2VPbgVNMGIabk8_oQs6nk4NX6wEeqO11TLaEvbG7HoJrPEEz09wtQdKl0kP6kdeunbmLvtW9QjkPsTfyZwk3Kz3lhpk3PO7BkmM6ScgTQq4A6c8Cp5T1SL7FcIyA8e9NxcyVi3pAHbTQIwW_LhVsghJ4gmBayuqzhcPjrO0x3sW6MTRVhvGZMjRjKbgs1izhlYVeaEy-0RfnxHh-2_T6dnjgfP_iqbWmEn4npCUGJZRlVXxSpX2XeN7vanxH1lC_Ji30tSrFfjvV7OUoBi6n6XIOQ5OT14yBt3g4pDyjBUhJytMCSFQICyNrF19TGrzozJUzA51JPBjljAhWFF2JuicSc39MvMokYx3snVT7h1GFxfJfPyr5p7GW2XDeWAQAL9xohxNAqYndqRw6yI1zg3sYdw08A_FNQSV81rnjrG1-KBcjZOFCXPKU3Ss-zQSYZfFlERdTmvsrI9OhvH67cvKZxcHRSgQMtmpsZderGinC6911I-zOqqpqeSefHqz0UF3xujAJmz0jqADS2lgxpNE9M5TGfz8CJHHHEHp65dbeIHA-GXygJ2Q84LNB3cXgVa7t_L5nV7dxrAfC_E9vwTguQ8QYuK4yqKujOY25P1ig83bY2weHQnhicUlouQ1wTOFLdBtTnsYHunAGL3BKf9PHlioVYIUDO4RDsg_m-BpK2izXJ3kRgAkpPp2hF12kGsvKtl3jo4llhtNdQdqCqJVae1PD_khD0OxvZcIiLF2L6KXPG5CjHnUphmwAxkWWNQWBahY_Iig49bDPXZWrjgnb3ugRqFvJ28VMM-zT1J_4RI3WC29XznrCESfiEz_gH2KpG-aqVUUXdGZ8Gu_m_s1a1OVwRV1NDMGZ8ipUYH7jzTXjMqm1Qr_WGZeyrUbGYLHS87e3N9cExwEAOg6mafGjM9i6fJHvy4AJlJFrZBDc_mX3MmgFl7dTF1oFIlCQrMRDBwTZ3r4JEpzOvim_uM9FnBTbqmttKWzu8-TbYKuf55lP5puLftbuMkNp4RdBvdCzvYU7PMBxo7znT1javU5jdxt5Zoz6PcczQtQPxI8hlQLAj3EJe1X9VAWLJVwCwUl3lph2EpKgvfexPOYcezRlSikkXE1NPMFKINqViGnCloSaS0MW8m89IrQNurZZxiBYVO1P-XIgNnEyzHi4ZbkLRvL1yXD8Ma9KsMuIt6BGnrZdy9XGtDw3iEUjJgzcSqRDfMtFPK4L_kwDkHAjvsaKLmr1Bn-sIvm-659BsE-TgAhKCP_sAdpaCxhgIfBzDK-XdptftmVebT-CiftIP5pgZpyKvGvEHA-1Yggg8B968yDkEuHZliy6FBnvVWEWVpIgdSxvpYrmM3N3fYMxZFEtlHH_yEeYkRi9Y0K2HW4NZlxHlFEWrpZ7VZjH0sTUCUuKPRaRtpT9IMzYJfKVjvqsGQDl5RbEwfNBWESwo4k9rIu2JEJe3ODBLCOZ5xSSZYCDXrm7EaR3TJ-bDyKo-BKzR7lXw0EDvprLbGNCOmllOSfD5wID7xc-m02y14nLiGerUWiFW0kRnUpCveg74EWdZcgQs7R0CCl1DVXVNqwPa_5E3wTmROtlda50-qu3rY_t72pf6QNk7fJNAgr6718MFjxUa-8R7JICSOViD7gtm4pEPm1PUilvO2Wy-gSs0N7ujnBpLej7mcg46rYJq3uI3ON8PZ5v7hZq4ZUwyYo63CaO8PR_HIw-gHf5Ludrnl2Z04V1dONPEczlRa-p1NSW_TDQbnYFH1g6J_slCdUQ_Mnhp-IbVvhg_AOGIpERLTuH8X1VbC-Z-wbMHB9Uanp5RdKFkVy_qG3I_vpZaBhjt0LogpqbA2ptcK1AwTofddV_nK5_4kMWUg6OxGb8FZjtOGuJfmZOXdaLq3GPHKPFjRq3z7MAjKRqJuql03aGQr1xrPcQ5GP3HKMFwF111t80_KOK_H3-UB47-qVFd6hibIMoxy8CviuuG8sI-QZzD8Prr-6XyawQcpqE3fwTUhkLriXaYoheblMQOpbkxRupqPLXzIsB8g9h_ip2tK6tuhCz09DPbY21TodOhRfCjlSHiOUb1O5PHTpwZf83DAbuYECob5hkoBNf4-Ze_aElDg-HBxolWd_NWpzZATWanRROWoBvLG3RpbyDNO-2bDrtKbHQGnC-uFGEnaFhWPyBRwo2vG9SJk-42wbWtUaW4NuBQmn36_9v_eJWD64McGTbmeT2rKGzlu9HS-vwOQkLB6Gw8xGeylaB1jVS7rxT1QiTyvPLS0OjSoqx3LBicD3_di80UzuxO0aQUnUOo9R9No35PdTjDQmlnps0R-bulY3lt10204pMwerRW0iDeaKmeSLalamoJYitipjVNO4cAt_Wz8hRl-wACK6fzl58UBtX1wuX9yFg7nez96yYQm5lr5cXBB3eDRmUL8Q04vpCkjsOxTCwMVRuAEdy7cTPxUPYbzokQH038s-RRCs1_VKn_g3FyCgAJTjVCS3LAlcYvs_bfln_n3x7oN4aZ1yMH7JVVbeyvn5JPCshyil26riv9nELQ1_EBogT4DsWFmFHaEl5kBPPnv6cu5KmgkIQ6qTolbfB6xLbfPMzzYGDmoX6FRjMPlTvoQ3QdG3BshBe6Z5FqbQNT517Lxo_xx3xeTZvJmL4mpMBeUyT0h2PE5mB2MkCn9dED_SDgkp3xwI88UY3mS90NAsPWRRqgr4Gq_btrj7BJITox5fH0EBDR_UEWhQ4fxorCAASJ-RoeayDVrMwNyuWzd3ziors-3CrTyNQKwVM1qZTvnBUV7PBBKGni2AB&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_placementId=17669653609&bidurl=https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jHr_aQUngJ-zijFFfKP0_u&adsafe_url=https%3A%2F%2Fwww.viva.co.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bdf84ec0-c8af-80da-7fbe-edae03003897,c:njEMi3,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-7db66464c7-jh5xk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:audiit1,mtim:3,mot:0,app:0,maw:0,fm:tgxhp3S+11%7C121%7C13%7C14*.1103447-64557517%7C141%7C151%7C16%7C1711%7C181%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:efa6e4a6-2cdd-11ed-8f9b-9a8b7463bf74,v:19.8.346,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
585
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11778
x-xss-protection
0
server
cafe
etag
15541287485089275602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:35:40 GMT
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1mNzE2ZThmZi00YjljLTQwYjgtYWI5Ni00MWQxOTE2YjU5YmMmYWRzMj0xJmFkczM9MSZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTg3MWJhYWY5LTljYWYtNDIzYi04OTM0LTY1NDE2YzZlYzA5OSZhZHM5PTAuMQ==&adsourceId=f716e8ff-4b9c-40b8-ab96-41d1916b59bc&cb=1662356725392-fb2b0477-f199-4521-821b-2da169b7bd48&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1kYjY3ZTYwNi0zNDIwLTQwNmEtYmE0Mi1hYWY1NDI2ODlhZWMmYWRzMj0xJmFkczM9MS4xNCZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTFiNmIyNWVhLTBhZmEtNDdhMi04ZGEzLTZiNGExNzg0ODgxMCZhZHM5PTAuMg==&adsourceId=db67e606-3420-406a-ba42-aaf542689aec&cb=1662356725392-c7a1120d-dd26-4263-a16b-6b5669589de0&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1hZTdiNDMxZS03M2NjLTQ3ZmUtYmMwYy1jZjdiZTc5ZTAxNzQmYWRzMj0xJmFkczM9MiZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMg==&adsourceId=ae7b431e-73cc-47fe-bc0c-cf7be79e0174&cb=1662356725392-916e94c7-8885-4e5f-8672-262e9bef3961&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT05ODIzMjdiMC1mNTFiLTRjMmQtYWQwOC00NzM5ZjNmZGFlNzkmYWRzMj0xJmFkczM9MSZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMg==&adsourceId=982327b0-f51b-4c2d-ad08-4739f3fdae79&cb=1662356725392-8e56589b-ebb9-4f25-934a-3d534598a245&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1mNzE2ZThmZi00YjljLTQwYjgtYWI5Ni00MWQxOTE2YjU5YmMmYWRzMj0xJmFkczM9MSZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTg3MWJhYWY5LTljYWYtNDIzYi04OTM0LTY1NDE2YzZlYzA5OSZhZHM5PTAuMQ==&adsourceId=f716e8ff-4b9c-40b8-ab96-41d1916b59bc&cb=1662356725392-eb9803cb-1d89-4d55-a940-94e32d98c9e4&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1kYjY3ZTYwNi0zNDIwLTQwNmEtYmE0Mi1hYWY1NDI2ODlhZWMmYWRzMj0xJmFkczM9MS4xNCZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTFiNmIyNWVhLTBhZmEtNDdhMi04ZGEzLTZiNGExNzg0ODgxMCZhZHM5PTAuMg==&adsourceId=db67e606-3420-406a-ba42-aaf542689aec&cb=1662356725393-008f3461-535f-49c2-bb3f-041896482d0b&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1hZTdiNDMxZS03M2NjLTQ3ZmUtYmMwYy1jZjdiZTc5ZTAxNzQmYWRzMj0xJmFkczM9MiZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMg==&adsourceId=ae7b431e-73cc-47fe-bc0c-cf7be79e0174&cb=1662356725393-8021a12f-e853-42da-9a89-fcbac8a049ec&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT05ODIzMjdiMC1mNTFiLTRjMmQtYWQwOC00NzM5ZjNmZGFlNzkmYWRzMj0xJmFkczM9MSZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMg==&adsourceId=982327b0-f51b-4c2d-ad08-4739f3fdae79&cb=1662356725393-f41d2837-9bbe-4033-8a12-37302459a3ec&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1mNzE2ZThmZi00YjljLTQwYjgtYWI5Ni00MWQxOTE2YjU5YmMmYWRzMj0xJmFkczM9MSZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTg3MWJhYWY5LTljYWYtNDIzYi04OTM0LTY1NDE2YzZlYzA5OSZhZHM5PTAuMQ==&adsourceId=f716e8ff-4b9c-40b8-ab96-41d1916b59bc&cb=1662356725393-a4a54498-5fa3-458f-92c2-f7697df61544&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1kYjY3ZTYwNi0zNDIwLTQwNmEtYmE0Mi1hYWY1NDI2ODlhZWMmYWRzMj0xJmFkczM9MS4xNCZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTFiNmIyNWVhLTBhZmEtNDdhMi04ZGEzLTZiNGExNzg0ODgxMCZhZHM5PTAuMg==&adsourceId=db67e606-3420-406a-ba42-aaf542689aec&cb=1662356725393-42633f25-32f6-43e3-9f1d-24c372b131e9&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1hZTdiNDMxZS03M2NjLTQ3ZmUtYmMwYy1jZjdiZTc5ZTAxNzQmYWRzMj0xJmFkczM9MiZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMg==&adsourceId=ae7b431e-73cc-47fe-bc0c-cf7be79e0174&cb=1662356725393-102d4e90-6061-4508-a350-c9253c65ef68&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT05ODIzMjdiMC1mNTFiLTRjMmQtYWQwOC00NzM5ZjNmZGFlNzkmYWRzMj0xJmFkczM9MSZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMg==&adsourceId=982327b0-f51b-4c2d-ad08-4739f3fdae79&cb=1662356725393-b1c5324c-978e-45d8-8d04-11c103e70d91&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1mNzE2ZThmZi00YjljLTQwYjgtYWI5Ni00MWQxOTE2YjU5YmMmYWRzMj0xJmFkczM9MSZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTg3MWJhYWY5LTljYWYtNDIzYi04OTM0LTY1NDE2YzZlYzA5OSZhZHM5PTAuMQ==&adsourceId=f716e8ff-4b9c-40b8-ab96-41d1916b59bc&cb=1662356725393-dadcae8e-4a15-4de3-a439-86c06bdf71de&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1kYjY3ZTYwNi0zNDIwLTQwNmEtYmE0Mi1hYWY1NDI2ODlhZWMmYWRzMj0xJmFkczM9MS4xNCZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTFiNmIyNWVhLTBhZmEtNDdhMi04ZGEzLTZiNGExNzg0ODgxMCZhZHM5PTAuMg==&adsourceId=db67e606-3420-406a-ba42-aaf542689aec&cb=1662356725393-02e4614b-ea27-46ec-8267-1f148b891fbc&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1hZTdiNDMxZS03M2NjLTQ3ZmUtYmMwYy1jZjdiZTc5ZTAxNzQmYWRzMj0xJmFkczM9MiZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMg==&adsourceId=ae7b431e-73cc-47fe-bc0c-cf7be79e0174&cb=1662356725393-60d25958-85d0-4a66-a017-a6f40dae7d9f&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT05ODIzMjdiMC1mNTFiLTRjMmQtYWQwOC00NzM5ZjNmZGFlNzkmYWRzMj0xJmFkczM9MSZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMg==&adsourceId=982327b0-f51b-4c2d-ad08-4739f3fdae79&cb=1662356725393-fccc1f2d-75c6-4cb4-a397-fcfaf103d99d&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1mNzE2ZThmZi00YjljLTQwYjgtYWI5Ni00MWQxOTE2YjU5YmMmYWRzMj0xJmFkczM9MSZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTg3MWJhYWY5LTljYWYtNDIzYi04OTM0LTY1NDE2YzZlYzA5OSZhZHM5PTAuMQ==&adsourceId=f716e8ff-4b9c-40b8-ab96-41d1916b59bc&cb=1662356725393-14f88ba2-6b91-40c5-b141-562ce856576b&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1kYjY3ZTYwNi0zNDIwLTQwNmEtYmE0Mi1hYWY1NDI2ODlhZWMmYWRzMj0xJmFkczM9MS4xNCZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTFiNmIyNWVhLTBhZmEtNDdhMi04ZGEzLTZiNGExNzg0ODgxMCZhZHM5PTAuMg==&adsourceId=db67e606-3420-406a-ba42-aaf542689aec&cb=1662356725393-92d7e5b0-c30f-4d40-8f72-855d2f4dac59&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1hZTdiNDMxZS03M2NjLTQ3ZmUtYmMwYy1jZjdiZTc5ZTAxNzQmYWRzMj0xJmFkczM9MiZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMg==&adsourceId=ae7b431e-73cc-47fe-bc0c-cf7be79e0174&cb=1662356725393-a93eba4c-016b-4153-99c3-d211a6f936d4&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT05ODIzMjdiMC1mNTFiLTRjMmQtYWQwOC00NzM5ZjNmZGFlNzkmYWRzMj0xJmFkczM9MSZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMg==&adsourceId=982327b0-f51b-4c2d-ad08-4739f3fdae79&cb=1662356725393-d8d47bc2-8a99-4e7d-93c8-c5493162d6d4&e=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
integrator.js
adservice.google.com/adsid/ Frame 2232 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5677 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 58D9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1E27 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 41F3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5F76 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8427 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FB21 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AEB6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2A59 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9C9F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F18B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 53D6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0190 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C048 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A380 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B2CA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5835 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EA4E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4203 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 41F3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F7047%2C22703897216%2Ftsm7047%2Ftsm_mcm_video%2Ftsmvast100%26description_url%3Dhttps%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri%26tfcd%3D0%26npa%3D0%26sz%3D448x252%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1662356724544&customPlayback=f&customClick=f&lid=8&sdkv=h.3.528.0&e=44750822%2C44754420%2C44760950%2C44765701%2C44771872&id=ima_html5&c=1606388517090640&domain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 41F3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?tte=f&lid=158&sdkv=h.3.528.0&e=44750822%2C44754420%2C44760950%2C44765701%2C44771872&id=ima_html5&c=1606388517090640&domain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
s0.2mdn.net/sadbundle/8828632559684167007/ Frame A4F4 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8828632559684167007/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=Z3RElsA5jW&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4431ed2e1a04ff61147b043d77314af2c6711194fa816b09187c945a24be7ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=Z3RElsA5jW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1805
x-xss-protection
0
last-modified
Wed, 05 May 2021 19:27:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 13:16:36 GMT
Enabler_01_244.js
s0.2mdn.net/879366/ Frame A4F4 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_244.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=Z3RElsA5jW&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=Z3RElsA5jW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 11:10:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66895
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38072
x-xss-protection
0
last-modified
Tue, 07 Jul 2020 18:35:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 11:10:30 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame A4F4 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=Z3RElsA5jW&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
303481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21678
timing-allow-origin
*
last-modified
Tue, 21 Jul 2020 23:12:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f177643-eca3"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwMHR3W%2B57EYgV86bxYlpr221cHEmTN6Z9%2FViF6LyY8%2B5aLakrmK8Mqj38oV8PW6954tkhDf19DSpqHRJ%2FJNi8uxIkybK2Mc1BK9GcWcX%2B%2F%2Bf5v%2Fub4j2%2FeQoynavLXbAvnVZOGaSmi9xz1vcu3z7caW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
745ca89e1b889b5d-FRA
expires
Sat, 26 Aug 2023 05:45:25 GMT
generate_204
tpc.googlesyndication.com/ Frame D700 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6y9r3Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dt
dt.adsafeprotected.com/ Frame DAA2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=bdf84ec0-c8af-80da-7fbe-edae03003897&tv=%7Bc:njEMBc,pingTime:-10,time:1206,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuNTIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1662356725458%7C%7Ced498c5090edf447ca213d26292c1ee0%7C%7Ca3eeeeb410530a2973f34b9badfd9b71%7C%7Cc00d463de78e325273ef703d990e305e%7C%7C9e0a618b4967020db793392b2d27ac51%7C%7C1a75bb7b331480d05e688158b884ae64%7C%7C3e25aa17903dd2b4a5847cb2265da725%7C%7C88a2a6ea20473870e5e46a93fc84db17%7C%7C1629390669%7D
Requested by
Host: 39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
URL: https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:f6d6:134f:4507:dfcf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:25 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
style.css
s0.2mdn.net/sadbundle/8828632559684167007/ Frame D1A2 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8828632559684167007/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4431ed2e1a04ff61147b043d77314af2c6711194fa816b09187c945a24be7ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1805
x-xss-protection
0
last-modified
Wed, 05 May 2021 19:27:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 13:16:36 GMT
Enabler_01_244.js
s0.2mdn.net/879366/ Frame D1A2 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_244.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 11:10:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66895
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38072
x-xss-protection
0
last-modified
Tue, 07 Jul 2020 18:35:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 11:10:30 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame D1A2 		59 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
303481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21678
timing-allow-origin
*
last-modified
Tue, 21 Jul 2020 23:12:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f177643-eca3"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rD2Tf96nNyztxS9Y06BrZpbprjM9GNG8q52BNFvMT7YMGYUOF9hRlnxXjZIdD83Psuuw2MDMLQ9LPPxi7yJPJNIAoE0nmHSKc4uhQiCmeR6PIuAKn8H%2BL%2B6FYi%2BpOM5vCdRBNF83M4d%2Ff%2FL%2Fjim9L1XQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
745ca89e2b9c9b5d-FRA
expires
Sat, 26 Aug 2023 05:45:25 GMT
rid
match.adsrvr.org/track/ Frame 5677 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f7c5da522698d5a098227688e5b71701570ff2746554abe0083d1e534f19c240

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:25 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame AFD7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 05 Sep 2022 05:45:25 GMT
ETag
"623de86a-cf34"
Expires
Tue, 06 Sep 2022 05:45:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 41F3 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f7c5da522698d5a098227688e5b71701570ff2746554abe0083d1e534f19c240

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:25 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 28D2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 05 Sep 2022 05:45:25 GMT
ETag
"623de86a-cf34"
Expires
Tue, 06 Sep 2022 05:45:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame FB21 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f7c5da522698d5a098227688e5b71701570ff2746554abe0083d1e534f19c240

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:25 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 34E8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 05 Sep 2022 05:45:25 GMT
ETag
"623de86a-cf34"
Expires
Tue, 06 Sep 2022 05:45:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 1E27 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f7c5da522698d5a098227688e5b71701570ff2746554abe0083d1e534f19c240

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:25 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame C58E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 05:45:25 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 2232 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f7c5da522698d5a098227688e5b71701570ff2746554abe0083d1e534f19c240

