www.viva.co.id Open in urlscan Pro
2606:4700:10::6816:3658 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.viva.co.id/
Effective URL:
https://www.viva.co.id/
Submission: On January 18 via api (January 18th 2024, 1:11:07 pm UTC) from US — Scanned from DE

Summary HTTP 327 Redirects Links 68 Behaviour Indicators

Summary

This website contacted 65 IPs in 9 countries across 49 domains to perform 327 HTTP transactions. The main IP is 2606:4700:10::6816:3658, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.viva.co.id. The Cisco Umbrella rank of the primary domain is 130681.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 25th 2023. Valid for: a year.

This is the only time www.viva.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:3758	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	2606:4700:10:... 2606:4700:10::6816:3658	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:d941	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::ac43:87f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:25a... 2600:9000:25a2:7a00:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	136.243.84.75 136.243.84.75	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	18.65.39.29 18.65.39.29	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:7d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	23.211.9.91 23.211.9.91	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.120.222.225 3.120.222.225	16509 (AMAZON-02) (AMAZON-02)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	89.149.192.192 89.149.192.192	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	23.52.123.144 23.52.123.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	63.32.195.36 63.32.195.36	16509 (AMAZON-02) (AMAZON-02)
1 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
43	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
34	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
16 20	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4 18	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
2 2	54.243.108.10 54.243.108.10	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.165.183.44 18.165.183.44	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1 1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1 1	64.74.236.31 64.74.236.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
15	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3 3	54.70.25.67 54.70.25.67	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:25a... 2600:9000:25a2:1a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
12 16	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3 6	34.255.50.52 34.255.50.52	16509 (AMAZON-02) (AMAZON-02)
2	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
327	65

1 2606:4700:10::6816:3758 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.viva.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2606:4700:10::6816:3658 (United States)

ASN13335 (CLOUDFLARENET, US)

www.viva.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data-rengine.viva.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thumb.viva.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:87f6 (United States)

ASN13335 (CLOUDFLARENET, US)

sso.thevivanetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25a2:7a00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.84.75 (Cologne, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de

go.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.39.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-29.ams1.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:7d6 (United States)

ASN13335 (CLOUDFLARENET, US)

api-rengine-stg.viva.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.211.9.91 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-9-91.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

ut.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.222.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-222-225.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 89.149.192.192 (Bunschoten, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg-apac.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.123.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-144.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.195.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-195-36.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.194 (United States) 16 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.18.36.155 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.243.108.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-108-10.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.165.183.44 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-44.zrh55.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.31 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.70.25.67 (Boardman, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-25-67.us-west-2.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:25a2:1a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.252.172.123 (Frankfurt am Main, Germany) 12 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.255.50.52 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-50-52.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.14.248.72 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	605 KB
52	viva.co.id 1 redirects www.viva.co.id — Cisco Umbrella Rank: 130681 data-rengine.viva.co.id — Cisco Umbrella Rank: 204166 thumb.viva.co.id — Cisco Umbrella Rank: 70226	412 KB
49	doubleclick.net 16 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	432 KB
28	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	966 KB
22	casalemedia.com 6 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 478 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	16 KB
16	adnxs.com 12 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	15 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 410	311 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	79 KB
7	smartadserver.com prg-apac.smartadserver.com — Cisco Umbrella Rank: 9507	4 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 x.clarity.ms — Cisco Umbrella Rank: 7993 c.clarity.ms — Cisco Umbrella Rank: 1351	28 KB
7	google.com 2 redirects ampcid.google.com — Cisco Umbrella Rank: 2967 region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	demdex.net 3 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 84818	4 KB
6	adsafeprotected.com 3 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 851 static.adsafeprotected.com — Cisco Umbrella Rank: 721	2 KB
6	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 535 ut.pubmatic.com — Cisco Umbrella Rank: 7383 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459 image6.pubmatic.com — Cisco Umbrella Rank: 805 t.pubmatic.com — Cisco Umbrella Rank: 3180	152 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	326 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 423 mug.criteo.com — Cisco Umbrella Rank: 3123	8 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369 fonts.googleapis.com — Cisco Umbrella Rank: 28	35 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6518 ampcid.google.de — Cisco Umbrella Rank: 80806	990 B
4	rcvlink.com go.rcvlink.com — Cisco Umbrella Rank: 37978	15 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1736 google-bidout-d.openx.net — Cisco Umbrella Rank: 1735	789 B
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898 id.crwdcntrl.net — Cisco Umbrella Rank: 2323	13 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 177	866 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	259 KB
3	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 17428	78 KB
2	exactag.com m.exactag.com — Cisco Umbrella Rank: 13028	3 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 1645	1 KB
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 550	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 326	2 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 644 cdn.indexww.com — Cisco Umbrella Rank: 1576	2 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 857 id5-sync.com — Cisco Umbrella Rank: 425	29 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 581 eb2.3lift.com — Cisco Umbrella Rank: 412	834 B
2	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948	28 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	422 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 843	425 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 626	309 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	508 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 451 api.rlcdn.com Failed	98 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 841	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 657	13 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1299	5 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1833	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	1 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253	1 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1434	381 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 247	763 B
1	viva.id api-rengine-stg.viva.id — Cisco Umbrella Rank: 210750	577 B
1	thevivanetworks.com sso.thevivanetworks.com — Cisco Umbrella Rank: 197057	731 B
327	49

	Domain	Requested by
43	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com www.viva.co.id pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
38	www.viva.co.id	1 redirects www.viva.co.id
34	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.viva.co.id 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com s0.2mdn.net
28	s0.2mdn.net	www.viva.co.id s0.2mdn.net 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
20	cm.g.doubleclick.net	16 redirects googleads.g.doubleclick.net
18	dsum-sec.casalemedia.com	5 redirects ssum-sec.casalemedia.com googleads.g.doubleclick.net
16	ib.adnxs.com	12 redirects googleads.g.doubleclick.net
15	cdn.ampproject.org	securepubads.g.doubleclick.net
13	thumb.viva.co.id	www.viva.co.id
10	googleads.g.doubleclick.net	0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com www.viva.co.id pagead2.googlesyndication.com
7	prg-apac.smartadserver.com	ads.pubmatic.com
7	securepubads.g.doubleclick.net	www.viva.co.id securepubads.g.doubleclick.net
6	skydeutschland.demdex.net	3 redirects 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
6	googleads4.g.doubleclick.net	www.viva.co.id
6	0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.googletagservices.com	0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com www.viva.co.id
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	securepubads.g.doubleclick.net 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com www.viva.co.id
4	gum.criteo.com	1 redirects static.criteo.net ads.pubmatic.com
4	www.google.com	2 redirects www.viva.co.id tpc.googlesyndication.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	go.rcvlink.com	www.viva.co.id go.rcvlink.com
3	www.gstatic.com	www.viva.co.id 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
3	static.adsafeprotected.com	0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
3	pixel.adsafeprotected.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	x.clarity.ms	www.clarity.ms
3	www.google.de	www.viva.co.id
3	sb.scorecardresearch.com	1 redirects www.viva.co.id
3	www.google-analytics.com	www.viva.co.id www