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:25 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 89B3 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 05:45:25 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 8427 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f7c5da522698d5a098227688e5b71701570ff2746554abe0083d1e534f19c240

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:25 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 7F4E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 05:45:25 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame EC20 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvW_71H8sGJytslZRIY3vE_3oO7mXVEd0NdwY_h-m9k9-tIzKPJVEalQlDQw-gxDw5aqlqAEJNQn7flFOqiUGNqyUL7jRJhtuS9_gGmLtwPKqKGPKQs&sig=Cg0ArKJSzPh589hM7uZbEAE&id=lidar2&mcvt=1408&p=171,315,172,316&mtos=1408,1408,1408,1408,1408&tos=1408,0,0,0,0&v=20220831&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3482815306&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662356723649&rpt=655&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/ Frame 2A59 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f7c5da522698d5a098227688e5b71701570ff2746554abe0083d1e534f19c240

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:25 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 2353 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 05:45:25 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 0190 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
4feadec0ad1f127439e1245a428ebd2e585471f5bced4b0d758f959355a70980

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:26 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 471B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 05 Sep 2022 05:45:25 GMT
ETag
"623de86a-cf34"
Expires
Tue, 06 Sep 2022 05:45:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 53D6 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f7c5da522698d5a098227688e5b71701570ff2746554abe0083d1e534f19c240

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:25 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame BB81 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 05:45:25 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9D84 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
48838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 16:11:27 GMT
expires
Mon, 04 Sep 2023 16:11:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rid
match.adsrvr.org/track/ Frame 58D9 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f7c5da522698d5a098227688e5b71701570ff2746554abe0083d1e534f19c240

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:25 GMT
usync.html
eus.rubiconproject.com/ Frame 6F0E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 05:45:26 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 5F76 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f7c5da522698d5a098227688e5b71701570ff2746554abe0083d1e534f19c240

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:25 GMT
usync.html
eus.rubiconproject.com/ Frame B1A0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 05:45:26 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F6D6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
48838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 16:11:27 GMT
expires
Mon, 04 Sep 2023 16:11:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rid
match.adsrvr.org/track/ Frame AEB6 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
4feadec0ad1f127439e1245a428ebd2e585471f5bced4b0d758f959355a70980

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:26 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:26 GMT
usync.html
eus.rubiconproject.com/ Frame 50C3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 05:45:26 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame C048 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f7c5da522698d5a098227688e5b71701570ff2746554abe0083d1e534f19c240

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:26 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:25 GMT
usync.html
eus.rubiconproject.com/ Frame 61C4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 05:45:26 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame F18B 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
4feadec0ad1f127439e1245a428ebd2e585471f5bced4b0d758f959355a70980

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:26 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:26 GMT
usync.html
eus.rubiconproject.com/ Frame A08D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 05:45:26 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
wl
t.pubmatic.com/ 		17 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=157005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:26 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame FE85 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 20:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 20:17:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5B45 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhHTuw349Qqn87W0mY8Xi1w0n5eTH3uvZR20NgXhFs-t5yRtc9H49c5DNbddeba6V_S-NUe0BxvG_pyiyQPKg7ARi56o1lcGDvfrY3D_Qcu7Cbzl_WMjJYL-W0b1p4Iqit9H0uR3w&sai=AMfl-YRIbpwS5_2riUT7fN1Jx3vIRqCHmJ3zf66qRaL10kuhu-ON6EjsBhSmIf_dl0I8Mb9Xpvm-aNoXaU_TJ-3cNmcafI5rSr4ZT0TR5umUscEb6kOr3vGMmLC9G1lOtRc&sig=Cg0ArKJSzBe_Jh2CAHZtEAE&cid=CAASJ-RorMnGFRlmQ-4iU_oVhWPS9TtUMZIorHPglipUR-1xZ4L8sfNT0w&id=lidar2&mcvt=1648&p=59,1300,677,1460&mtos=0,1648,1648,1648,1648&tos=0,1648,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=3481637858&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662356723646&rpt=1196&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4E39 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPH5fr-yGnG7vVHDMp_cIZyIiSOU4OVhdWUxC3XZk0dnH50q_htZYTPVQ6h4lQywnHbThgbeRp9E5vC6Yk0YRIdG6_fR6oSGEi-iWs6dQmHdgPDIkozQ1R3rC3FU_1nF59pZmlPWo&sai=AMfl-YRLnBKXHlyxle0wFAIk9Jwzj2O5S69uCxe1OuDSyi5akJgF0qCwlH4YEkNysr7ETCjlymldv1L5W-fE-eHtSRMr8tmBSGqyv3RjMk96FmX2ZHfpeEr8ONXv6oJlnPE&sig=Cg0ArKJSzCmqIk4QILRgEAE&cid=CAASJ-RoPM7XC3VeJ5iRwRDJw-iViWZsJrlzKN9wdOOV8l9yFeZvFSHwTw&id=lidar2&mcvt=1649&p=59,140,677,300&mtos=0,1649,1649,1649,1649&tos=0,1649,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=1411660821&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662356723642&rpt=1212&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/ Frame 9C9F 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
4feadec0ad1f127439e1245a428ebd2e585471f5bced4b0d758f959355a70980

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:26 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 05:45:26 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2F38 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_9_0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 05 Sep 2022 05:45:26 GMT
ETag
"623de86a-cf34"
Expires
Tue, 06 Sep 2022 05:45:28 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
index.html
s0.2mdn.net/sadbundle/12621424584994848768/ Frame 61D4 		3 KB
1005 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b4446b088b671a0551c227061dc3556c5919661d0b217a1f90c0ac5ec03fdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
977
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:26 GMT
expires
Tue, 05 Sep 2023 05:45:26 GMT
last-modified
Tue, 30 Nov 2021 23:17:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame DAA2 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQmL-zsUkChGhfnuHnOxqRRXaUDmB6nVGzeE7yPyXpduCbHxjQWmFRVo4m5hc0jMSWe3qv0i8TLbVlekA_stASkzvnt9oxZECQS0uP3VMWAJYMNRdiWJCcy-_OrMcGgSfSs_n4L8dHB_9w&sai=AMfl-YTpSPDYAy55PtWhK2qONmf7-my1V_BxVjPSBzxvgJIaR8a2zeEEPNgbl9BgE4nZcdLXn_CKzN1t8Q4QfI8RIroRqzexuX0bAIqEBpzWZ3El7Feo6HtS8O4Z_NOthqk&sig=Cg0ArKJSzBrF1O7n3rNrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1495&cbvp=1&cstd=1491&cisv=r20220831.69769&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
ghb.hb.selectmedia.asia/geo/ Frame 4CD7 		154 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hb.selectmedia.asia/geo/
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/x461765/hbw_master_310028_7816.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash
994c52886d9dc9ee58e9168c727586e0e3a8ca03aa6e4bbdffc7b4236508e619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 05:45:26 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.viva.co.id
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
154
tracking
ghb.hb.selectmedia.asia/adunit/ Frame 4CD7 		43 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hb.selectmedia.asia/adunit/tracking?event=11&type=0&client_id=310028&site_id=7816&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fwww.viva.co.id&adid=oc9v9z.8f&features=81952&vpbv=N079&tte=2527&lifecycle_tte=2533
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/x461765/hbw_master_310028_7816.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 05:45:26 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.viva.co.id
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
usync.js
eus.rubiconproject.com/ Frame 6F0E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 05:45:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35804
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Mon, 05 Sep 2022 15:42:10 GMT
usync.js
eus.rubiconproject.com/ Frame 50C3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 05:45:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35804
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Mon, 05 Sep 2022 15:42:10 GMT
usync.js
eus.rubiconproject.com/ Frame 61C4 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 05:45:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35804
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Mon, 05 Sep 2022 15:42:10 GMT
usync.js
eus.rubiconproject.com/ Frame B1A0 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 05:45:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35804
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Mon, 05 Sep 2022 15:42:10 GMT
usync.js
eus.rubiconproject.com/ Frame A08D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 05:45:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35804
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Mon, 05 Sep 2022 15:42:10 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A36C 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7369b1436763e68affd57d93ba0dad30ac5432ebfa8a204b3017f3d10a0877fc

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
745ca8a75f8d691f-FRA
content-encoding
br
content-type
text/html
date
Mon, 05 Sep 2022 05:45:26 GMT
dropped-udsids
64|41|176|57|24|90|105|13
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9HNGDktJqPEXWf1lgETvq0UcCr2ZzKsr1hzCy%2FzWtC9g%2F6ONEkouXCycGrJYxhyj5INhh7XqIrMGSFYvR2NHMQO6nDMSgOMLDfMce1NxSMJ1PYpAPeV2GSvNKbnqxs%2BHDHm%2BBFavxtE3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 47EE 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6dab4c9527186cb7091517a5151a652e14aece45ea1a06e375737a7d3a1b6eb

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
745ca8a75f8c691f-FRA
content-encoding
br
content-type
text/html
date
Mon, 05 Sep 2022 05:45:26 GMT
dropped-udsids
130|111|90|81|195|105|10|3
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqcCGFHPyrp%2B0AWogzJ8wiAdTYRpEbxiNhIADo%2B4usP3mrWkeMzj9YoRExPpjcPOkONnZFgg24H4Q5q3i7RhHPj956j2ezEwgvbFCTCgfAJelyBs6k33jBthY9gkwsXy432U8SQYXS7g1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 478E 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24faf58694860dd63c6bc7504ac7e2ffedc81e44cfa7423370d2bc94a4ccb2da

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
745ca8a75f8b691f-FRA
content-encoding
br
content-type
text/html
date
Mon, 05 Sep 2022 05:45:26 GMT
dropped-udsids
46|73|206|88|3|4|218|105
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7XAf5EUodcuzU2sLpo%2FUO7OVdDelSBU9k9qbf0456ydlvj77bM0V3hMyuKWV6dKs%2FDmIXL5SF5%2F0pVeyVqgIlZgKmnCzaV2oaqXTQ4%2F0oIAItFP3ncHVG%2F3GwzwksvA1LcQpcTXXagIeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
async_usersync
ib.adnxs.com/ Frame AFD7 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:26 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
dfa095db-f274-4d87-8984-6e0e8c721eb7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 28D2 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:26 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
effe2c10-549c-459a-9a5e-b20422867361
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 34E8 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:26 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
84ef9d61-62b5-4c6e-8ba7-4a0e1d79b468
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
config.json
player.adtelligent.com/exchange_rates/305666/ Frame 4CD7 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/305666/config.json?cb=https%3A%2F%2Fwww.viva.co.id
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/461765/hb_310028_7816.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
70b8a4b6f8c4a18fb52262cf65e100d794abadd1fd138599124851d99e605954

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
last-modified
Sat, 03 Sep 2022 12:01:08 GMT
server
nginx
etag
W/"63134204-67b5"
content-type
application/json
access-control-allow-origin
https://www.viva.co.id
expires
Wed, 07 Sep 2022 05:45:27 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
usermatch
ssum-sec.casalemedia.com/ Frame 5B24 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbbffa52df626ee707349fe17c8b4d88aec2a8bf0131aae75b8fb2f75b734bd2

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
745ca8a98a8f691f-FRA
content-encoding
br
content-type
text/html
date
Mon, 05 Sep 2022 05:45:27 GMT
dropped-udsids
123|156|18|11|46|206|152|111
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rR7OTOff%2BCw9ZpiL7Jsx2yx4Iyn%2FdMTuOCBYbrqVC9QjbqIPILJKF%2Fzszi4vD0sKd94axRa19AsYm%2BDsYIINqGe4p4ebsZCIlVtAHncut5BPBwKg0iQjN%2Fr6H0oovF2TGqqMyLp2q7gTeg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 471B 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:27 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
f388bbe3-eb51-4357-8d36-6b886f305b9b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame DAA2 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9506af6d51b6c3849f9877b1d89ec4d837e08c62aa4bec9e8221e8cf269997d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
usermatch
ssum-sec.casalemedia.com/ Frame 2766 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5705c5104eb9425131b1173883066dc7392bfae2c7d8808e13975e95f1ea0d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
745ca8a98a92691f-FRA
content-encoding
br
content-type
text/html
date
Mon, 05 Sep 2022 05:45:27 GMT
dropped-udsids
123|18|11|156|111|46|26|17
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdzFM%2FOQTYrydbDc%2BGcCxVlc%2BXfDyTLY%2BrhlMPQeDEpxKZtHs40I1ejvfPRSB5j3gnjNDT5EJ%2FT9pPm7n%2BomCeUaCL1ZbKRklUBOa3zZbzTb%2FuktbUJFadUK%2BvZTM6mK55ymlsW2LGn2yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
view
googleads4.g.doubleclick.net/pcs/ Frame 5B45 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvP2d7_2mqg7nhUgSdCN_hdnRoRVbZAVF3nG5oqrQ5lHfO_8S9bLf6VBZ49f52tbbb6JVSiRJB3avHoL7D3EUClFys_YCmmYYserSaCbrZGSWnhZsFytC6mChzzzyLyIrPwC11pS_iv87Ci9hOaqkj6DaL-qqo4MsQYqW_cM1efnTkwozrd0mZikfGyZ2BhbCwSQ8RS0RVrjn_N9zx1Rx2ojDHg9mXqo7-cTf4zln1RPJ6f16dq1tKPq0AhFmysJP2X9tKJh0znOlXCZhnE8R4qhSDMifctTz6QUXJ_ufk_RfbOgPo9k67ts0NKPwPh8KykmGAAcxPohwuc3IyxLu4mCSUbbemuIl2EGm-pwBt8VBn6Yx8br_jM6Y7JsTamkh9O6L5IwRHtJmO5HVDO6h_lihNkM8B0Txq44GswH5G8cuXvvpK2vV0G7ZKy1HPkgE8LnmQGxrZUM17NEAlTQOmtvakwMxumwM0caiw5wN1yrZLIDRv10irHNFIN24AMWJPbGwGl-TOBglgqhCFeBW_NHKT911kX5M8REr3WgS49YBT0dICO1fdLAAvnNeYPKwPqtPxZJLXxYMKN958lDR0IT4KI_yfd5qSsQ5SQcabcoy9rGq9jA-U10_oylHtOxIrvl5eTsOGwPD68CXmVPfwdjfKqi8T5_tno2cUgyPzByo-1RpXo6830E_H5xebRkOdN7XcQ4UGWEKmDxzleVS74s6kcS5DHxYRxx-fKLmMIxT-qjA_CPB0R7yp1fhqM1ykUgB5p5o-DIgwsP7jFEEf3-cVRsi7nIA8BTFiWzKq8BPsYCtOy1Ztwjn3BrDR7IIjoQc0SB7fsZ3pJqBoMRKZUj0fxygdMjFfU47QwmHl_iURfSl3ucjlrs0P3knn-FvIrmaSx1t_TWO8cFmIR901DON1INoVdnaFJDUmh89fJ8_iHgiV61K0WY41zfkUABDuVfpeJOP12eZCZ5PzCq-9U3vPL961r36u2HRKgj7BbEE5xJWzBC8wkzliBTsKzoJ3QzwecUwfs5IFjHj-gbvqQqppTIyBQra6oRNHZ_9y8HIvy04Wlesg0ZUG4Z_7blTFbLc4MBiR_4DUCa1piIwfJkUmeYN0b_AEecoRhqUAgbBg1SBpbj60CpPR9imw2-yac3u3I2aqu3n8LlzGD4XNWmx56Y13Of6wuEJ5D7SbUe_h39rRd36dGByzHNJJK-U8_45eTC3CpCW-N&sai=AMfl-YTD4jHBI65o1__SrPPkA85ndQgAWafYcZgaNgKY1nUQobpiLp6lGzOO34mGGmly-QIreu4FP_SK84LqCRKxWN4BLimFFVLq8cOhgwlcS-7JnKrCn69xXHIBSW3OlXNJ586zzxWxuskb987dQDHa1b2PeBBUXL7zyVetWpjzAjjiX4Sr5Hhn2M3SpYI65FbxtEGP9k9QO7QasoBOzt493x-ClHnoCjw&sig=Cg0ArKJSzN1qW_VHvht3EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2962&vt=11&dtpt=2335&dett=3&cstd=622&cisv=r20220831.16668&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 4E39 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvaAp_BGQAJwE2IEMXLWXZEWh0JjoYK1yOn2CQXcQX9f3RHYFicjvVmqs-rj8cS2ID-IWpkFVKLdN7_oHu8L2IIxI7-c-KxNJQweU9UCKO5Qms1_T01XNhita4iW0XlSGVRTnl2TCHa_EPjK12gD8lEnAhWAOe8gEXCTDwGzbWie6LYq6xW7oSNT3kKatTRkUA5UwF6vcWce65Xsvb9Kyq_soxNLfV7Qf-hnynyFfz095ddRlaPkQaeq6-ShUrLxLFUN2jaW1AmGhbjm-p4WZ1qxWxvLHdwNBOGGBNgVcTa9dMFUKiwVCGGhxPVIMEvu-LxggjaDPu80OxfnvTgOxADliL_HHivTtdzO-lZaJ8mgDXmzMisyWg4GsJCfKPqfnayL_PBB5dgMdNC5y3i018TP0JgG3nQqQCpW7bm9vCILDYl2NMDGXlmvgiZcN18E96gPSMbQ_z0LS9xUQu-2axF8Ut_8pvntXnF83n0Qv2ELRtK1PywwhTiuIYTmuz7KsUToDy7cNE4_LIqkKH137zCGN1gHUnUWuv5hEZQujFEcSObU_2rGXBQlit2dTEsRBIaYLlaNUII9XhzrxvAENbNIg6HFpnADl0Ib293GuRm-xdShntMjo-HebXDuXf4K9BzKmgWvSUcE1vjtTY8mdF2GeI8Q8mXYHw8eTSssvoxGB3GF8rrFRdUNjz3fXFBXFI4Cvn7laH90lzqMO417nOyXeZsV4oBcPgTFbzR-u6gtBRzTIVBvucSz9nBDCtLyAF95VXO4oXNjZyDsM5DiFNPO7n1X-vhZ1lvyKPydN0pTld1-WLTPjjwTXY2yTkrENToJJJKd4YwQAEpfFw5HbNhnjl6UxeCF_u1kVF9Qt2HBacO1Rd_WLN24XFVZVvmkZJwpwbfFOEiSRrQv2oqKvvP7ORWrtFtYXy21jgh-dQXNndJUA2OeWj5-NlR6jrwxCloIP912QbBSx1bLgiaPDFeoFUM3Im-fy5scFN4AIXAajMFikRzDl43leP1TknUo0YtrhDpSP4aK9ZhgNaNF37BDZUnEKjmfoL6Wz_NYUcrlCQJRQMnhXReuZhLU-iyH1xIK_G1I2_htq3HCdZ-QtS9oZxX-rtqXILwEwqfauKb2qf_nVzq5FhPKCU4AyT96pEKKCA4pQTbqFWTJ5Rjy-OU4pCF6zUg6RC7yDCx7LEbJxefJ_geTbU67MaMXRFaJXXlq0KwBigFR2zz&sai=AMfl-YRM69IR1-HX91GgsU4Jcx6f4BzHDLBOKblPpxqzVFMhOohrBh5hZ9gLlN8q56TS6FhKSwxekmY331yMHCbwkP4xZj33CwyOybgvw_XcQosWA1DG7jFmjnkGRj7VhWaS2jtirk9Fcg75Q6GbETSyihmIH8lUXnJ3Q5k-N9z1NL3lZGl3F1MorSzEe4bbRWI8psvvLFH-PUCfx3YtgtuDdWOqb4AyE0s&sig=Cg0ArKJSzAxS3c2jI6EdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2954&vt=11&dtpt=2297&dett=3&cstd=653&cisv=r20220831.92045&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-YFFX5TN9EH&gtm=2oe8v0&_p=587828710&cid=1280455543.1662356722&ul=en-us&sr=1600x1200&_eu=AC&_z=ccd.v9B&_s=2&sid=1662356721&sct=1&seg=0&dl=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dt=Grafis%20Kaisar%20Sambo%20dan%20Konsorsium%20303%20Diduga%20Disebar%20Internal%20Polri&en=read&ep.event_category=Article&ep.event_label=54c306e6-7a49-4dd1-8c3d-98f3987f902a%3A-%26id%3D1511004%26tag%3Dgrafis%20sambo%20judi-online%20polisi%20viva-nasional%26channel_id%3D5%26date_access_user%3D2022-09-05%2000%3A05%3A26&_et=14
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YFFX5TN9EH&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
s0.2mdn.net/sadbundle/12621424584994848768/ Frame 61D4 		478 B
304 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12621424584994848768/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5625d5bcd517d85dd87fa8cae8d149220802b7c1697bf5f8a9bb551de92cde7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 01:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273142
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 23:17:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 01:53:05 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 61D4 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 07:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 07:51:00 GMT
dynamicBuilder.min.js
s0.2mdn.net/creatives/assets/1951882/ Frame 61D4 		9 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1400
x-xss-protection
0
last-modified
Wed, 04 Apr 2018 17:00:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:52:00 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 61D4 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:45:27 GMT
logic.js
s0.2mdn.net/sadbundle/12621424584994848768/ Frame 61D4 		2 KB
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12621424584994848768/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b93375608ccdd64e2d47f13e20fe34c7eb801b4658b111d0fa173112340a2e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 01:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273142
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
813
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 23:17:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 01:53:05 GMT
async_usersync
ib.adnxs.com/ Frame 2F38 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:27 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
60ef99c7-76fe-448f-a544-9379b0b47d80
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 6F0E 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
ads
pubads.g.doubleclick.net/gampad/ Frame 30C8 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22703897216%2Ftsm7047%2Ftsm_mcm_video%2Ftsmvast100&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=616944681756150&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=4190038522&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=5A204C53-CB89-4762-B7F2-7B8D12EF5E98&nel=0&eid=44731965%2C44748969%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dlt=1662356724002&idt=2415&dt=1662356727255&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&cookie_enabled=1&scor=4128503880445487&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 8539 		28 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C11225321%2Ftsm%2Ftsm_mcm_video%2Ftsm_mcm_video_Viva&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2492627340773408&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2833661598&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=C8CC12FD-3A19-4F5B-9220-A98885B9AF3E&nel=0&eid=44750822%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dlt=1662356724011&idt=2479&dt=1662356727260&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=818001940185606&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
5bc9acac20a54832753ca4a2b42da4871293041cff4957fe7afba869d886e456
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6866
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9AC7 		89 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652786701%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=559684327427724&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3945014588&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=E7A28D80-EF95-4340-9073-4118C99D9D2B&nel=0&eid=44731965%2C44754420%2C44760950%2C44765701&dlt=1662356724017&idt=2608&dt=1662356727265&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=429583213578990&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
dd9da1f019b1a844a8f6fa3f4e716c6461cf7a501c3046251abf88b8388e9074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17937
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 43EB 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652786701%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_1&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&max_ad_duration=%5BAV_DURATION%5D&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2522143256920200&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2401421350&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=FE519EE1-2883-4465-96E3-CB97025265C4&nel=0&eid=44748969%2C44754420%2C44760950%2C44765701&dlt=1662356724022&idt=2716&dt=1662356727270&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&cookie_enabled=1&scor=3426394797525717&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7182 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22703897216%2Ftsm7047%2Ftsm_mcm_video%2Ftsmvast100&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3974731708030510&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=4d&ptt=20&adk=4068321354&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=240664E2-CF4F-457B-9C03-1CE1470408CC&nel=0&eid=44750822%2C44754420%2C44760950%2C44765701%2C44771872&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dlt=1662356724027&idt=2053&dt=1662356727275&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=2796019416907459&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 566C 		28 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C11225321%2Ftsm%2Ftsm_mcm_video%2Ftsm_mcm_video_Viva&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3052267995463791&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=87870059&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=1942A651-9A20-4DE3-B888-CB42C6D0323B&nel=0&eid=44750822%2C44754420%2C44760950%2C44765701%2C44771874&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dlt=1662356724032&idt=2537&dt=1662356727279&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=2862840365661961&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
320e31a989e5b8143e92eff681675cd2c6d0d66299f987baa9f73e0ed8f84005
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6835
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.viva.co.id
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.viva.co.id
access-control-max-age
600
age
0
content-length
0
date
Mon, 05 Sep 2022 05:45:27 GMT
server
ATS/9.1.10.25
cygnus
htlb.casalemedia.com/ Frame 4CD7 		36 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=740252&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22152f728458df38%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri%22%2C%22page%22%3A%22https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.1-c%22%2C%22userIds%22%3A%5B%22criteoId%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222535f8fd17dc7f%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22740252%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F84772874%2FPL_HB%23gpt-passback%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22selectmedia.asia%22%2C%22sid%22%3A%2259c90be728a061224b14efc8%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2293e1ff8e-9c33-42d6-bbc9-5ec3a221b074%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/461765/hb_310028_7816.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25076b5943f63b46a556aff0e2f3d8881b24209facc868883bdc80e4dc61f5a

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qe5cdG2nWCPuP9NnhkJe3kLRuDVZFJKfXlagqbXDJcUmf3Bi1xtBQWfPwTOwwO%2FaQR8Sg7dnyNXsyCowMjhgXHLtsXnivv%2B4yRnZLFPbGU2yMlSBUQ6NHmqipSop5pZ8EKyL0FiH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
745ca8a9992991f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4CD7 		288 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20598&site_id=351580&zone_id=1869654&size_id=15&gdpr=0&rp_schain=1.0,1!selectmedia.asia,59c90be728a061224b14efc8,1,,,&eid_criteo.com=gzp9tV9TRnJUWnZaNjJjVCUyRlc0JTJGajU3NUJDQmJlWGJrekVQMFZkMzgzdSUyQnhGQ281T2lrY05qeHhuamlBdzVyNEJGbGl6QTklMkJlQmlTcjVVOEFyajMwQk1TTEZBJTNEJTNE%5E1&eid_pubcid.org=93e1ff8e-9c33-42d6-bbc9-5ec3a221b074%5E1&rf=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tg_i.pbadslot=%2F84772874%2FPL_HB%23gpt-passback&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=b307d92e-d6f2-4ae1-8083-e3274cc9d184&l_pb_bid_id=4f0820ac9ba2d1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F84772874%2FPL_HB%23gpt-passback&slots=1&rand=0.22896517792910265
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/461765/hb_310028_7816.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9a28b42360dd1fa1bfc787ce334573f4a9315a6b81396d0aeca4797e6c21d7a4

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:27 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.viva.co.id
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
288
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ Frame 4CD7 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/461765/hb_310028_7816.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.viva.co.id
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
auction
tlx.3lift.com/header/ Frame 4CD7 		19 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.25.1-c&referrer=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tmax=2000&gdpr=false
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/461765/hb_310028_7816.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.153.97 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
accept-ch
sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
select-d.openx.net/w/1.0/ Frame 4CD7 		173 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://select-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b307d92e-d6f2-4ae1-8083-e3274cc9d184&nocache=1662356727294&gdpr=0&criteoid=gzp9tV9TRnJUWnZaNjJjVCUyRlc0JTJGajU3NUJDQmJlWGJrekVQMFZkMzgzdSUyQnhGQ281T2lrY05qeHhuamlBdzVyNEJGbGl6QTklMkJlQmlTcjVVOEFyajMwQk1TTEZBJTNEJTNE&pubcid=93e1ff8e-9c33-42d6-bbc9-5ec3a221b074&schain=1.0%2C1!selectmedia.asia%2C59c90be728a061224b14efc8%2C1%2C%2C%2C&aus=300x250&divids=gpt-passback&aucs=%252F84772874%252FPL_HB%2523gpt-passback&auid=541148923
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/461765/hb_310028_7816.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7731964853ddf7af5d71c9ee41593f8cdd7ce45142cf18457d3653883b716b1d

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.viva.co.id
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 4CD7 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/461765/hb_310028_7816.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.viva.co.id
date
Mon, 05 Sep 2022 05:45:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ Frame 4CD7 		66 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/461765/hb_310028_7816.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash
6dd6e767ca27fdd8f918d46e7ae346081d388900b4a784f0f3a2cdbb950f442c

Request headers

Referer
https://www.viva.co.id/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.viva.co.id
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/ Frame 4CD7 		19 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/461765/hb_310028_7816.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:27 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
73907302-c835-406d-8acf-cb330788dcf7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.viva.co.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7D9A 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652786701%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_1&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&max_ad_duration=%5BAV_DURATION%5D&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2484265084999923&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2364559228&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=B1FC9439-9C9F-4ED9-9DDF-78FDB5CE55DD&nel=0&eid=44754420%2C44760950%2C44765701&dlt=1662356724042&idt=2007&dt=1662356727301&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=2781780734032762&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 957D 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22703897216%2Ftsm7047%2Ftsm_mcm_video%2Ftsmvast100&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3519386977972617&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=502217293&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=E6A28BA4-29B4-4917-A146-4B143BA549A8&nel=0&eid=44750824%2C44754420%2C44760950%2C44765701%2C44771693&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dlt=1662356724048&idt=2022&dt=1662356727304&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=1269375916369400&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1B4F 		28 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C11225321%2Ftsm%2Ftsm_mcm_video%2Ftsm_mcm_video_Viva&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1070795653057526&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3652503878&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=3C668A37-3965-4C17-BEEF-E5B7390DF373&nel=0&eid=44754420%2C44760950%2C44765701%2C44770822&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dlt=1662356724060&idt=1974&dt=1662356727309&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=1976294962998117&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
5e037112f3b40b94be7411c637317b1c443f696d78dd18b7d85ca5f325a53a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6866
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A20F 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652786701%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3532802022949050&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=1486982297&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=C45C3409-A1E1-4E91-AF43-FFE1F220C8A8&nel=0&eid=44754420%2C44760950%2C44765701&dlt=1662356724068&idt=1917&dt=1662356727314&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=3701084728345410&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame F90F 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652786701%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_1&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&max_ad_duration=%5BAV_DURATION%5D&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=945070443486379&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3773976752&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=C9192CA6-E244-46F3-8FA6-481BFE3F2358&nel=0&eid=44754420%2C44760950%2C44765701%2C44770964&dlt=1662356724073&idt=2645&dt=1662356727317&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=3239201407723305&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E92E 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22703897216%2Ftsm7047%2Ftsm_mcm_video%2Ftsmvast100&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1582646242445156&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=193303892&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=AD4C5DDA-4248-43FE-8AAA-027D69CE1330&nel=0&eid=44750822%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dlt=1662356724086&idt=1974&dt=1662356727322&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=1186206526695482&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 82FF 		28 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C11225321%2Ftsm%2Ftsm_mcm_video%2Ftsm_mcm_video_Viva&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=858861193089310&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=939706697&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=886C62C3-36F9-4E26-82E1-AEA7E99667E9&nel=0&eid=44733246%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dlt=1662356724098&idt=2589&dt=1662356727326&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=2107623502227345&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
f84458950ea6c2de7af2c342ea230b5dc258fe0e26e4dab37a897398ff851d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6828
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 8F0A 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652786701%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3782396350375085&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=846251930&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=EE9FAC86-EA23-4543-B916-296E2E734862&nel=0&eid=44750824%2C44754420%2C44760950%2C44765701&dlt=1662356724113&idt=2583&dt=1662356727329&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=2865475034610047&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 93E4 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652786701%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_1&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&max_ad_duration=%5BAV_DURATION%5D&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=228669782016490&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=4082503878&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=A5E3DD05-B75D-4E64-A45E-F4BDEF4F1D31&nel=0&eid=44725355%2C44754420%2C44760950%2C44765701&dlt=1662356724119&idt=2559&dt=1662356727333&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=238031383119139&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 59F9 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22703897216%2Ftsm7047%2Ftsm_mcm_video%2Ftsmvast100&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4162844239758493&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=1816041663&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=E94B7FD6-2A5E-4C26-8D19-31B44F3C9BDB&nel=0&eid=44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dlt=1662356724125&idt=2581&dt=1662356727336&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=703011962841441&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame F0D4 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652786701%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2201514667019859&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=1472897467&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=499A688D-B8DC-445E-AA43-C468098F2FED&nel=0&eid=44748968%2C44754420%2C44760950%2C44765701&dlt=1662356724139&idt=2587&dt=1662356727339&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=3771238730600121&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 70E5 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652786701%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_1&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&max_ad_duration=%5BAV_DURATION%5D&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2984397347647944&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=1373879168&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=611E5BD6-E73F-4E37-9C54-C8BBC992A87E&nel=0&eid=44733246%2C44754420%2C44760950%2C44765701&dlt=1662356724145&idt=2601&dt=1662356727343&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=1536799021163413&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1FE5 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652786701%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=448x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=999321875530503&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=961248209&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=B8F3C346-C3F0-4F26-B7DD-DE017F3DE731&nel=0&eid=44754420%2C44760950%2C44765701&dt=1662356727348&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=3804198430850113&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9E04 		156 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C11225321%2Ftsm%2Ftsm_mcm_video%2Ftsm_mcm_video_Viva&description_url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1780786318535658&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=78329521&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=E8AEEA20-B645-4CAD-84A2-BAFEF565888B&nel=0&eid=44731965%2C44752657%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dt=1662356727366&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&scor=1580196263067697&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame 9D84 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 20:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 20:17:39 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A4F4 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9262e32a854a52155e7bf3839fb5865de22d81626cab0c9d20d67fa8a33c4b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5477
x-xss-protection
0
blank.png_1621953238939_blank.png
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame A4F4 		95 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/blank.png_1621953238939_blank.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=Z3RElsA5jW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 19:02:10 GMT
x-content-type-options
nosniff
age
470597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Tue, 25 May 2021 14:34:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 19:02:10 GMT
DCO_Residential_Logo_Banner_160x600_1.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_1.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame A4F4 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_Logo_Banner_160x600_1.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eaa42281405f5da03843017f62d03ee78fc54aa734ff7082ffecf35c9a230d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=Z3RElsA5jW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 00:53:00 GMT
x-content-type-options
nosniff
age
276747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 14:05:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Sep 2023 00:53:00 GMT
DCO_Residential_Logo_Banner_160x600_2.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_2.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame A4F4 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_Logo_Banner_160x600_2.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c0eff8375792367f93cef4022137c313020f96e68ced9986bff0015f1b94600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=Z3RElsA5jW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 00:53:00 GMT
x-content-type-options
nosniff
age
276747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22783
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 14:05:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Sep 2023 00:53:00 GMT
DCO_Residential_Logo_Banner_160x600_3.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_3.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame A4F4 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_Logo_Banner_160x600_3.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_3.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
670baefbdd5ee72db3d7385842cc19dcaa0a2c3766f476f1b63f81f21f0f551c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=Z3RElsA5jW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 00:53:00 GMT
x-content-type-options
nosniff
age
276747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20069
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 14:05:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Sep 2023 00:53:00 GMT
DCO_Residential_Logo_Banner_160x600_4.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_4.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame A4F4 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_Logo_Banner_160x600_4.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_4.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3523bff0d7c1443bf24ceb65d223d1f5e6735aba4f286f86085c8632a9178282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=Z3RElsA5jW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 00:53:00 GMT
x-content-type-options
nosniff
age
276747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26664
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 14:05:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Sep 2023 00:53:00 GMT
blank.png_1621953238939_blank.png
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame D1A2 		95 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/blank.png_1621953238939_blank.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 19:02:10 GMT
x-content-type-options
nosniff
age
470597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Tue, 25 May 2021 14:34:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 19:02:10 GMT
DCO_Residential_Logo_Banner_160x600_1.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_1.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame D1A2 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_Logo_Banner_160x600_1.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eaa42281405f5da03843017f62d03ee78fc54aa734ff7082ffecf35c9a230d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 00:53:00 GMT
x-content-type-options
nosniff
age
276747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 14:05:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Sep 2023 00:53:00 GMT
DCO_Residential_Logo_Banner_160x600_2.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_2.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame D1A2 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_Logo_Banner_160x600_2.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c0eff8375792367f93cef4022137c313020f96e68ced9986bff0015f1b94600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 00:53:00 GMT
x-content-type-options
nosniff
age
276747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22783
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 14:05:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Sep 2023 00:53:00 GMT
DCO_Residential_Logo_Banner_160x600_3.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_3.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame D1A2 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_Logo_Banner_160x600_3.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
670baefbdd5ee72db3d7385842cc19dcaa0a2c3766f476f1b63f81f21f0f551c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 00:53:00 GMT
x-content-type-options
nosniff
age
276747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20069
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 14:05:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Sep 2023 00:53:00 GMT
DCO_Residential_Logo_Banner_160x600_4.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_4.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame D1A2 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_Logo_Banner_160x600_4.jpg_1657634712837_DCO_Residential_Logo_Banner_160x600_4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3523bff0d7c1443bf24ceb65d223d1f5e6735aba4f286f86085c8632a9178282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zrsL1q0niR&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 00:53:00 GMT
x-content-type-options
nosniff
age
276747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26664
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 14:05:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Sep 2023 00:53:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D1A2 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fcb01f0f898e7dc699753bef777952f58000d241c5437454a193875e045ad3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5513
x-xss-protection
0
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame F6D6 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 20:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 20:17:39 GMT
getuid
secure.adnxs.com/ Frame 478E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
YxWM8lxjmMCJg8zGRvlwPgAABJAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 478E 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YxWM8lxjmMCJg8zGRvlwPgAABJAAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:2390:b34:10a7:b503 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
sync
ups.analytics.yahoo.com/ups/55940/ Frame 478E 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YxWM8lxjmMCJg8zGRvlwPgAABJAAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 478E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YxWM9wAE3cmuEABN
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxWM9wAE3cmuEABN&gdpr=1&_test=YxWM9wAE3cmuEABN
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxWM9wAE3cmuEABN&gdpr=1&_test=YxWM9wAE3cmuEABN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8abcab09963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1JldHYoZQMC1togwqhd557u6wZGR3zifebSJQeyxT5UptKSDd7VQwl4kjJPoH8nimC%2BSTHWB9GeQoXeqK%2FjMdbrkCsICNFn4YRD45OVoBhoauPO%2FN3ZY4%2BOrbn%2FNsYKy1EnEwp0uXsUtw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1662356728.626232,VS0,VE0
x-served-by
cache-hhn4020-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxWM9wAE3cmuEABN&gdpr=1&_test=YxWM9wAE3cmuEABN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 478E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b4c16315-8cf7-4100-92d6-36d537d6f31d&gdpr=1&gdpr_consent=
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b4c16315-8cf7-4100-92d6-36d537d6f31d&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8aaf9b59963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSL8df%2BGOoS3j3QD5rfdvBQXeXcGJGzTogNUUXF1OHoYBY%2Ffw%2BVgkWmpP9zqBrEt%2FWXWxyRxxUDpCfx6OMw1fZX0TjVZ8s6Y175UKWLOvoGF%2FuXK4q6gsF5hYoSKkz4pAsLMmxOZcsujVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 05 Sep 2022 05:45:27 GMT
Server
MT3 4505 5b23575 master zrh-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b4c16315-8cf7-4100-92d6-36d537d6f31d&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 05 Sep 2022 05:45:26 GMT
rum
dsum-sec.casalemedia.com/ Frame 478E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3887197713175716820
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3887197713175716820
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8ab3a139963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDuLnbdB%2FnuQum7R3D7jgCbw9Kxzso3VCSv6mA9B%2FWk31HYBiOk80vAmLslZG4t%2FWxtttlIuHkfmprH4YjFQNY3Ns5PF0TCdHGsnxHdX9Ru1gzww0VaqvfJEMHseuLSTjoZWjwc70pyXGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3887197713175716820
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=23728&dpuuid=YxWM8lxjmMCJg8zGRvlwPgAA%261168
dpm.demdex.net/ Frame 478E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YxWM8lxjmMCJg8zGRvlwPgAA%261168?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.247.235 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 478E
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8ab3a169963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zA73ubwoKn624jY22mPszPRVPgw%2BqZylzYAOfIc0NvyHp%2FNidg9EpzQVvV8g0qh8axqQ1cg9XQz1G2lXBtidorbnrp41L5wOFdN5XHYNE4hwE7Q9haRKOctQDTYPRzOC1Moi%2F831FUMRUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 05 Sep 2022 05:45:27 GMT
server
nginx/1.20.0
content-length
76
htw-pixel.gif
cdn.indexww.com/ht/ Frame 478E 		43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YxWM8lxjmMCJg8zGRvlwPgAA%261168
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8aa6969bc01-FRA
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
80
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 05 Sep 2022 09:45:27 GMT
crum
dsum-sec.casalemedia.com/ Frame 47EE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABCDE7GKxoAAA_jUnLoiQ&expiration=1663566327&gdpr=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABCDE7GKxoAAA_jUnLoiQ&expiration=1663566327&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8ab9a779963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Km2B3UksGT8w6ttVRsHPJeMzo7fpA7wOuJPdQv1lVw%2F5Hl9Rsl%2FVHg4I%2FGtAHeEwDdc6TVt31uHmSe2swiQl%2FEFUR1qg33cvFbz6%2BvhmyZa4Dq9X2o%2FW%2BLANndSxObhoI2k8nSD9C1THXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABCDE7GKxoAAA_jUnLoiQ&expiration=1663566327&gdpr=1
Date
Mon, 05 Sep 2022 05:45:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
match
c1.adform.net/serving/cookie/ Frame 47EE 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
no_match_opted_out
um.simpli.fi/ Frame 47EE
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
169.50.137.190 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 05 Sep 2022 05:45:27 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Mon, 05 Sep 2022 05:45:27 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 04 Sep 2022 05:45:27 GMT
rum
dsum-sec.casalemedia.com/ Frame 47EE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=t0kszrkZe8ysTSzIsx8wmeBOLcysSXjI5Rm1edB6
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=t0kszrkZe8ysTSzIsx8wmeBOLcysSXjI5Rm1edB6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8aaf9b09963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H34YCCookTFI9SdGTjd%2Bw1eB%2FsL8xv1fHcRUgqxSqQUXRDs4WXTr1D6aH7lCff6v61ig5gmBhhW8NfjiS0%2BAb0Jkmipv5OzRB7BmSrhFURNQbNsi96Ofn9f326Px9gYGefdJeuuheo7F3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=t0kszrkZe8ysTSzIsx8wmeBOLcysSXjI5Rm1edB6
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 47EE
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b18d254b-3517-4cda-94cf-f3f64a19e674
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b18d254b-3517-4cda-94cf-f3f64a19e674
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8accbad9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciPyr3bnNAhOaASXl2KXRNqbt2736KWJIvWYevah3gO26zdX6i496AStm6p5vmXv4Qd%2FbSIMW349ZWwDInt5MnbgPUaOM9mUfv4LFO%2BYyhZEBMhhd7oFzmIjyeswk7%2Bwk0AOq%2F0Wmtb6mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b18d254b-3517-4cda-94cf-f3f64a19e674
date
Mon, 05 Sep 2022 05:45:27 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 47EE
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8ab3a189963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtioBwh0tZvo9myJvwZ3lpTFQDP23IkDyelCodCNraQuQy5HyQKmcZWACi7qpPAvB%2F2JpXbjZbtcsNYL0Z%2FU1gNlZh7lpSzLIdVKpCrgCJiSwQOSPPqSBPLt2svEz%2BodqX70paF7M81Jvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 05 Sep 2022 05:45:27 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame 47EE
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=690589593266
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=690589593266
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8aaf9ba9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMnd52LyPtTLi5tLwomSo8S0ZpzLEI0DJLw%2FMagj7%2BFVO%2FPh4IkURoy7r38LnmfFlBzM0mlBl4BwIIXL9iPPUzqYjyK7P0VY3BwkWlzXCY6rl4KzPC6vhrooXv4lQVBOxKcVbPfmLGaIeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=690589593266
crum
dsum-sec.casalemedia.com/ Frame 47EE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1a376315-8cf7-4200-95b2-1cf7ced03313&gdpr=1&gdpr_consent=
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1a376315-8cf7-4200-95b2-1cf7ced03313&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8aaf9b49963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSVtcn9wFFVDJfm%2BteShLPmIwLutIyJyWtLGvS9Db2FrOGzzK%2BO5fZ0osGwlQkDbZNk8DYvftl%2BOIqUnBLeV%2Bo2y%2Ba8O3Az8bC9HOb1Uf02CVJm02psdo7TyqnOkA8X8naHNTAwu4sqgZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 05 Sep 2022 05:45:27 GMT
Server
MT3 4505 5b23575 master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1a376315-8cf7-4200-95b2-1cf7ced03313&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 05 Sep 2022 05:45:26 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 47EE 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YxWM8lxjmMCJg8zGRvlwPgAA%261168
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8aa696cbc01-FRA
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
80
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 05 Sep 2022 09:45:27 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame A36C 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
bridge
cm.adgrx.com/ Frame A36C 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:27 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-6
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
113
match.deepintent.com/usersync/ Frame A36C 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:26 GMT
content-length
0
server
c
crum
dsum-sec.casalemedia.com/ Frame A36C
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336719765595182
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336719765595182
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8acab7e9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QklWACVCX0uDAII9dRV5m%2Bv1l22rULsTWe4atACBxuq88XC5ZqePEz8CtAQ290ORqcBwFLg9jDXmZtKvlAp92Yq7LSYA9j9bDFWcZKnE7Tn4rXuZ25aEaciypZ%2BM2GsTGOvgxmWjRBjrzA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336719765595182
Date
Mon, 05 Sep 2022 05:45:27 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame A36C
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d4edd76c-295f-47e8-88a7-030fcd27146b&us_privacy=null&gdpr_consent=null&gdpr=1
43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d4edd76c-295f-47e8-88a7-030fcd27146b&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dsY9X%2BTjYgLFdgtF6jdEFg1Qxwq7cbFUtdiVwqBBrUMrNDA4cBPGZ8ZELTOlnecLLm9bkj65xKX53dxCMuK2zqtGtfSVBixBwM4fUXCpJpgRdNL5BrxyAEuzQuTSMIwMpRIGvQ0s6vvVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
745ca8aaf9bb9963-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d4edd76c-295f-47e8-88a7-030fcd27146b&us_privacy=null&gdpr_consent=null&gdpr=1
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
745ca8aaa9be924d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
no_match_opted_out
um.simpli.fi/ Frame A36C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
169.50.137.190 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 05 Sep 2022 05:45:27 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Mon, 05 Sep 2022 05:45:27 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 04 Sep 2022 05:45:27 GMT
crum
dsum-sec.casalemedia.com/ Frame A36C
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8ab3a199963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpNzKX4tEqY%2Fz5ApuG0g5vJa06zdiMOcyzS5aK3RYgjyM53Mx9OevPF62c%2FuFSragtF7EfqDqYhHIKjAQV%2BempWAZhsJ38o5xRqWZwKRy%2FoDx5abQ06gg9oYMy1%2FwDsKiHRZ%2BQswurGxOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 05 Sep 2022 05:45:27 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame A36C
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8ab09d59963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwmMM9IcpANw38aaQTlFCWwLpyLtCe5%2BTfRz6SwFXNa7bmySD9fEjQhTM70qlKknD8%2Fdu0edlEYlXBRSgnQRTqEG5XDKpn6WQZt09uPvlah7dbZKfniyf0FggAQceFoOVARmp5DtdyVl9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Mon, 05 Sep 2022 05:45:27 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
htw-pixel.gif
cdn.indexww.com/ht/ Frame A36C 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YxWM8lxjmMCJg8zGRvlwPgAA%261168
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8aa696dbc01-FRA
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
80
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 05 Sep 2022 09:45:27 GMT
sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame D1A2 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:44:17 GMT
x-content-type-options
nosniff
age
70
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27952
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 12:38:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:59:17 GMT
sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame A4F4 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8828632559684167007/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:44:17 GMT
x-content-type-options
nosniff
age
70
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27952
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 12:38:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:59:17 GMT
rum
dsum-sec.casalemedia.com/ Frame 2766
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=pe71HFivSztwk59SnT35abnVm6k
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=pe71HFivSztwk59SnT35abnVm6k
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8adacae9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3sLLJX7xI12buGmhiRCDRqsjSPZ%2FhYRiVPjCD5PjPBpmZA5YLotMnkydZNsAiivx1eKfDzVo6vB2jDZvQt4%2FWP9JmOOum0FT%2FP3ILz1szawd6R6RLCtDIbhPkLApmxcA7nL4srSlthYcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=pe71HFivSztwk59SnT35abnVm6k
Date
Mon, 05 Sep 2022 05:45:27 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 2766
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1677995127&external_user_id=f4d7777e-bd42-488b-a55a-a4dd8251c927
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1677995127&external_user_id=f4d7777e-bd42-488b-a55a-a4dd8251c927
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8abba979963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Zjgpr38Q2K0I0xg%2FvlHz25xjo6QNYX%2F7Kb%2B8gIjLQ6xMbjxO1qDZdQq099aYQKel5%2BqmtvwC9Gx1RAjmMzNePwwk5l%2Fi87fFAgngXr3DPFkih9p%2BSH1jTEKj2KxD75NGY5fcBooyexhgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 05 Sep 2022 05:45:27 GMT
via
1.1 google
access-control-allow-origin
*.casalemedia.com
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1677995127&external_user_id=f4d7777e-bd42-488b-a55a-a4dd8251c927
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 2766
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a3bf30f7-9ccc-487d-b257-7710c2c2f225
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a3bf30f7-9ccc-487d-b257-7710c2c2f225
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8ab3a1a9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FkypDLVSlaUlZ8FQ65saHfunjVQU2T%2BsNU8Q%2FhP8xOewHsRHI0LB2svHa3sky%2B%2F5ty5llg0XeIsLB1X0lTAjjEnJD91VuGYf%2FD%2BPTcvZENCk3odbyeYlbHLloVuqOroYZFbBmxzop4xuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a3bf30f7-9ccc-487d-b257-7710c2c2f225
date
Mon, 05 Sep 2022 05:45:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
cookiesync
bttrack.com/pixel/ Frame 2766 		35 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-servername
Track004-iad
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:12 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control
private,no-cache
content-type
image/gif
content-length
35
expires
-1
match
c1.adform.net/serving/cookie/ Frame 2766 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
getuid
secure.adnxs.com/ Frame 2766 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 2766 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YxWM8lxjmMCJg8zGRvlwPgAA%261168
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13769
crum
dsum-sec.casalemedia.com/ Frame 2766
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8ad2c2e9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLFXTUJNSs5PbmA21RWRCi4n0rjoZw5sgsAsx1Of6ftL8DCR%2FFjt1dqXI0Dc9EfNuYpPP1C3jH6TWDpvYQW3PtXWacHrdRHZAtdBHaeap7CnF05X70Xzn2O65Wq9ff62MPN7iSSeegdTzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame 2766 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YxWM8lxjmMCJg8zGRvlwPgAA%261168
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8aa89a3bc01-FRA
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
80
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 05 Sep 2022 09:45:27 GMT
rum
dsum-sec.casalemedia.com/ Frame 5B24
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=SYN6hI5MTppGFVhz-49iS7nVm6k
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=SYN6hI5MTppGFVhz-49iS7nVm6k
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8adacab9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFKP4WHsQEM78MbmDv3l7fHJAwMHVtKztQ1XjhEah%2BwXc9h%2FNv2bYreLclQChk82TeQwFtR6gaWq1JekrBAHago0MZ7vktl7qxv63uq%2B9NbVVwlUB8iaIGkbqbEdhfkK%2BfPYXH7Ec6i3Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=SYN6hI5MTppGFVhz-49iS7nVm6k
Date
Mon, 05 Sep 2022 05:45:27 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
cookiesync
bttrack.com/pixel/ Frame 5B24 		35 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-servername
Track004-iad
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:12 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control
private,no-cache
content-type
image/gif
content-length
35
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 5B24
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1677995127&external_user_id=fe646823-ea61-4517-ad64-189d0928064f
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1677995127&external_user_id=fe646823-ea61-4517-ad64-189d0928064f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8abba9a9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YagIJ1MKdB96MbqNHPRy6A2xQDb9ahTqZROxMRFpodNypc7PaOHu6kBT%2B1A5utffSrtJf1zKR11%2FcNdWPICCYajZCwGm%2BAKYsCPRdACsRydgVBH2FXqr8BBLaV3Iu7C9KNTQWF1J2BvssA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 05 Sep 2022 05:45:27 GMT
via
1.1 google
access-control-allow-origin
*.casalemedia.com
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1677995127&external_user_id=fe646823-ea61-4517-ad64-189d0928064f
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 5B24
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2eed7fcc-b581-4f3b-b24a-765a48fdf50e
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2eed7fcc-b581-4f3b-b24a-765a48fdf50e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8ab3a1b9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWjY2L4yEK8lhwDqSiBxchQNVpN53s5gLHITafnUYzXGq2bPlRT00QKAN587EgqfaogktE5EPlu%2FPmBqfrQZ1d7Kylcn8vhSsZcw1f54M7UPdqXIWBEbFEZTL%2FpQ%2F3HII9seJo3M%2F1RX8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2eed7fcc-b581-4f3b-b24a-765a48fdf50e
date
Mon, 05 Sep 2022 05:45:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
getuid
secure.adnxs.com/ Frame 5B24 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame 5B24 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YxWM8lxjmMCJg8zGRvlwPgAABJAAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 5B24
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1864f020-10f9-4bbb-80ca-303c06ab0620
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1864f020-10f9-4bbb-80ca-303c06ab0620
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8adacaf9963-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWROWFKaAevNb3ENBoiFb0o%2B57gnkfM4BxKjPK1Iba7hWhPNHArjSYkFDqXfYDCnO2hRDyHt6ywuWK4GhSvGRqMNjgeQM1fk0p4wCbIfJX0yTSQ8r0cTXzAUj%2FD1%2BmQ78Xg2AdwtEICSuw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:27 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1864f020-10f9-4bbb-80ca-303c06ab0620
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 5B24 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5B24 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YxWM8lxjmMCJg8zGRvlwPgAA%261168
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
745ca8aa89a6bc01-FRA
date
Mon, 05 Sep 2022 05:45:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
80
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 05 Sep 2022 09:45:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022083101&jk=2520529319726392&bg=!3N-l35vNAAZTikH4c4o7ACkAdvg8WlpknDJG0DfiQ7Zw7eiQGd8x5zMLvlyHG6ebOQOY5glaQ08wfAIAAAlBUgAAAAVoAQcKAEs0KDNCI_knudFmQhncY2ex0dgGAtU60SHbRmrWB_R3KalFBBeCiJ3CVozi4hISIaXx15VBuxlold45jILFXJm2aEZeM0p8KH1PrtKZAq_mNeKV9tOHWiB7spbijiHO0bKCl0bQS9EwECPflhgzw1rMjmG-4BUupmvGhju2zVVEBdJqxtpg1Iz9mzYrikF1gH5H4NHXVwy3lCPr4emevj3xqKeXKlfY2wORPn-3TIisvfTcYLq6DbIYYWNQaJdZWqBSVArDf4aqWCkAmUWcTHkEQ3uT4qExO1tBOvV1FfknCRr-665K89kzzm1o-HJ6lOhs9LTmujsIknKmU7_k4xIdA7Tgj5q-3hdNyJtU0qtb1Y5U8dZqzIWHQgrMQ1xW0bZvg1nN4f2F50vfExvQLK7nNus7cJZGom5jZKPx0lW5yjTk8yd0BYLzq2wa-LW0eHeBlHUWPWiLa-uBFcOLH2BFzFaYlWzM0Tqifj7LKpphe-nyOxf4GrUWpEQI8n4F61zxxIK1XzWKKyh32RErDy-At0nbdJZCsWy9lzI3qdOnxQaMuwc8olHtQPYtwJcmeWGK3k7p_vwFC-eAAxEoSGK4hPVd_7AUSZ5x1m9c_Hb5ZesrCY5nCQsV1AEmq0j7Oba4mBUBXpDB8-sTP9V-wQqAoBvbUrp3CZAETNB8apNRsah310m8Oah7Z9bKDX21srM2kadMHBgzXb0hRlQ84U42dQhEuzqZHAzvccfpzJ7rhQww7m_F-wEfpz-JTufDqTgI2XurXsXEWJXAKh9Arb-yNslKAHJYdwHdCD6eHdcHr7ppJmI49oIUPM-dyrZIE1xnAx4-lwwdY4omAXK7coGWGuABsX02YtWYlb5Ves2ezwaj_nUjwa_G--lUpcSTt0TWCDV3LcwHGj0Gq5sRgGbOHbyYzWouUvgLcKaM7NazBoNaqj3tOe6gD5xdGyUlbTtPRaZ7u-eJDJNdkYKQCdZB3-WmxzpwCxFViRUDLqpbgGcsY8m0Xri5a1mN2Eo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A4F4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 05:45:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D1A2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 05:45:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DAA2 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQmL-zsUkChGhfnuHnOxqRRXaUDmB6nVGzeE7yPyXpduCbHxjQWmFRVo4m5hc0jMSWe3qv0i8TLbVlekA_stASkzvnt9oxZECQS0uP3VMWAJYMNRdiWJCcy-_OrMcGgSfSs_n4L8dHB_9w&sai=AMfl-YTpSPDYAy55PtWhK2qONmf7-my1V_BxVjPSBzxvgJIaR8a2zeEEPNgbl9BgE4nZcdLXn_CKzN1t8Q4QfI8RIroRqzexuX0bAIqEBpzWZ3El7Feo6HtS8O4Z_NOthqk&sig=Cg0ArKJSzBrF1O7n3rNrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2326&vt=11&dtpt=831&dett=3&cstd=1491&cisv=r20220831.69769&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
3420617482965967297.json
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		19 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3543456/3420617482965967297.json
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12621424584994848768/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9146ecda0c1966e3907f45029c682fc1c5f5a32fef081ac28e7072ce2282e02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6319
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 09:51:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:48:20 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 61D4 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84258840e9f2f4f0217c93a7f6ded052fae9c6f415744931b41ff518b57365e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5570
x-xss-protection
0
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame A0BC 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 20:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 20:17:39 GMT
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame 6D35 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 20:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 20:17:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE85 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BH06w84wVY9OTMKvHx_APqqGwuA0AAAAAOAHgBAI&bg=!WlmlWR3NAAZTikH4c4o7ACkAdvg8Wg80GZMlXHTKMs2VeKJUuDOjmIz3x89Z7X3t7RTRD4Yn09j8TQIAAAFfUgAAAANoAQcKAIshKGhhCnRdau_IElJ6z1p4qNyLfu5ADjR68X95QNWKTlQsE9vfS6d1Svc5Nde-5eg8Tj-fAjMy6VWUhvVPvzZ5sKOasjFOC-vnVCDK5nd17jCfYWpy8wuSihc7hWno2Mwf7Tiqss51hJ1C7QBk9pX9D4BqREMFaYhGiZlXhHYCGxONdpcqNbBSClLEmQLlslPfF3BrlS8UxTCEGgVVgo3GycfSMZq0dZHv-EvUccUriS0OdphnkPKwqOQAkxVyGjvMirKePOMk36DlG8Z88QVwNbJGXCa9XaqzFqsoX6EsQCrRtopQMtQ4fCFCea8GN5bnqnZb-pSO0JsTqtwX-EwL8ceY4vmsgM09mndWeGm5uB-YWMIRlUWvXjA2bpt_xSTthcZMx-24a-xLn7YSn_M0YGCupLKrbWLJWZu_rJZfUwIE-wQF1zOlrahWEsmHYuW7WBLGXAFqwZUKD9-Q0njbllxNR2P5DDu8ENDMXRvHhQP88iVVf2SsnPEnatZqmP5thFj9SV4HP7PXQQ956nNzCkuFXpyOelIHd2A-wpy4S8giJDux0SSppuJFxNSMvPfrCgodk2Ey2HiewSJuWT2CRcQezPJGHV8I1RgNhTH89g6Z8O-Utl8Lyte5jZRRVO5lbu1VAqScs7f_5IVqGbgcb0fqyj7tkRVO9jaCxHuFsgUbqkrcweuiVDf7vHw25pLy-Ph8v_nMA0OGW60NC3seR9j6x_5noNdZ98UUoiofLTFYu4kShSMOUGqXg5lxSujaSLbbHNSSJFG-z8BKGX2MbhCjmrRNF25dPPiKI8EeZl0r4qNaCosTidKz4DIuiw4MJ4febJUKjKGTf9cWpRgKlK9O4RgnnUagFMxcREUpW7P6e34uJ6LOy90iF0XAOx5DHnmGO14igXF0ZUkcrpjXxbgsntqs_wGS6dTRIjgWbQJ3egRHrAfu3okmf7_Okq99HJ_zoedq4I715ZRu0bAU4k7-0VdBlwvuVPJEfiBWy01vASIQZtLZISTd6nWl9NZ79kkI84eecpMKvOR8joNWKHoaTIRNVmAbbY3JoFl81zcIw4OowNd7KxcoWAAkbJ-HU7_kEYVjIrXEVIoX2ge1Rjo82p5Wi9ff1OTkwWTNCEUAol4if3wNPPbjFfZGpp58DNRFhOa-dHOGS3fiilfsQV2L
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.svg
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		148 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3599acd69a74bf92c8d05f4ddf3d0af3d7da2b1967c2ce76b7da00e281626b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41539
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 13:50:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:51:18 GMT
a84a8e4c5fc3d6f9b586b4d047c99fff.jpg
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/a84a8e4c5fc3d6f9b586b4d047c99fff.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
276614ae41c1b0bed5fd323d6a0eb5b8878d6cbafea89582f395f96ef112bde9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:33:20 GMT
x-content-type-options
nosniff
age
727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7029
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 09:53:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:48:20 GMT
6287f3b21ed6f4775c7ce1a88be8c183.png
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		68 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/6287f3b21ed6f4775c7ce1a88be8c183.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:38:21 GMT
x-content-type-options
nosniff
age
426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 14:45:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:53:21 GMT
NewsGothforPorscheWTT-Reg.woff
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3543456/NewsGothforPorscheWTT-Reg.woff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c1da68f52aa196ea14a82cd7529c76f11f766e65f773096921d7ccc1713846b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:38:21 GMT
x-content-type-options
nosniff
age
426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38192
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 14:28:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:53:21 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 61D4 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
303483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21678
timing-allow-origin
*
last-modified
Tue, 21 Jul 2020 23:12:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f177643-eca3"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNgTaTmrSlZqxVfC2XS7cy%2FQpylrig8jzP%2FCoajSGstvOKBpC2O8GHAnPbndjicz7jNEw7E7TcSZeKKOy9eSSHlYcjRIqdj8duJx3sGPXdm5LIIJ%2FndN5%2BuNAbAVFhh1IcCrX%2BrYUQSMniUOdcIq%2FgVY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
745ca8ac0afb9b71-FRA
expires
Sat, 26 Aug 2023 05:45:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 41F3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?error=1009&vis=1&lid=7&sdkv=h.3.528.0&e=44750822%2C44754420%2C44760950%2C44765701%2C44771872&id=ima_html5&c=1606388517090640&domain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
581dd11a8841e9be9d9be66812cab012.png
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/581dd11a8841e9be9d9be66812cab012.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea5bb2be733aed15e4bf022268c250cc1a2ee09c9bacd4b319c5a9fc99c36da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:34:32 GMT
x-content-type-options
nosniff
age
655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26792
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 09:51:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:49:32 GMT
1da00fefdbf4e6500b5219956144ea61.png
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/1da00fefdbf4e6500b5219956144ea61.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47c65e4e4ad367d8acb58becdc3cfba521cfbfc42c462a5d13eb501b306a8ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:33:20 GMT
x-content-type-options
nosniff
age
727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26010
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 09:51:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:48:20 GMT
268c2e81483d73347ed0214c5d49c809.png
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/268c2e81483d73347ed0214c5d49c809.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
125c09084586f6423ccbecbb8fa4a86a603e2e818f96c6c924da89a698cbed88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:33:20 GMT
x-content-type-options
nosniff
age
727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27361
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 09:51:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:48:20 GMT
f037c25ab7064f03db844c8262934bfa.png
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/f037c25ab7064f03db844c8262934bfa.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4f475945df54bef8c4dd1aacad646bdf40e384229ab4e07a8bd6f28d43ed5f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:34:32 GMT
x-content-type-options
nosniff
age
655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26713
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 09:53:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:49:32 GMT
29c36422a055525f035e1f424fa12a42.png
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/29c36422a055525f035e1f424fa12a42.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a974b726c48d4a3864a9abf175e984eb93599dcce4dcbc54f478b607dcfb5cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:34:32 GMT
x-content-type-options
nosniff
age
655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36762
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 11:04:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:49:32 GMT
f0921c02206c6e5a8a3a1ced0d0854e2.png
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/f0921c02206c6e5a8a3a1ced0d0854e2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5979352937910f86dab4cb4fcd93a31bb0bdf6706902f756cddb3298c4f1bd3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:38:54 GMT
x-content-type-options
nosniff
age
393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15370
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 11:06:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:53:54 GMT
bf30ea73cfd6cd9aa263fe295c1c4d2e.png
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/bf30ea73cfd6cd9aa263fe295c1c4d2e.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a348664ed425a0a3309170525f3ded361ae880e9aebbc7f582f1359e19f2a12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:38:54 GMT
x-content-type-options
nosniff
age
393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24817
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 11:06:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:53:54 GMT
1035387580be5f4359af6c19b65ac58d.png
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/1035387580be5f4359af6c19b65ac58d.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3da677431b6bdc1ecb8ef0517d61006d5fe5d0f21ff118108d216e392e8e56e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:41:45 GMT
x-content-type-options
nosniff
age
222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14152
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 11:04:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:56:45 GMT
e68b1f48786d6b95e2c960a7b3d18a15.png
s0.2mdn.net/creatives/assets/3543456/ Frame 61D4 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/e68b1f48786d6b95e2c960a7b3d18a15.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0523c1778d2b320083fee90379cd40a082559ef98603f026289534777c4c745e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12621424584994848768/index.html?e=69&leftOffset=0&topOffset=0&c=gzZzEK9mMS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:38:54 GMT
x-content-type-options
nosniff
age
393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14526
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 11:06:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:53:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 61D4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 05:45:27 GMT
integrator.js
adservice.google.de/adsid/ Frame 4CD7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.viva.co.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4CD7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.viva.co.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4CD7 		48 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3433505372170739&correlator=595878942316366&eid=31068501&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=84772874%2CPL_HB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3790746380&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D55b2b8a94ebb9ab1-2280673712ce0035%3AT%3D1662356722%3AS%3DALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA&abxe=1&dt=1662356727767&lmt=1662356727&dlt=1662356724243&idt=2713&adxs=438&adys=2538&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=lz3m4sgvux8w&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&ref=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&top=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=471711825.1662356722&ga_sid=1662356728&ga_hid=1290119243&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb51764b7d6681cb3e1c5e3a9d93d73c4997f3fa18c929dbb5131ed295bd38e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19615
x-xss-protection
0
google-lineitem-id
5758418825
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138313975333
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.viva.co.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4CD7 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022083001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30fb4306a511175f93fd7bfce51f842cae92cc423e52ea85c0f02328b67fd328
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10995
x-xss-protection
0
container.html
f604d0068ef64c94ee184a6f0d8109d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 04CC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f604d0068ef64c94ee184a6f0d8109d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viva.co.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:27 GMT
expires
Tue, 05 Sep 2023 05:45:27 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame DAA2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=bdf84ec0-c8af-80da-7fbe-edae03003897&tv=%7Bc:njENcD,time:3527,type:e,im:%7Bpci:%7Btdr:3231%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:3527,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B3520~0%5D,as:%5B3520~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:1200,fm:tgxhp3S+11%7C121%7C13%7C14*.1103447-64557517%7C141%7C151%7C16%7C1711%7C181%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:f6d6:134f:4507:dfcf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D84 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvVp484wVY7zZMYPCx_APpNe34AQAAAAAOAHgBAI&bg=!U1ClUBTNAAZTikH4c4o7ACkAdvg8WkFEMhw-DDlYLRGDhnGwpkZyxywq8WVNIvtW9CjdBnco9GU27QIAAADtUgAAAAFoAQeZAu-WER45ZaJTNBAipo2Xjfp-zMf3H0EuCoThnd5yVH7hrxDsa5_rb3i2E7CGpij2bU6K1nykhyImUnG_fQroL-ggBiKIIqZff0_sQCSxFFpRTblfBPcavurqkHiOad3SBik0Md_CcKMq-qOnx7bnq7m_gwWfrR9XEesn1qQ24lQK3D-vIR97EV8Q63uRBazjGyneK9GAahIE-bI7y4MehgzATXoCOCwGUTVkX0y55FOQHe_IYOL77R31kSKFBqEBGDQR2CrkMbKQy5xI6TfXg538TfWtve2e96k_uMcVMhmoTi-q5qh_dBrgJsZAf7EBbK4GlL5_5KwnOzcP1pviPWgrM-Vpudo8I2OYBy1kr4eYI6U_T6ZVYbwjTcj02_zBZg61gZyfntV8i3xwQYrn_96du3C_xi978qFuY8feJaapEQvZYtuJwHAMWzlhCYGjRLqoWXgZ0Vv2mqIs1rYKTBTICrQ5DJyGwcSYP6lRdJZZ1-7_kup5FDe_dBcBa2ZxPNEfOG1u5qj3XeAvPw7ZH2wttNd6lT7BMKEB6XoeX2asAId6oTP9JTvGyVGCP4b-BOnMmBFN4pNDBjDNkz8mY8tqtwm1KZnRdyPihU6-zVWSqNlHZkNxLg9-xQ53PtYQRNDmLncO8YFKVRXAepMEnp0Y1j9oY5ayZouNMKORAtwxWdbmNdzmLJjBUjhui-NHgnq7c_ABcNCrBTbWLMFebLLBTKVGytNsnZuZa6Nyi0vkOE2-MBoYmYXRhTgKgaCkuxeH4Mdl_upbSsPxL6hS6FhEA3Km3r0eU7BMKZiDOOU5_8optlYddMgeoBJcjsRb3uZBA5Lh2Uhvx2Z1E5c5Xb0SKPkap1YcSBms3cq4-JiNHgSI3CthH4HyUPyNgPqfjnbsuVpAeJaC3_xrOA71lQKpImm_tlvWLabr61C8_ofDamPd3sLMzgndkM7qm6jqdx2iXAtjoMTNhfVJi7sdmTcJEnjDtS5avDinYV9NRsKo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1hZTdiNDMxZS03M2NjLTQ3ZmUtYmMwYy1jZjdiZTc5ZTAxNzQmYWRzMj0xJmFkczM9MiZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMg==&adsourceId=ae7b431e-73cc-47fe-bc0c-cf7be79e0174&cb=1662356727866-bd5e0ca6-ff16-46d8-889f-195f715cf8a2&e=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4CD7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 05:45:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CA60 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlRZPZw8DiUqWZG4_V9s_YxShNJJVCZ2WXykcfga2TVQJBPjQS6RMIeJGOIIsOR6EYEqWI4kIW5yyd-XV-PzPmnkPeTNvKk97as_5B4WAie-esMGoi9LOucFfKiSWFl-gShazd4yyBFnZAxil9m9tGAFHIPHL6Bj_uFs-E0zTW1psFsqb44dsdqIULusvUmb28QHVUrT-0hNZI4HsQbQ8MzQlSTQu0dnkjq879ezsA7sD9URXSXgCCsNlkoIh6_jkZhyQ34KslKPPdyExL96dOZnsW8vxmnPE7vfdHHgFMozzGjfGujf5u&sai=AMfl-YQmXjt3YUBkU9CiunNWN-ZY1Y-B5YrP5OSY18ZTSzmzN_65ljbRu5p7PzPmmFXMUFHNfBNhEzHJfNnJ8cZmZU6ZvfZm8PBPov34zB4wffjG7iU4FlOfHU7zlUFCjg&sig=Cg0ArKJSzLJDgGllNZ0wEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.viva.co.id
URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame CA60 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:43:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame CA60 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:40:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA60 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 05:45:27 GMT
15795645627278799334
tpc.googlesyndication.com/simgad/ Frame CA60 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15795645627278799334
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eba8f958f96c2043d58e7ac7b785d69c2388905b6178f0382dcb5dc9c80dd98b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 23:21:16 GMT
x-content-type-options
nosniff
age
455051
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23825
x-xss-protection
0
last-modified
Mon, 08 Jun 2020 09:21:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Aug 2023 23:21:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F6D6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bu73h84wVY7nGMaWwx_APxamwoAsAAAAAOAHgBAI&bg=!e3ileDzNAAZTikH4c4o7ACkAdvg8WtakqO_HjTqdHJCjjZ1woQuUREzNicGrPit3pwgZQl1_gEAJkQIAAAEKUgAAAAJoAQeZAusa1bZtP528XwqQfb0HS2G1Eu3UPPT6byFt7FQV7eNL7EVhm_DLAb2FwFKe4eQ5fX_JZMgcEAPMLJow8R8DrO38gDmjiQzCQPZaXplKnj7wjzWGL8WDcQ7Cc9phi6HNHZ3mwRCecE0QXh1MFnMXtNPfUt1KpdjpHgKxFps5ovb7Vj8onkHudUnwrdRH6RfZ3q0KHeI0f3ws5mHJRnOkbx0QsbJe2lf0tOvkIyWeeGl9wypyxzTejWoGk01h39Rb9bjj4Z5Fru1eh1ISNfkVhAV_znAnCJIyI1dHu0yJVC2t3gZBFgOsKDvxVAXdyDNKka_bjOJZPMj1a0Kp5oiNZa8JFfAcdxPz4GQIcikqibL1jN1M-QghZfOpNhYu4ROBODSlkzXPVF5wU9YdT-vI7zD5SvIW1TTrBfx8WRtkq01oGZSxXJqkY4Lj7wQhZS8iBDpjSkJfKHO7nKPvgXzcImAOH9vhX3v-J97EEHxrB5waEMts4HmILBihpuDp0xgHq5SKgvcbR67UKjuh35ohOnyFBeyWxFwSIB8rJGApW98bE6Wm-6O3Gstc6NepOoS84anjCivnDgsKFGchiIH9-6OMas0rvuErK6Fxlt5oictlhmrii5qDP-ok2UUzYdkijGmIvHGYZM5jRirNJ_4CGehbwVrjwwIMidOGg6Kt0pZooexFMH3XTeN9B1GohubulU34gwz6dXnTIpq50iIQhipfwCg6aVparFGlAYi7iNg4PkxQN4xf9tWCVPHwsv5a7PT8vSxK2EAwxRTmPJ6DoT6aWqRBeK0tdw-_acx1s5UIk1OGhqTfU7bPjo6jYmrJ-kBLJ7_h35vWU7lpD-ngJ5vGtfu-f0zPc9CpQjunaaiTIb3xQUNxy7Aq6Qv6uGJhrguojB21zwP9Y_nT9wZOf8nTLYqJsAGctazkk-avl_yzljd5PTBNoDPEiGmlQkxsMgiom2GeYXAekwKN4P2JKkuFqB6l0PQnFcpYLEQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 8539 		24 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CDxXcUfekn8iIbhM4BIqmR8PPbJPuDdmp2a9ZmjeCMGhxmvI4cUOR_RT6sRoCHtb9ixbo2ko5K6TpFD_YB_DDJ8aFdZw&cry=1&dbm_d=AKAmf-DyBPQqUqfXgZiwUBoW4poZI5mnqJlcs2MAbhnH1EurB8z8CdrkxwIjAuUlGuYSCGPLXWt7bU8EZRAwXPfP9517eHjxONPVIYFT7uG7mObhEa1w3sOFhR8vZl3Cn2rl3DEwxGh_xFUlsBm4nTPcTUvYKWygieQjKPQCuS7MBvIh28tqpj1WKBgItNgomSHrAjBGfZS-D36g-vBP6ko4NoW5bfZ7UYQa6XIa0FY0Emg-pEU_XlU75nfuq_gqK66M-usTfCJO6hHNxx7-Mrj8Xo3bo9Dsf9Xfci69kZOC1X1j5hi2YssRi3mdUB14NqFTgkL9f4fc_tTX8MJj-8nJ_v7kS_ubwNgjU5zWPptWGvX_yLkDTIyffLbuu0n3fTh2z79Jq9sUKytCEPlAwMQ66gomjg3aBfREDyGWXGw-oeE-Sed9ijghZHa9ws-pFtgTnUgRuy_Njt8SKLQf1ARlD6MF1EhzTJYz9doucX7x_Ma2TTABx7Cwlgm4W8k92UXt6PJwjEKe0Y-RbRzMyu3E8qFMs-IvxsS8sAOczhFOBowBMJbt7LChyT4EoPWEMQN6B7w1ET5K3apgzxOhi23gkfdn1GxaSrTjAmNJDYGNdQGo1MpjZfwLWNZKlrtq7P12HvWG6uQM9qMmURjtSwkxwSWP1jXfUUFrUNhai0-XaBp5D4P0RYvpmw3gwup0y-69oFUUBUP2b4P9tkD-SOE994JpXSuWTRpNJpIzPLxNs3AUue99QmCyOebk2rNEacNdF0BECbiepCQuAv0T11BBQfdMfz-XxmUaeo-2Y7MjtwVkou7Snu9ip1rIoZIgOwRUepKmDLIritqxBVQCB0VnSeNIQasD7ytDncaIPchQXVQmNSI8hsd0YpK2RKuaPAcagkC_jB8lnn0SW17895b2V8NpQoEfRzVccYhZF2V7DygZqt6WzpRoziS3-10llrKuVpP58r6Mv_CzyCNxcTTAw_hFILWp_yFirAJt5JFO0lqZojE6z9zrc5pAsrxZtMy6mIwN4S3ZsXT3qhTPHQXrYa4r_z-A3rlLj5u8Ip1IwXUZcclizn6PfBY6eXFLblbXKBvJlpqZZvBtjoA7tPeaRhQUIZ-CU18PU75zoG_rlvMf8WMkQ47Z-Scqt1mpXVN12pQc5F9uOB2eNrmx-Ptd39QUKsZt6dfGDjgRCr4LyATU-YVgUFucJqdaylaefbJrORqAv-h_mPBRTPnfQOXQxIzYVI4Xrql_FYDlhd4rcbVu8BZscHRKIGt7sZb7E5CGxo8p9mBANj-AWkZmgjHp3u8-PmJpGVUdZFR2LX06Ftca9jB9kEX6SxBPLdrbcO-97KhNJkonpWKqdcTFPQDFp7Giqs3BCE7XzTGrrBNmHIGb-kq-dm3Lc7Lw0QJZ3VfRE2JeBSE1MNEhainGC8LsOvNUZPbQYZZMrVPnu13qCQz4ruF_3e979hQu3dBHlUqGdWjttVnCBtd5pkvxE_b7-dwzZtqMKF7VpmD912o-DgxJpT6DKzPdnl3XWOuSDxB4um9N2fvPP7-p0wvV7kID16KXaPkZzHbIcWEjtRJJrK9RMVrXlO8a2UfaOZu717A1pII-ypq72xHFk_fxhMpZ5NQlyrGjm5jXlWcuLfrfJZK1R6TkdiItNidpnPfkrT0NH6N3uR0CGY6yUgukmkNLRnoVfn8LqOQ2uAu2MeGBXmxVxDyYupE9A4beA02_5WZ5kRnQvjuF0NbJO00lJRaLPxT4PP7pBw3T2KC9oI3uah2A0pfFoZ9ifPoUQKrw6tz3BfpcAoOJyuvz4nqo4b_RWzgkEy6tPOK_DnfCIXDbdxz0xC3u-8COl6lz3QvwVqGU13NJzyjJSt8GS9lfusvXS9ic8KlEbxE9NnxOYVHQ52KeAsv1AD9kb2f6av6Rf7teao2iLsv0PcCXVp2ciUH7e8WeVgJEWjsDZ985D7pfJyke8NKZg0zyi0yQRkbWgO1zXgyMUI4Heu-F8456gz1AUkieezItYhEnJWvhAfKTs8vlFSc0qpytnTLlVf1hlrimmUs3VkA-kwZJi3LTMp5_REh0P-ylcUH3SC3zCSAAzNW7IuI7oVzJPtlHVwShrRnveLiB_w9lLNCIztqADFwHhIXZZdhfX6kAII_9zTwCA2BFu2WG56yWTD0gLlcZCkU1bue3bHVtvk8HsLW5tAKBOAd4209aw_jxe91d7A9Uy_tWP3TL4vIs1ZdRxMni-5jwDsLZA9SbFOHzS22drNcxyTLXcrA1TlzCroApnFVodf9Z83qyv5ZYjyRUp-Z4PGVAQPc_Nz8Qdj7oPBk4CflMaU6H0opcjOHiFrBq-_7ytnA_eyev8bLp_HQzbggbDM4WtL7r9m7-1__IHdj7Ab8BEegH9_zKNPqlUw5ZBI9mI3WvTchHof_VEKpXIJC7AlRNPoKA6kH9QvRObatQ8RxOFcSkWvEcXuLufFNU5r7V8TUqEoREGV-WI54i_iuY_1kgiav1LmkzCC4jfvHCn7dybIykVMORMwJug9YvHva91wJ22Gax2C5ZS_qLCkvrn18mnKWnYL2Fj3XknAN-lX7mvSIW77pHB6HmZcgXbEXVZ7SIKHKNVWSzU9MWE_IBA_Vd9eTezdDUbTHZTPYbuF-vhP4p2w_Txy9UHnuIUg-zyaNPeFK_6cQCfzEqFPSycY9HaOOKJW8VqBjkK_xqhBz2c4gxqXPZBPg4wfOg1lWl-KZMIovwjWtQySZFcAxvgLI7HXAHcUkzljNsrJRzslO6vT-uj3HKgWJqgZ5m5dkM57v0A6Ly9oXi-jYWLNGzuYp82rJyVZGn15XFyn5SPZjOmdoTcG1hP6H03VJxM4xZKg3MVnY8cJ1ljTuChTFd7_Y5pMJorVgHM0_Uv9XpphMiRl9gvunQ6h741mmFQNbG-Wy0dod8RVru8QtatYMyHtwOZ1Hnu1-nhCfpRXJW74QFGVAZf4eT1_w_CIRVZsgan7C7rEyYCkOfJi360U8DxRA1IXRrregi7QQuPjEm_85Rg7vK2IbfBztzQ3glwH_9m0Xz1uUw_f7sG49TVdYbx0Nb4f9PFW1ebBhoQABi-GGaqvOGP1DLTMTMhx8msGRsH5uw2LhCNy_OYvLNw9_2rnGiL9d8ZSXwTQsubLn59u19BKfFamgf0Rj9Z13JAP87_4dWz5VCuvn9c2dicj3VSnX1mpKr5jc5odZ_2Im90e28aKYL4N_NsQ_J7SJ-9UrDKK3t45HegPi2JD9I-XzRh9mFgzi4nKL6t0nw2zJ2X8jM-1THPuzW51UmE1nZu2b_iocQ0Ca3M_FEe30OpEZ8v1p7lqvQGKCeOdn0i6irBNoZaYh1QyUG6Q&cid=CAASJORoevDOTzM8hEGLKM9oIwg-qCPZe7H4YGbc-WDq7X2h3mQFgQ&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2833661598&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=C8CC12FD-3A19-4F5B-9220-A98885B9AF3E&nel=0&eid=44750822%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dlt=1662356724011&idt=2479&dt=1662356727906&ged=ve4_td4_tt2_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f155.1e100.net
Software
cafe /
Resource Hash
3d8198f2fc05ccd301ffd7be75b05c4bf48c8e1b46928f48cc533000a231a352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14781
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 1B4F 		24 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DiALQGZkysu1hriZodkU_sXwjPjJGzg_-TOEuf-Xx8SVFOjr3NzNwJ8DEABR9I4SVHtx4cGfktAmH0a18A32f9GYs22Q&cry=1&dbm_d=AKAmf-Bqv25hDSzB_gwb-xa8-ttnJh9GpUL4CThYD-LLmP3hPoheno5wxaLUYR3qiaeBglDhLVq0XMe_DUSP43I_ZLFQDqIOp6a6z6x4_98jYP2WTJ1RSxA6R5NnaJU8OIqpFmEf7Yi00BJaQNnHKkl6e0bZ1prPPNGm3iKEbK_YWJTP9DhrDvxMvSqljtcak8uhYCKx1AF_x4wlXzX9uYH_J62OiGA479rdH8ye5NeSC6Xlu4SLj6B_6SIck55aUdCE_3nkKqrWd9cH7JwnH-8PoVTqIc-4aFl6dWoPelLetzl-6ceYguHVFs52yECQT2pcQogKYDH_Nz4F1v8tatMEM9Da8mzE1q3WXLXzUOTy2IgaxKY7f9VJks84yVzQk1TjnibPelJ4bcePxxtF2bV87MMmXHpDXPBOWioU8UULWUI0hRNDXxFNV70288UMo87EhFupM4ulwaUn6StarliTahi3KEil9gt-Ttm2CGSEn5R1ixqaAGnpOIMZjKyaTvtp3ZoD9ydMYwpGOHwjaKRUXY5zY8rgskCSXIhZ6fRKOCVGkvNiCUyHGQkmepizGc58vzKEb3-Bwcfu4ynzn1GR3H4FaFd9oD7S6wHjtfDSze5a5RHk0WBqpevXOLJLs-HdNPeLmM-7mqRc37AlxPf7dYh00K28rE3I7MjTiol_fP8ex-pVdB17NMVSJrxMUk6KrPDF7xBqh9OZ1oeS8TilQ3HRQ477DHWMYYUHvX6PlZqOP-DhXAof6SeEMVHcJ2E-pNdUSG3oFS2Z4bHthwGsXA_Z7xRsvxdFZmU0e-Z8evC4twd7vh6twjJxEObGBSw83OhEtm1LkYRsmb6Pa6AzCNJz3j5hzFD1RAnCW30VydqrOxFWHKC0SCHNYaG4np65b5FjzQFSjfPfA4pw6QrlRpnRtCmZpDFTsIfMDjwr3zariGOdpELa6ZbduHk5YCeP_qJ__vvmf6bwsS7OcCX3QUgAaFEjCuimjXmvd4tjk74XTIfby_Ag3yOp8spUNYg5p37Hgyllk0XR8iFyibb9VggxZf3XQsESjpC5E7osajTTw8BOm2Qmu0MGBCJmQHGSzUOS2T9M_ZPCZDaTTgyMoj2eOI0VNiTp2v0g_-ZG8KBJlPYvYeMwnsAV0Nf2gzNovG8lK2LDCSn4ALsUlfQdiLMX582Y4U6gHiHzUSHzRR0r99FhQnRjFDJNt4-dqQXh7NkLS3IXdO1atEY4I-7l9xyob_T38H6dkM1ALDK2jLATTw8COtqEexDl9P4kuy3lQI2ha7j0RJ_6WO8RykU-mcZPpODNB9tQ3uDfxS3q6qqiGshzh0glNaOt6o2R5YGxmCR1WAkWvTJRLHWjl-p5QE2AKUo--FBN0ie9AAj7qev2kH6KP5V3WgAx5MGlo87W8AjnOHRyKkQQHJbuuPlLGdkayHJPy7EU90Bqx0X6gdbiEwvMDwGXV-xVAcDj8EWpqUyWmyuKoNA5dye2abSv1NmBcR1pxnbrMflNLkm_rdrkA51qwpw9OEPFJBXi-qt_OZdhPnMg7h-xa9uTcu7Rxhcu0CZMMqRoyZEmi0_6onjY2x52CUtq3YgQK0QzjYQgzx__Jvx_V5sjpBM-flriIQPI9f7O5ZI9J4StT0hppySNdWqDhTNchIULFDuCckcLGVOSQMCW-2XQd3j1GxaFI0Dt5i6URMb0Y2ygGYHhkm3_OybGTACRYaENI6x7RuwJkl1orUYH9V0SxU6mQT-CqenDv0eniJs5YSZN_uidB6277eKZbM770feSu4Oy_w-rz10ZF_qLjVLW3a1nwn8ZtXkpzQUtFi3mw6zbckrDiOA3A8GQL6-aw8d-rCdOFtcczviJv_c3cYIvyBCxQAtRPcohs_NNmiPNshZdW0RWCigZ60kT621lGsAEFiAg1r4AQ-4I-QAlcrEMryBIYlBqyZ82iqN3aOhAEaslIFoWll5ra6ymB7hWLetpVpegYMalPSCoVNjQMCbqy3ADO8CgMIlC2oMDnOJ65V3dc9vtudNIfLChAmo62YuL2mm_njEGLEG8CAaWf4W7K6tPKC2Qb32nsMTTSk6guMn98Lhr_6NCB3sBdNpAY5M6mDPS0LOry-p1M5pWSZAoMzCKDuriUH_ouk4RK5Pv9f4GCClev2peVquW_w_5RyhPFaZLF1u0Gru0zXSXHZJ-RFg8UX9yeB0tv5B1O1Ty89K0dJEJH1bHvejHL2fJFg1Fc_jKibqzxvKujCgQ5LoSxmrMLd-AbC_RVDby0XhhVYM-K59LRLdBY1wiEcRnIELjbdAJ-WTbzMsPaf-9SLiYZPHrrrmF2RqVgK5-xW5H79syL1-ookzR-GuGSTE8MZuQPLqkHNVt82OkN5xGcDP6nJG1gs9oznod6NrXl5AQNx3Hm91dw5FlttWNZaOqMCNHjvkHtiRAMDS2_ecql2P9AFmCNm8BK2JO4UKDbUSoXFK1zR1vYwegVLcAO7sJOgweg7dUn218jtbzyVmRMtBP0Jby9101K8I9bd5p_-mZvPiaigwstMJldMOUqvFrEaZMAp6K_yXxigl2aW1aTBJnmZeVfw9GjJPcgkL1O3elbQ99uM3TsK9p8znUpjuCIN3gzL1vEzUASKNiUwnsJ00uzVQjQeX4NOKUh-Uw6SJwUTm4S9Ra7G91CMIVAINSwVg_7pN0F-bOltO_PXuLgJQKm2oZfRdeef0i_xwyLf-46KfmlledDR_zxi0oWdSyj3gE6AKdnrsoPt8MBrYKD9p35jMpDzeVOzlQsDEuyy9WjK-9ghX3HsSDpWKgC8d1zu5g1eYi62oc0NaRGdOvdrsgy2bbtSkn7vnaJXSDfYjD4AMomTRvJC4qBaxK6gdd1gPhKObk7qt_FB4wiRFHW9XCKUXwvtPITkfDa-4Xp0lm5EAVnsbziicpZ43H0aDbkNdjOaaIM66dcngBegixQXRougAX2D4iPdosigy9gyoqjSNYaQXmzNIG0l77CHHhzNlwY544jq8-5QBrd_Ruh_HbzG2nKN1KMVECiWMjt_rbQy7HuqNuj9sgN7CKrfYnrHw8AKx1q5gGs8V9cc5ZduIZK56Fi36EckR7B3gtQ2va2kQ8vxcWbceoyuteR-OPuaAhFdi0Ug_jNUwns7Vb2CiO04gHAmV7PDpqkx47OTUg1VmlIphVNPr3K8xX5XRUkvjlpTMUYn0j2eqqMalEP7qbUq4WeuglX1gEkmAQQAueI4iQqmqPqcH-R24ajdpWH8XTFRNDnLW10EeKXP-2890LLOfPcJC3vKS6ffS9OjFtbiJ_6W0vm_02RugRD-92hrxpmPtifby_8AN9Se0nsBt3EHtD165LrFcwJ4deuQ&cid=CAASJORo7LYZR1sBhrssdSncMwCu2vTNnmfegMyABHl1Lzv2uZ5Zdw&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3652503878&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=3C668A37-3965-4C17-BEEF-E5B7390DF373&nel=0&eid=44754420%2C44760950%2C44765701%2C44770822&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dlt=1662356724060&idt=1974&dt=1662356727921&ged=ve4_td4_tt2_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f155.1e100.net
Software
cafe /
Resource Hash
44087b01c3c31a133659ac905510c1e030f670dc75b2db7fd02abbedcaa682ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14743
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame A39B 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 20:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 20:17:39 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 82FF 		24 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CATExLwOO58d5Buor5gVLliIeAcyYwQN0Ua27PcpdaqUmw6VDXmkuKVE9A6i6qzTpWMu6VsmCLZ9DGovigM4RsrMmAaw&cry=1&dbm_d=AKAmf-CN7Ddzkz6jK2vsYF3H3ATpI36MCw43F0jUNBmX-56i_OY6c-9uEjQwBGNJc1BG-HOJH3SyPMP55HkOmhm9cSyPYjXxOrHf2fCcU3FYq319RWElMDD2i4B93AklUM8OPPzQGxyouuxTkLwvm5INYdIwG7v9WzQeP881m5zixP0WeulkOxM_3YzyUM5NwG2PpPJ5q4lr_4ByaIhwe-nYcWKBwn79LmAvShWbFlYj64p3S5UyFpoFJpKwnDobAcMeU-FHPeDOdbkCoa_zckLBpeRFdJqJZjnN0rhcxqzogh1hGgCihHuRTx_nVU9ZTXyaRe3o8jIqcvJZAuBRW_-CobR_s4ngG9_vM6kV9lkiuFJ_XbMTsU-1Ix0gbsW9b40yTOG9gxpqAN0TLmKev6MHpNLqtRRS1XZSi0YtXj7QVvAKpHg8MhgfTcY-28Caqia_2v_e81z0vov0AQMBbs5i3F5YIjKJB3btxXjGfqaR8abp2UYO2zZCjmECbcP1mFsApF9AbtmG6PTyGa-L-Q6fLAvJw67pNgco7_Ws8NkC5MFUs0FqL323_fZOfc_d1ALhQvsk672jrO60FyLlfApj1jEteig5kNvHthh__-RNtS-BczDIHsiab5GW39gw7MjbBtdI9_8GBxnvYUyRugISGXTy8jHSDXtbv9fzIh-qpOOaj3tcLP8_0M3Cj16R1DGJO4eSb3KFEx1WfK9KTwWOPW8w9XrDr4n62-aZAQFbqKLSsAuFtz5_ZLfWwE3b008JQzWPcjWk2hBm71YGQnixkbHa8FUNkHD_qZ48_wKJGaunCxC4zNtyzGNSlMaArh1og3uXfdFF2Yruknm4WRaHPsX38q1toWTR2DDLOKeAYeSPKRcCBqYY25Y6D6uuCX0KLQxW_E4VLrv2m5uxacuAKYM7--9r7h_TrzS1meiLuavOyUGhIipxrZIEOfpd_nNGL-oCWKq-F76clKVz4Eub_lt7tVF8yXlX0qF9CJs-1RI98OW7xOoa8X2JAZFCYBrd6y1JzobfAEPHsFp88i535FPZZmB0SQ09RqSb3FwlvD5z-6fNLXhxJ0qrJiXi5g460ZCqs-VSLmyB9ecF6t7xUrbCFKNLdZXByZAl0DZxsX3tVJF8IgJv0mKgIpxWeeiuG2EQQGPXV9GYudWDw_J3HeekmqJvdD4dt2qLkQ1-f_nB2ITCchbO7kkKJZ9nlNk2ylLAzg8V_6pZVxC71hd607unG0BBMJUU7cPoW4qPUI_c6f7yzLdVn3k9AAhcFuwOYT575-EN6AKLdPqk-dSb8YKsDktwr4O-4_cIJ2M-c5XiZy2A-Dwnee36T2iOjgB3MeqtMqsr4ai6U-UaJsZxu0hu2odqKK84JfIv0LkF2JErPfZwn35RUfc8IAYi5H_v3YAO8veEip7vefDF7rRTXJVw-XAkGas4-e4-ONPAX5n5sTEsbO9PjmFsxzY9DDgHItMBKk3tMrY3N3xs2PsPsgUuN4dGHSBYy7HIvvnryWj__Dg_aeBShEfn8k98XilltSOPCnUruOtgfaY5lLBtttmYTRPwp0CMxrwmw-30bb6LkPvmTgOxyxuS5NzhnYKlzizJEGvPVLBj38QzJCS3kWEVtv89jcgBL75Lf6DF6Agh6Ada061waf0AeDz8BTNUzYVE8_XWVifq8F_gay7GPbiTM494h8un00W1Cg9a2zQeMGNxxt1LAgLhFO30pTNkJecs6prO19bLkV92TB_sP1xOMM5xiiRK0kWAmveh6rnQ8DRiM49Fxalyr1zA89YvleDrtIbZSILT4sJ7dJoPEjBuMtEJw-39_PCCxXt2wgKCQwu_m2g8x_rI88pTXXH_bkRXtvwo5m2rkwzzI2tFTsVJYGDGhqS7efTfOdlWCP4oeINhYQlTrBI-DcFrAv_LRGez_NpFlbK8LWqijUGqR6t4QI3_FQbjG3oyU269fye5Y_lciU0kiuB2ui6Lxxrb_wU_JpfpTvPnCQfq0-aPvGVWWTQI_21fzb6-rEjA3dijz2j3PEnohG6pKsKS-M7JUnfqdt6bJyuL_-U9YN6PSIkwsCDU6waUmy3K0E3wY6i0UOaAeAO-ATBKk78Dm3wOWKuke0Ox2KPDgAJDY26gpaMppp6gZ_oQ-B1-EeY_N1LOvtqipygxbOEhZyH9bv4s2ykvP9ar9ADwWT904PvvUXyTRyrroCiLvA6sMLx8MSFGCWskOCO51YZ2eV-KHSLsaIco5sHADPb7-Vf59jFNSlwchJ79ildGYJxvTd4Ef449eqGvVg3pGzRiw5BGCKSl8LjsqltN4sqG2TtR9kAu0O0-T15LY5bp5IGXXpZAOdAOmfu7QSkPdFMd8A2dEhcYK0zo1UZZja-mv37ZokDygHWOmA53xVNVSd-F_aOVJg1Sm05qXCeVP1JRNof8Vx19RZdsXW9sUlXpK2bgHtciLRnW1LHncs5_GMdbJJsgnfH5QULCp1BVqnZl8Gy4JoNm3qw4S5m9gfxFozfrnkFIO_C57w_4Ul9JfdnC-PnYFUHPz9hMaRwrDIiDIlyTLnFUGPvyrXX3Ro0a1gHlhkT03ux5jR2GdqmrlcylpAH72J7smEz19Uof7Y7ADEukLwY8J7Fcsl793yCsMb7JQ7Zm8tvTJp4cKoGgVZhFsA9kR5AcUmpm9zqbgKGVNNk12FtOjsy-3djiHHYDycYNzYKGfTVIiFcOsaTQf35-T34GbgzLEElqGr1V7763XPXlmfwaGhCY3Vu0XqfDmTLhVibE2PjsP4yQV5p6RiSbZZmvb3iNEsTGYgV8n4j9NtsfG2l7gJZD0QWszD3v7dVb2Kvpn3i8BSg1x5zYAI7s7KMQI6QJ3mzzeYJpVj3xqJ5N1lFUwYjFKX21OKz4b9j5Q5rlTtFo3RIZbAHjgZPH23jlgP4LEQAqrAzJQYJ2xgwVt5IPzDUooKW1yed-kLZwY2vha4ELRiYSleUc_5mkXSudu8wmdo1PktygWDU9deLcImUORp9lOZOaNr0Bkgw3mwQ4MfJg2lUiPN67q69u4t3qhkHUJyLKm-YTlmuo3TSYW56PbOAzHg5YayaEhlY7mjXSVsKvAkatrHG9vZXFVo8xhxo5lSloTVhFtG0RLeC7JoM1s88uAj_DkXPivz7wnCiqr6krn3Ctajv5ZUDYNPZf3Ab002-RqKntyBkV2Wg3e5tWh5lRuVJf_y_j7kduscpfa3X4nBAz62h4i2iXcy-Pf433xwNcXFmnRhcdt8Kxh2qTjNj-n3aY5EXIOcF-pkoz_OvmSGNAccLGEEihm8t-8b9djD9KLZFzH87eKbjvStEH2ueafLPQ&cid=CAASJORoK6CFHJ3lcWgg1ALeOWLmN4b-mNihJiP24sTb85m9mdCXig&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=939706697&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=886C62C3-36F9-4E26-82E1-AEA7E99667E9&nel=0&eid=44733246%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dlt=1662356724098&idt=2589&dt=1662356727929&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f155.1e100.net
Software
cafe /
Resource Hash
532716b1aa583adf14edf08c92125f721d7fa17f30c75ee086a1f8558361e0b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14656
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 566C 		24 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C6CFgPOzM9S9Y2UXc9GyQ0uVcEkClj-TqmHugx3VrFxu9Zb27zdXKzpWbB7orxIDKtkQRCUeM-ccOO90a7JkLn0yA2qQ&cry=1&dbm_d=AKAmf-CgG3x63fZQ0dFK90-u17MMJXGstHRPTpDyzd8C2iF7cUC-QLIjeSMJW2ZePiAkjbw33-7AVqLQuy0tQZzj3JugE4pyT_fpul939EXUigYXBR18D2JlRF0BVLavJl7UtXWnT9_DWdKnqcH8yPvva-V0Ma4vYfLSAxEf2G-JaWT3IHIScBUaQA6GhqTFenXVQ7_yDTgC4SxTfyVfr2YzkDNOt86j2nZP2V0F6ikqeUrqSX12Ve4qfQsN8akYi64W1G6xyOpiIDldZHp8ZagJgUrYy4O4WATh6eztK2oVZ2gfbda48rdc1csgTWzf6xdiktsIFJA0kLLpPJTFmCto5soVURVx0hYMkYnHftr_Smd9A9P10_i4czSSuSsfad-r5XLsl2rLGyEw99HAAzY78I9RKwrEL9i_JTQAV3ckCtnm5qn0bJL4PrGvdSwNuKjyNhf__1yOm0vy68yvUajcaVI-1Q_2hwEgh4p7XbxaK8t8yeyAhxhMTuD26BLW9lEoXuDsmKnm2HU2KUzEJsRM3lCE0xr-_3ItZdT4njrb-t3RFPYR8gDNw3m4i8jUOpoLZKR-lcsPlo-oA-NtNgMyY8txGbFN0_4E1yLMnLHE-vhZEW8zmXIlOMtuvFpRI3_CWSx869AnYH9qR9PCeh7GA8VUqoNejd3O-G9zdNy6OAipeyuSeog_3C8pp83hfR-Obh-n_YYg_Tq6YDuTbYoKpq_HqX76E9nCVEaT2OnNAMnov1zB4xsG8kEhJ3KVAlRXiYv3BoPC2-ho_nFI6rm7q004oOynmosXr3L3Sn7xrbdMdCrj0xcSez9pHTKVfTyJrLj6H69J8JATCbjtinyLi-2tRkwCiwjlH0XUqx-VEEonfKwSO60gdUMxAyhOvhDtso75PQ8H12abDsLzjQZKT5llrIklIQiIxSu4fGqy2hLlMdr9T2ku7rOh1Myf-kfhdTg7EBE_1Qxb-kgokyRahUVyameeO_AfIl2SeZl5906TRPm5s3FADjWjLWa_LukN5gqMq0NxPkQygmhzTzkfRb71no4rl3A7fkUNKZGqV1-t79yaBm3tNhQvwcA7zIh_bKJw4XYvNa_xt0rl2DhlEhye7_prlhtH7bultcOu74UbhAsYbUe2T_i3z8riz-zuLl-UqA3n_kUkBjBRBf5vq8oZRSa7Ji5amZJaoR-UutY0H8TDYWOT4e5B8HIDL7WPH2usXyupIhVBW7sd24DP9Dl7Fmzln10KqrWjiCZn7pRKQhp5pjJPjr6w06P1cKB3jZ5v9cR0wqi4gOqn63w_J5964-TxbUNXcqLT6clETUFf3nh9bkqytLK3827hl8Zue60OHF2Eyw3_UKqomTjrjL2Aae7c08UjDtD67Ds9eFmdze5-pdGKK53blX3thbkWmE2afb9APTf-zQSt4r6W2lQ-st30E-skyhB1rKOknw6h1LMvMW2t8omNrrWdlWKtUaWcx1_BR-vvDayGvp5RPk2uZoKezZTuH3sIGIsWjoCDpqeVllT7RvSKmjTQZ3-r2GIvnYQ4vfWsP2S4nr3cB87KnSDjvi0RVT6zh3SgQAbiiGQwkSHJX1Doiu-t7D3I_N2tG-y5mTZ3_yqIoQTQvvJXZ57LVQesCeT-dtvTsOudp9WGFUTwsIYus5VPC7Jy6v7SRCqwOcbKcuIQL3Tcphx-y1PgB1VzVyB1R_m7nQ9uOFjWzJPM2fRu-OLa_IYURSi99PsDh_xxVw71OSzozdadBdEANDcPajFkFmA-dp9ReJpNTChFnBE1P6IfJsmk6X9eGzx2o6UIITAtQ8wgyUrfVU-oYlmafQHkPhXhmb4D_p7bdhc-sj6SIh7trxRIoyinQbukeuR3mfeTkezAry1l05C_51aQkEViLuI8c4Eysq2CJ-vlcS7HreSEWxErJogvhJ0J1Q9pwxEFWwJ1SSi8mUupJenK5aYncZtNKKB-lSjYfWBcRxiHoxcdsYJyQrCWORt6BPCE7Dgbgtc9RYt5Hp7-RB35g_byLQwyGC53A-e10EaQemou3oiI4K1S4pmIOf9DWgLBNuUFgqddU4FKsMV4s3ihXpyllBnmlnzJK3Hb2TlN-ACecmiKz5VTscbO5xWwGTH3ZW0eF7VGxnGhqGBWOVk6zZwBpiCjN3vaJO5QUb_kVaVzclsxnpug5KgN7EDuvj7PiDRv8Szh-ZGgP7i_so1v5oF3V9rMKc34EEDsNgrAD3lyqgqaIWIsZl3d1Orgeu2orePKSn8L615uVHGY0-rgDeAQfDQMvl--oS4Wi0wqTihk2KNw6eTNzRWVmLjizBIXPsgP0SXv0EQQlWRoz_4c8zn_P9LOIlDqmSW0_HIn3E5YONDPnWlMDKctrZQazWVVIMpM88IMh5J9_U4fovGBrGXlX5H3BAQFavOEaL_jHJYMl2IxZ3xjQaiRO5DaGsRWAEH_3-vN3W12SYwqI4N7hYgGQc27KpHyOu7DnmII7Q6WmK2ku05vUdC1pLJxFQPTRYgO-1mbD9wuB9YCuHkk1S6DjrNz8xeXHByQHIy-RLo4X3t6-rpRW73GJ-YYxvqckTOXMRZZ1K31pBH7j6ZbW2mUcjil7Uncu9ky16S3gqNdMiFM-J_lmtLYcg9VH0EQDVceaKIF0jxzLsyW68Htp_Oq_xIQK2k_YVbMEY8cpK3JTy1euhOCrY_2sedPyOfRED35CvciXGNJlq9w3tXopj16nWpDuktiviElkrpcXaI0m-X4XTAyNEuMWYcfpARKwIfpn34N_tkSxtwsq644kfMaBKeUv5qQr00IvbK0xC5HqiJwgMuPPFv1hbqtP8pwKThOGOLmjv9qvCHH4DxA-z_7n6_hStt8TVnjbVNZHDs2BH4Vi48WKDVZ7Qn1Y9ijWWRZLMcg846nSkRSk_ATFIyVioe4pELw8WP94IRSbTmKqePlMWtowGTWYxZCEoKgj7ebu323EVBpwEAPvkDgYmZvNXeJ4B_iwu3rjzHv-92bjx09ApjJV3Wprw-yvcsFCrqNAG9IRL0WZEkBV19j_vNIPd-LHjrQ0YxQzBC7HWkeDSKjoECEuYsvoU4bSj1ubhoYvTgFuNUE_N14o3ScKDXxnqOAlXROUr_zfhXquPS1FbH_Br9h_t_Ux2aUw1R0t7OqLtb70N2z9m7FBQ4Prgbl-fK9IaGgpMWEnvLs-Y4G0v9bwV7CY6Mx-x3grwmb5oJi23pYA13mEHmr1CTQDWECe9Zds-BbKgUTaiLysG3lglqEMvVs6KlYx3zktnS0K3N4JoqPqu2Z9FPDjdp-tzaN-h1S0DsLm4QbYN6a5-HZLqOpGH2T2lh189a4&cid=CAASJORobiA05mlHw_j92A1hRqYOTphmd_3K2IIQ97bU_jaSgtw4jA&sdkv=h.3.528.0&osd=2&frm=1&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=87870059&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=https%3A%2F%2Fserv-selectmedia.com%2Fcdn%2Fvideo%2Fblank.mp4&sid=1942A651-9A20-4DE3-B888-CB42C6D0323B&nel=0&eid=44750822%2C44754420%2C44760950%2C44765701%2C44771874&url=https%3A%2F%2Fwww.viva.co.id%2Fberita%2Fnasional%2F1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri&dlt=1662356724032&idt=2537&dt=1662356727940&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f155.1e100.net
Software
cafe /
Resource Hash
c858fc9d52a0c86864ee0387f9998c8ec7671eaa4a637707f803ee0013b268e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14831
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AFD7 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:27 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2f016e1e-a25f-4b8e-8c04-8fbcf9efd470
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 28D2 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:27 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
4533520c-85c9-448c-af86-35e5c22681b3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 34E8 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:27 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
dab0bbfd-2f38-499c-93ae-a132334f98bd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 206E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viva.co.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8822
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 03:18:25 GMT
expires
Tue, 05 Sep 2023 03:18:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 097C 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b1b9acbde244a58d454cc35301a3b57309abe85d5f6f7b37f37ac64977955f9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vi0RTIkxHuJ4pjTvlk3a4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.viva.co.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-vi0RTIkxHuJ4pjTvlk3a4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 05:45:27 GMT
expires
Mon, 05 Sep 2022 05:45:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame CA60 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3Gs-YwLWVPEgdbkNihIE1hY_yasoieU3kZIKBd3RkR4lAaI3COQyWfXGe9Esq48fhOPdtkdDbSkhNCYkx--h6XiFdkMOnwwy7eUOpM6GrQ6c0oc2RjXJf7EyYt0LdFAlSI2wdEmm9UvIQo-eD-vncIyO5XwVUGTEEyaoNcwED0EWWoz1BTPGLsM3ec07-18Eu8z-uFhDT70DAJ2th990DlFOQ044-Qr4fiqAgUogO9fDYDTDdw_0n2MSmnM9w-c8BvaoIanQy-7d_3gQZ4WguM-b0qhdWwY6lGUH-zmzh2iiYk4F0CaY02aQ&sai=AMfl-YTkBeG7zr9QaDv1ShieCx2Q52EMDMzcO7Zl_vaFiZsOdWpSCa924QPa81P_aDdK4sOhKgRqqN4SpnI4HBYNMrFCGJCSzo7LTxXJ1raYcYQQ1RQPZ6JdL4w9SPyM8Q&sig=Cg0ArKJSzKAOOznZv0qEEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 05:45:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 05 Sep 2022 05:45:28 GMT
truncated
/ Frame CA60 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
229dda7fffb55262d3c8d09450929163faf58d164b70afba69ef6d9c54d1d934

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
DP_DE_KG_We_Do_Breakfast_Q2_2022-332315635_js.xml
svastx.moatads.com/iprospectdekelloggsvpaid504439310313/ Frame 1B4F 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://svastx.moatads.com/iprospectdekelloggsvpaid504439310313/DP_DE_KG_We_Do_Breakfast_Q2_2022-332315635_js.xml?apiFrameworks=2,7,8&gdpr=&gdpr_consent=&zMoatADV=10043143&zMoatABH=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.169.149 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1114c0ef7602fb7a2fe0764bd30c532c6749cc8c00d17121a1ca4f1491312822

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:28 GMT
server
AmazonS3
x-amz-request-id
J6XCFQSMZSKDGBMJ
etag
"d006028364573788940e35de95b8f6ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
4669
x-amz-id-2
ac0i5LjLWvYbrrt0IH4ZVOMSr40lEUJdgxCByqVd+qWa4aLplY/i00LIBcw14MlK8vlKmOT7ksQ=
expires
Mon, 05 Sep 2022 05:45:28 GMT
DP_DE_KG_We_Do_Breakfast_Q2_2022-332315635_js.xml
svastx.moatads.com/iprospectdekelloggsvpaid504439310313/ Frame 82FF 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://svastx.moatads.com/iprospectdekelloggsvpaid504439310313/DP_DE_KG_We_Do_Breakfast_Q2_2022-332315635_js.xml?apiFrameworks=2,7,8&gdpr=&gdpr_consent=&zMoatADV=10043143&zMoatABH=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.169.149 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdba421ea9a0160ccd376d9820e6fd492bf3f40f05697fbab91708d58f3c8adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:28 GMT
server
AmazonS3
x-amz-request-id
J6X3T0PAM28MRZJE
etag
"d006028364573788940e35de95b8f6ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
4667
x-amz-id-2
i1/EtIfFds799L31b7sJXnYBIONdjCf5cC3Xg/rh65a9xcPoK2lMBdVFmA1K+iW4dTjBOUx/jHI=
expires
Mon, 05 Sep 2022 05:45:28 GMT
DP_DE_KG_We_Do_Breakfast_Q2_2022-332158661_js.xml
svastx.moatads.com/iprospectdekelloggsvpaid504439310313/ Frame 566C 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://svastx.moatads.com/iprospectdekelloggsvpaid504439310313/DP_DE_KG_We_Do_Breakfast_Q2_2022-332158661_js.xml?apiFrameworks=2,7,8&gdpr=&gdpr_consent=&zMoatADV=10043143&zMoatABH=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.169.149 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
079116f3f4f35602f68b90169855acf08611ecb048665d11367bf78fbec270de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:28 GMT
server
AmazonS3
x-amz-request-id
J6X47QGDZGTDA7YF
etag
"bee6cecb7cdfb24baa7da957b57b9e29"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
4669
x-amz-id-2
X28Z+nn7Rzjy3Mfl8OtdbxbLX2Ud48fg8fL8aACiMKH0wDTmsvUdQYUFVfeMrCVTfOO1HvLuRoc=
expires
Mon, 05 Sep 2022 05:45:28 GMT
DP_DE_KG_We_Do_Breakfast_Q2_2022-332158661_js.xml
svastx.moatads.com/iprospectdekelloggsvpaid504439310313/ Frame 8539 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://svastx.moatads.com/iprospectdekelloggsvpaid504439310313/DP_DE_KG_We_Do_Breakfast_Q2_2022-332158661_js.xml?apiFrameworks=2,7,8&gdpr=&gdpr_consent=&zMoatADV=10043143&zMoatABH=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.169.149 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46ac090923002199d457545bb927c36042e9a959105c17353a79d999579f90e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:28 GMT
server
AmazonS3
x-amz-request-id
J6X3DPF7Q5CQ9Y2S
etag
"bee6cecb7cdfb24baa7da957b57b9e29"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
4669
x-amz-id-2
14nUT50MkuGHWU71TlR7GA6Xh2/3+FkbWcU0pPvnrqhIECafNn5jgpb8ChjJMjly/F9E8Dc9onI=
expires
Mon, 05 Sep 2022 05:45:28 GMT
async_usersync
ib.adnxs.com/ Frame 471B 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:28 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
be493596-63db-4ea7-9004-1db0c477aca7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 097C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022083001&jk=3433505372170739&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame 206E 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 20:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 20:17:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DAA2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhWpqnhftYZ7ib_Ewkja56-OPUxh9iZhFNWy2JqROBoMIAUKYwTOTVVWOq0CHsSfzEKEv60SjsdAizWK6ekwOCmpvKjQrUgGjAhXivlAfM5FiceT2ZS4IuDbhFExVc3fhrN47K_Rk&sai=AMfl-YRb1vLW4lbC0DSyrxv1LTnED-IaYsIQ0CerXKfwz90Ipn8Y3g1QeTRsfbgeZi28NweZrE56wXpYEsR8rClSJmHRFl0G0-wKqj5E_64VSlmBrfORi07tsQqWQ_5MF1s&sig=Cg0ArKJSzK5cINcnT_nREAE&cid=CAASJ-RoeayDVrMwNyuWzd3ziors-3CrTyNQKwVM1qZTvnBUV7PBBKGniw&id=lidar2&mcvt=1000&p=172,315,422,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1032522175&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662356723597&rpt=3497&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 05:45:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2F38 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 05:45:28 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
93ac54e7-1f57-4263-8cd0-915d3c18b58e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 206E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?b-r2zQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
multitracking
ghb.hb.selectmedia.asia/adunit/ Frame 4CD7 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hb.selectmedia.asia/adunit/multitracking
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/x461765/hbw_master_310028_7816.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.viva.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.viva.co.id
Date
Mon, 05 Sep 2022 05:45:27 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1kYjY3ZTYwNi0zNDIwLTQwNmEtYmE0Mi1hYWY1NDI2ODlhZWMmYWRzMj0xJmFkczM9MS4xNCZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTFiNmIyNWVhLTBhZmEtNDdhMi04ZGEzLTZiNGExNzg0ODgxMCZhZHM5PTAuMg==&adsourceId=db67e606-3420-406a-ba42-aaf542689aec&cb=1662356728351-6207a358-5b5c-4c96-9568-d8f268c7503b&e=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1kYjY3ZTYwNi0zNDIwLTQwNmEtYmE0Mi1hYWY1NDI2ODlhZWMmYWRzMj0xJmFkczM9MS4xNCZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTFiNmIyNWVhLTBhZmEtNDdhMi04ZGEzLTZiNGExNzg0ODgxMCZhZHM5PTAuMg==&adsourceId=db67e606-3420-406a-ba42-aaf542689aec&cb=1662356728355-33ba6ce3-5702-4ad1-89f4-c0513cca9881&e=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1kYjY3ZTYwNi0zNDIwLTQwNmEtYmE0Mi1hYWY1NDI2ODlhZWMmYWRzMj0xJmFkczM9MS4xNCZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTFiNmIyNWVhLTBhZmEtNDdhMi04ZGEzLTZiNGExNzg0ODgxMCZhZHM5PTAuMg==&adsourceId=db67e606-3420-406a-ba42-aaf542689aec&cb=1662356728359-714452a7-28ac-4ad6-9bf7-b899f438c0d2&e=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track-selectmedia.com/trackv4/ 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d17=DE&d19=10&d2=1662356724&d20=105.0.5195&d23=tag_ce184343-205d-450f-a6f8-357e4d8516c5&d24=dce12634-2212-42af-bbe8-925f0e70fd45&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=9405327d-534e-48b3-b878-0b16989e4a9c&d4=51cf7e5b-7364-4276-9cfa-a78fa9eef942&d5=viva.co.id&d8=1&d9=Windows&channelkey=dHMxPTUxY2Y3ZTViLTczNjQtNDI3Ni05Y2ZhLWE3OGZhOWVlZjk0MiZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=548&d26=448x252&d27=0&adSourceKey=YWRzMT1kYjY3ZTYwNi0zNDIwLTQwNmEtYmE0Mi1hYWY1NDI2ODlhZWMmYWRzMj0xJmFkczM9MS4xNCZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTFiNmIyNWVhLTBhZmEtNDdhMi04ZGEzLTZiNGExNzg0ODgxMCZhZHM5PTAuMg==&adsourceId=db67e606-3420-406a-ba42-aaf542689aec&cb=1662356728363-8ff98a57-bb44-40a3-aa4d-d2b82755eebb&e=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viva.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 05:45:27 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4CD7 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022083001&jk=3433505372170739&bg=!AQKlAkbNAAZTikH4c4o7ACkAdvg8Wig4kff8KzwJDoOzNPO5XIKkPKA6apslIAQuCaBdYRAVLm5VdwIAAAB9UgAAAAJoAQcKAFnJYbC50NfePKnBoz0wyLR1wXjrZZ3vfDSmCORFq9PpXbouL18-rzeedRuwvY1CCJqt6Ru_Z2QTMJfHnuD5_YYGGatXXEmgopwA2lRi18YCM4IhdgXD7gFw4ZkCxPRlOM13qgJ4uV89J1mrXJs00nuKiz49HG4m6JFxY59MIKnY6FANm5DDxwxXmQNj_S5GxkfPzOE22a55KQPIyyh4jUtkhe56isfdTJ6krxetDRt0_kCkQ5i0POSL5x5s-cjeVZvsRr3daJjyhHjgzRjl2UptuhD8gnEj10kVSano-NWDkqChUjj80WHAOVirv0IaycRdDe5qwjOW7eZkN_3bjopg2jZs_ySOLgRzlpjzxEGyqWZTIOl6vHMuQxnS40b1ZtVytkrYmyRv9gCaPK6YWHNa6yiibH5TQXqvClyBoClLDuAfjSEuMnCMI0XCkKaCnNWYK60NFKKlrAjBJdN73Ui_wM1RhJVodGYgNTUVPJ3v6_kma6iXZ-ZgYdEeHNeMScrUR6GjgE1crNs-q49jljF-hteoyx7TlxtZxQb0lhF2OyPKEleT8XHMPdCvdGUnCi7gfknpwghBJL5RUTR0mefk5nzcKwqWINtlqPN_iyMm4oeXVEJZFERwxs36KVbAphNgNYS6PNQfHNuGNHBII-7oWzMg4qRk4ctkEsK_7wlXd4ll9Fde9FPuo-Niqnc9EmC0QTCqmoGeONWEWz7UXBKe3zIPixG2dquo1ZKOanz8TC-K4TC-nqUcZRT6Y0LdrnFTNCWeuG_IqRbWXrvPcTTFIGq6ZmfovvIZvM-VxXA-IITvh7z4VV0AQg1KBNZoAdtYJzx_xLj74yJYFdqSnuy3wJMk5Vz3OMDst5RSwkPrrQOPKQxg99z0OkX1kU_q_MifnZGRjXK4vNwYFd0WfmBcL3bn7hmdUQsNo3gGCsFPsP3bLDIViDOXVARNy4qF3iXbO2PK-BjBqgtG2bJgR_-e8Q_ntUfwwJYetYtLwsY7Lr9bYKFrqXCAyzUtvNO7sK77Rz1aGSjDLUpD6gveZI87kg2WTofJKmS6incGgfJ5YA

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer string| viva_base_url string| csrf function| $ function| jQuery function| analyticsViva number| hit_log_count function| uuid string| GoogleAnalyticsObject function| ga object| interstitialSlot object| staticSlot object| googletag function| loadDeferredStyles_vlix function| raf function| loadDeferredStyles object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady object| user function| nativeShare object| firebase function| webpackJsonpFirebase object| pushPopup string| token object| firebasePopup string| permission string| laravelToken string| urlSendToken function| main function| cancelButton function| checkPopupStatus function| setStatus function| showPopup function| removeElement function| getToken function| allowButton function| sendToken object| lazySizes function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| PWT object| OWT object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| sm_tag_tag_ce184343-205d-450f-a6f8-357e4d8516c5 function| NewSMPlayer object| msgData number| google_global_correlator object| closure_lm_543177 object| closure_lm_254456 object| closure_lm_832292 object| closure_lm_577074 object| closure_lm_652374 object| closure_lm_379084 object| closure_lm_886043 object| closure_lm_96461 object| closure_lm_226010 object| closure_lm_428174 object| closure_lm_704464 object| closure_lm_90764 object| closure_lm_619170 object| closure_lm_955134 object| closure_lm_609240 object| closure_lm_138358 object| closure_lm_540747 object| closure_lm_536291 object| closure_lm_761136 object| closure_lm_849940

38 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m855Jl-9e452cccc48ad50554-00g
.viva.co.id/ Name: vivID-article
Value: {"content":["1511004"]}
.viva.co.id/ Name: _vivaSectionCounters
Value: {"berita":1}
.viva.co.id/ Name: _gid
Value: GA1.3.471711825.1662356722
.viva.co.id/ Name: _gat
Value: 1
.viva.co.id/ Name: _ga_YFFX5TN9EH
Value: GS1.1.1662356721.1.0.1662356721.60.0.0
.viva.co.id/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.viva.co.id/ Name: _ga
Value: GA1.3.1280455543.1662356722
.viva.co.id/ Name: _dc_gtm_UA-85211792-1
Value: 1
www.viva.co.id/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.viva.co.id/ Name: _pubcid
Value: 93e1ff8e-9c33-42d6-bbc9-5ec3a221b074
www.viva.co.id/ Name: cto_bidid
Value: gzp9tV9TRnJUWnZaNjJjVCUyRlc0JTJGajU3NUJDQmJlWGJrekVQMFZkMzgzdSUyQnhGQ281T2lrY05qeHhuamlBdzVyNEJGbGl6QTklMkJlQmlTcjVVOEFyajMwQk1TTEZBJTNEJTNE
www.viva.co.id/ Name: cto_bundle
Value: tDoUuV9IbHdUdzlMWkxNWEc0c0FCSm1UNktSSXBRM2hxcTdES1Ryam9mWXBKSU5va281dW9xR0RINUxJUTNzZDB1cnhkTUJkeHFqbSUyRmglMkJEVHVHN0liUkhHYVZGWjdlRVNRNGVEcHFtcGhZU2Yycm5OT3IwQUJZNUVxblFGV2JYT1ZUeXg
.casalemedia.com/ Name: CMID
Value: YxWM8lxjmMCJg8zGRvlwPgAA
.casalemedia.com/ Name: CMPS
Value: 1163
.casalemedia.com/ Name: CMPRO
Value: 1168
.casalemedia.com/ Name: CMRUM3
Value: 2f63158cf205a0&e663158cf22760&bc63158cf205a00&2763158cf20b40&4163158cf205a0&f163158cf205a0&2d63158cf205a0&0863158cf205a00
.casalemedia.com/ Name: CMST
Value: YxWM8mMVjPIA
.w55c.net/ Name: wfivefivec
Value: O4bsfP7d1Ov4Vd5
.w55c.net/ Name: matchcasale
Value: 5
.doubleclick.net/ Name: IDE
Value: AHWqTUnQvGikVihN5LKF_eqHrcpARsn9toUQsnLfr99_Lq86nHaNl0Sb54N83_zoaK8
beacon.lynx.cognitivlabs.com/ Name: UID
Value: f58c3882-71cb-4858-8422-bb0e44f0211f
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 9KcaXbtb8IUuvzpwYStFyESL7AawWpEPxB821N98Uf7Fj5TZM6StDwQsIe%2BUW%2BGDakbXNyBGj00ak5R9Q9bLGQ%3D%3D
.viva.co.id/ Name: __gads
Value: ID=55b2b8a94ebb9ab1-2280673712ce0035:T=1662356722:S=ALNI_MYvjQqVTnLgVTYEtK3G8Wt7AxU3PA
www.viva.co.id/ Name: _lr_retry_request
Value: true
www.viva.co.id/ Name: _lr_env_src_ats
Value: false
.adnxs.com/ Name: uuid2
Value: 2093482516666589991
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Il_t=y^%!]tbPl1M>e)ZlrFUfJ+tGXxp.^E(kyHgB>[AfoB4?ffWVPmn^kYvnAgk7Q9^3If)y3KL9D3I?+EI^ex%
.viva.co.id/ Name: panoramaId_expiry
Value: 1662443124344
.casalemedia.com/ Name: CMTS
Value: 5128
www.viva.co.id/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-05T05%3A45%3A24%22%7D
m.exactag.com/ Name: exactag_new_gk
Value: e969be0b0716438cad031ed56ccc5095%7c04.11.2022+05%3a45%3a24
m.exactag.com/ Name: exactag_new_uk
Value: 5e54c76b8d8441449584f7ad5d93f27b%7c
m.exactag.com/ Name: session_session
Value: e8117e22305c47beab8f1d1f
.demdex.net/ Name: demdex
Value: 23895708668460603970419403547743094526
.doubleclick.net/ Name: DSID
Value: NO_DATA
.skydeutschland.demdex.net/ Name: skydeutschland
Value: 23895708668460603970419403547743094526
www.viva.co.id/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-05T05%3A45%3A25%22%7D

9 Console Messages

Source Level URL
Text
javascript error URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.viva.co.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://www.viva.co.id/berita/nasional/1511004-grafis-kaisar-sambo-dan-konsorsium-303-diduga-disebar-internal-polri
Message:
The resource https://thumb.viva.co.id/media/frontend/thumbs3/2022/08/12/62f594942dd55-ketua-indonesia-police-watch-ipw-sugeng-teguh-santoso_375_211.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

39c80f03acce4f56d1192a366b55d763.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
api.rlcdn.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bid.g.doubleclick.net
bit.ly
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
casale-match.dotomi.com
cdn.indexww.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
csync.loopme.me
d.adroll.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
f604d0068ef64c94ee184a6f0d8109d2.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fw.adsafeprotected.com
ghb.hb.selectmedia.asia
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hitlog.viva.co.id
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
m.exactag.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mug.criteo.com
nep.advangelists.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.quantserve.com
player.adtelligent.com
player.hb.selectmedia.asia
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prg-apac.smartadserver.com
pubads.g.doubleclick.net
public.viva.co.id
r.casalemedia.com
region1.analytics.google.com
rtb.adentifi.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
select-d.openx.net
serv-selectmedia.com
skydeutschland.demdex.net
sm1.selectmedia.asia
sso.thevivanetworks.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
svastx.moatads.com
sync-tm.everesttech.net
sync.adotmob.com
sync.extend.tv
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
sync.teads.tv
t.pubmatic.com
thumb-jagodangdut.intipseleb.com
thumb.intipseleb.com
thumb.viva.co.id
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track-selectmedia.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.viva.co.id
api.rlcdn.com
pagead2.googlesyndication.com
104.111.242.245
104.18.18.126
104.18.19.126
13.32.99.105
141.226.228.48
142.250.185.162
142.250.186.130
15.197.193.217
151.101.66.49
154.59.122.79
169.50.137.190
178.250.2.146
18.140.153.200
18.156.0.31
18.184.153.97
18.184.57.192
18.205.75.24
185.183.112.148
185.29.132.241
185.64.189.112
185.64.190.82
185.86.137.114
185.89.210.20
185.89.210.244
192.132.33.46
193.0.160.128
198.47.127.19
2.18.169.149
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.202.235.9
23.205.235.133
23.35.236.188
23.35.236.201
23.35.236.247
2600:1f18:1aca:4281:f6d6:134f:4507:dfcf
2600:9000:223f:9e00:8:48e:53c0:93a1
2600:9000:2490:e400:18:d576:df80:93a1
2602:803:c003:200::31
2606:4700:10::6814:9570
2606:4700:20::681a:b69
2606:4700:20::ac43:4677
2606:4700:3035::ac43:87f6
2606:4700::6811:190e
2606:4700::6812:d4c
2606:4700::6813:ac6c
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::2006
2a00:1450:4001:801::2002
2a00:1450:4001:803::2004
2a00:1450:4001:806::2001
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c07::9d
2a02:2638::1c
2a02:fa8:8806:12::1370
2a05:d018:d29:3605:2390:b34:10a7:b503
2a0c:5c81:5142::2
3.121.253.223
34.107.214.50
34.117.33.6
34.203.176.63
34.247.103.17
34.249.197.140
34.95.81.168
34.96.71.22
35.169.70.139
35.244.159.8
37.157.4.41
38.91.45.7
45.133.44.3
45.133.44.4
51.38.120.206
52.1.53.88
52.214.10.150
52.214.46.176
52.222.209.55
52.28.203.152
52.30.247.235
52.31.24.18
52.46.130.91
54.205.25.10
54.229.167.95
64.202.112.95
64.233.184.155
66.155.71.25
67.199.248.11
69.173.144.138
72.251.241.204
019cc2e3e3b56d309938ac3bb405415155ad57d8916b89001e231130e1c6d0e7
0523c1778d2b320083fee90379cd40a082559ef98603f026289534777c4c745e
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
079116f3f4f35602f68b90169855acf08611ecb048665d11367bf78fbec270de
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
0b7e453f56b14780317e486bfe8714241b2b58cc97274a319ceaee663911b88d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0dd2c416c3dfcdc1f48962dfd1310e72467d51990916eaf20ef26297106b685f
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
0fcb01f0f898e7dc699753bef777952f58000d241c5437454a193875e045ad3f
1114c0ef7602fb7a2fe0764bd30c532c6749cc8c00d17121a1ca4f1491312822
1247f6a7b302385d94fb2a3783529a94d3761436805ac3700a25235c8ccda228
125c09084586f6423ccbecbb8fa4a86a603e2e818f96c6c924da89a698cbed88
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14e647240f4d3ea29934faad8443ca4d3b66d03ad000cf38853e1d541faa797a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cb1e656c944178e0372dc8aa57a530581b10e282740ff2aba50c265280fd32d
1e521500863df6e0d7720de7fbc7f19d2ca5c38ecabf84c89d3e2401b10ac994
1eaa42281405f5da03843017f62d03ee78fc54aa734ff7082ffecf35c9a230d0
1f0aa5d1701197f101192749dabd683261a1f86d4fe54d7134d790994451b68a
1f8e0192c92e7c35ad7a22c9ede7eb484655b660a33758c1ef82b670a50b1a79
229dda7fffb55262d3c8d09450929163faf58d164b70afba69ef6d9c54d1d934
22a037ee1ccea384096d351e51889a72902058b870f9dcbbeb4603c9100f62ea
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
24affc17276fd2ddc409767414d0e21558be763f5ffa5fd112e261bc3323caaa
24faf58694860dd63c6bc7504ac7e2ffedc81e44cfa7423370d2bc94a4ccb2da
26adad5957319e97c300694427022f67b32738a2555705eb495da49eca589e6d
2754ea4be826ac173d67f7a3bdde928f64a4b1ad7cea6074313fd148164e130f
276614ae41c1b0bed5fd323d6a0eb5b8878d6cbafea89582f395f96ef112bde9
2c0eff8375792367f93cef4022137c313020f96e68ced9986bff0015f1b94600
2c1da68f52aa196ea14a82cd7529c76f11f766e65f773096921d7ccc1713846b
2c6ab2e21b02f2aea633cb0449cb9077dad5a5c6eb1597f3bbe7897906cdb559
2c961539bdea05629dbcd160e681e5b4490386aeb13c22bd36d905dbf3c545bf
2d1282f3fab624b88c76dc91d5057a5938b37c504e2f08bde57db6e72ef7b249
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3099d1df4f87199cfd5ba727f0fc5e148ce33ab9d8ffb146ade89bb4abe65a38
30fb4306a511175f93fd7bfce51f842cae92cc423e52ea85c0f02328b67fd328
320e31a989e5b8143e92eff681675cd2c6d0d66299f987baa9f73e0ed8f84005
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3523bff0d7c1443bf24ceb65d223d1f5e6735aba4f286f86085c8632a9178282
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
3599acd69a74bf92c8d05f4ddf3d0af3d7da2b1967c2ce76b7da00e281626b1f
3789e705e8d28714755ed298479b5711dab64746d48231eeb638be4ba7d0b1f6
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66
37c37f61c24bf637defc8a3b6b2b65f36c418fbc42f171d02fc5f0407efe21ff
388bf997e8dd4892f6050913eeb084d6d89fd183da52e41b01b25ddd44ea07d6
399df1354a8c1c52af09007b0467037c13905a3dc981d6593965379d23da5396
39d8b22242b96b4c1c1af89dccbafaf6c2b94ad6de1167c198ab5c010ba86a53
3a88ea7c27c4e99a4114c3a490bc1c59c51f7ccb6a8a5f13c37d35005b7af2a6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d8198f2fc05ccd301ffd7be75b05c4bf48c8e1b46928f48cc533000a231a352
3da677431b6bdc1ecb8ef0517d61006d5fe5d0f21ff118108d216e392e8e56e6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43203c66b949f45d33fcd81f14991f16ec87dee97a6344cc71256f9705c944b5
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
44087b01c3c31a133659ac905510c1e030f670dc75b2db7fd02abbedcaa682ff
4672b37f99a355152ea5257ba3187597fb9a12fb33a06492131461f469f5dd09
46ac090923002199d457545bb927c36042e9a959105c17353a79d999579f90e2
47c65e4e4ad367d8acb58becdc3cfba521cfbfc42c462a5d13eb501b306a8ad0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4aea2736ddb67bf07394268c3934a24ee0b5c4c8dac053216b30e283a7beea59
4b1b9acbde244a58d454cc35301a3b57309abe85d5f6f7b37f37ac64977955f9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4feadec0ad1f127439e1245a428ebd2e585471f5bced4b0d758f959355a70980
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
532716b1aa583adf14edf08c92125f721d7fa17f30c75ee086a1f8558361e0b9
54b97bd6d46db54e5d9f5a310761223c642f571a1728c29af7fff574c0ca82a4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
590203f5e058dbe831f7b0ef61c7f881ea1057d2fa26cd99d6e3ab2a0f2ff585
5979352937910f86dab4cb4fcd93a31bb0bdf6706902f756cddb3298c4f1bd3d
5b93375608ccdd64e2d47f13e20fe34c7eb801b4658b111d0fa173112340a2e1
5bc9acac20a54832753ca4a2b42da4871293041cff4957fe7afba869d886e456
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5da0696e31f43c9a68313c1cce2754a3166ff9997e5b7b968a505015e0e73c4b
5e037112f3b40b94be7411c637317b1c443f696d78dd18b7d85ca5f325a53a4a
5e05ec5a1ac4e92f77a78657358959a2dd0da58c5c9a83d18add8adc8965ca60
5fe49076149c3434419e870ec812e5b13622c79a79652a94e89cc7e7473dcc84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a82ed499909e2232b1bdc3807b4d81bb6497115338abc33d60472c8f0f7bfd
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
670baefbdd5ee72db3d7385842cc19dcaa0a2c3766f476f1b63f81f21f0f551c
680cfca4efa2537884036c4a1d3c27262f97755d095a135d24a230f227b2ebb4
6a77994c4af341384c09dffecbb881ef0f625e1e22d1adddb4321b1930dc5c8c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb479566a749b5bdb65fc64ba288513f441f4413730002bcb1e25ad903d1687
6dd6e767ca27fdd8f918d46e7ae346081d388900b4a784f0f3a2cdbb950f442c
6f2f449040ae8f04c199677e26d75732477bcda2d8bfa06312216df67434710c
6f5d18b1769507b97d8718a598fcecd3bc9e270bc11a520d769b2d06452418f6
70b8a4b6f8c4a18fb52262cf65e100d794abadd1fd138599124851d99e605954
70c3a8d5302be5f687da1e905610e04520579b2da789c9bd3de3a27aa94df580
727711e56af2bae60b9f1c96a71d7a1b806e0f3d887e29374f010edcc44a975b
735033f0d802e553461e5389478e9310cf53ff20d6e2735ee84848e9eb3ae4ec
7369b1436763e68affd57d93ba0dad30ac5432ebfa8a204b3017f3d10a0877fc
73a69cf2a641205f7113f570db28ad9c33d2e517fa9a0f37cca7d8c46ad3e8c5
748646bc30925c61574071e2cfe947ece6be153f4d4e4b5d1d192cbe2f5e6cc4
766550f9e927fbfb19c49aced320ac65894807ddfb8956dbcc61ed3b5d3800c5
7731964853ddf7af5d71c9ee41593f8cdd7ce45142cf18457d3653883b716b1d
78091fe2b988ce79f713a8b5d24649ff229144a74804062e9bc67d588aee55c0
7a348664ed425a0a3309170525f3ded361ae880e9aebbc7f582f1359e19f2a12
7fa5b01ba0b6a2c1fd0671c1f07b7a834cba959227b83b27ea8b48c90ea3ba66
7fc478deecb19ce2f6d8248414c571b632b9a738b442dd9acf8e8a30c98c6a6a
82abce0fe71054b83fd78d28aeea185d5423e823a6a3c556daed054ffa8ec0d9
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84258840e9f2f4f0217c93a7f6ded052fae9c6f415744931b41ff518b57365e2
84714fb67f035a8801213a5623d70a6b8ff162d57b8649f21711e40456594422
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
877ec4d265efd67e858af4c033447928e2f2b40e142396e535320c7cd3779735
8a5c4c0c4d0dda1fd9f62ef917e0242ef2b9d22be2d466d16057153d1c49bf1f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd41480e9a2fddf5d231918b070d2bf4960a979bf0793f92a6b86970aa999a2
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8cf9cf1a777791f780843d27b7ba52d23dd1b6521baabbdfce3f8110dbeac2f9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9032fd52e1476503fa601ca09f86a3a81f586c668145afb095ce04e369583a34
906a8f9b7d667e5e375fe03b700fc50552e368a5c06f8874c00eebb67588d3e2
9262e32a854a52155e7bf3839fb5865de22d81626cab0c9d20d67fa8a33c4b6a
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
994c52886d9dc9ee58e9168c727586e0e3a8ca03aa6e4bbdffc7b4236508e619
99f9762cd613e0d36e9bb53f8c51d5e4c5393d3452e34e9dd532348fe3489475
9a28b42360dd1fa1bfc787ce334573f4a9315a6b81396d0aeca4797e6c21d7a4
9b5705c5104eb9425131b1173883066dc7392bfae2c7d8808e13975e95f1ea0d
9c47430da76da0209f1165ec842295831babdcf9ede29c951b01016dd846cba7
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a974b726c48d4a3864a9abf175e984eb93599dcce4dcbc54f478b607dcfb5cb8
a9b0999f439d6fc07e37171f45a1cef5a75c419dcfcc28321ec6f2ce12011b07
ae5f2df856109a86820c1a9a5599f89ea22884b247fd8bcaa46a53e30c624fce
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
aff287048099e612fc06238a517da6fe4f980e01d53c8b06addfe21e10cdfa4a
b00b23df1ba3482972e5ac3fdc7da3a84030bd46d7b1b3e6a36d57bcb0fb8d05
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a
b6dab4c9527186cb7091517a5151a652e14aece45ea1a06e375737a7d3a1b6eb
b8d673259d0bfc678aacef4e63f8ea06ec4b8694faa22927ec51e4a79ee5976c
bc5e335fe3571dbab8bca01a367f3876191db95264692139b626c80bff6dc39d
bd9e672799f3e908f9ae536c42eabb6b4300c935f5d80bed2a5a77509918578f
bdba421ea9a0160ccd376d9820e6fd492bf3f40f05697fbab91708d58f3c8adc
be8b92c51b89540904f76d11f22f9fbd0f2aa2ad541a32e32584e65f3400febc
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
c0af98070c3ae0a6e505ceff2d201675513e944bb40a50a76d7f161091260851
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c405bcd8f92036855018ea498b39743853763006f991c0c152d92029c38ba827
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
c7169050ffd9c2e7767cde81407153dac88c4d93f578331b12e6bacce4649b64
c858fc9d52a0c86864ee0387f9998c8ec7671eaa4a637707f803ee0013b268e4
c8f960f9283f98e40e891b4b7009796ff82c7c4dae6beebb6a5b19876d4ad061
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbb6c86e1b1bffbd46fd53d0f468b8e5d97818bae9e2d9c83f69ff4a5889077a
cbbffa52df626ee707349fe17c8b4d88aec2a8bf0131aae75b8fb2f75b734bd2
cfeb870162228c764b5991a755eb25eeb970d1d937ebb9d782b5ab3042a3a772
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21
d4c8bb2f240eba7ed155da7bab290ec400936a4276d0dc29192cfddde025eb48
d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33
d5cbbeb4972b3717ac08103b4ad7902368d349c0aa0523882bd1524cb7c58185
d7a4044c362844a24d59f4a9a9cee9ecdfee4a80c659009f51b7216cf31b26d2
d7dd271762e5197288478c0b5998e2b62aea8da4dc7e45152faed120043f059a
d8825e6c38403c234f6228f6cbeb88c276f0e62cbab1900d044cb8f5c2d0472b
d9146ecda0c1966e3907f45029c682fc1c5f5a32fef081ac28e7072ce2282e02
dd9da1f019b1a844a8f6fa3f4e716c6461cf7a501c3046251abf88b8388e9074
ddbead4c3777bf55f3c9b842f5ab629388e31a5f15c7e63ed14604e5b431fff6
de5337c4b900f0202f38afa98c5e156d58d2ba713a29db3e5fb410a19b65423a
de57c3f8454642cb36158676bbde860cb45c88bc175ba4e88afd9b77df36c83f
de590e702f4d25be07060c1081c92ec8d3771e5b093ae49645589e80623fa013
dfc2fee3ffcb45713946f7e388d16766c366db4c55a9478125a3fbfa94fda576
e25076b5943f63b46a556aff0e2f3d8881b24209facc868883bdc80e4dc61f5a
e2b4446b088b671a0551c227061dc3556c5919661d0b217a1f90c0ac5ec03fdf
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f475945df54bef8c4dd1aacad646bdf40e384229ab4e07a8bd6f28d43ed5f4
e51080621a975fa248be17a6ce504276c933decc8692e375ca90cf804b443cde
e5625d5bcd517d85dd87fa8cae8d149220802b7c1697bf5f8a9bb551de92cde7
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
e9506af6d51b6c3849f9877b1d89ec4d837e08c62aa4bec9e8221e8cf269997d
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
ea5bb2be733aed15e4bf022268c250cc1a2ee09c9bacd4b319c5a9fc99c36da3
eba8f958f96c2043d58e7ac7b785d69c2388905b6178f0382dcb5dc9c80dd98b
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1535199f71b96d423d3f991a5a0a92ca5779e74d2e23a509b5022ef347129a2
f4431ed2e1a04ff61147b043d77314af2c6711194fa816b09187c945a24be7ec
f6cf6d5639ffcd747e54049ad4bdcca846425e4def6279d2f012c497b2bc2521
f775b8b484fd003de513de74bd16c2e1fde07790eecdaaf9f9e738bffd0a7223
f7c5da522698d5a098227688e5b71701570ff2746554abe0083d1e534f19c240
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
f84458950ea6c2de7af2c342ea230b5dc258fe0e26e4dab37a897398ff851d26
fa2f456b4a38fe08e8de5baec5f25dc6819298006b5a06e872597de3dee0bc67
fae8dd0a0770d369ebd63a9c0a638f97a57aa94688a58240409590bf0959db18
fb51764b7d6681cb3e1c5e3a9d93d73c4997f3fa18c929dbb5131ed295bd38e1
fbf0af2030686af9c2b66c8db72742c57530aae9b91b7ae8e3700a24e32578b0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff393d6091ca6df956a189411d7f152ec4957f71b09ab2a0ae3d6089c7a5ce16
fffbe22f67b1884c5f21d0a5705784fe3c3b7c19a17037043868a5577a6af066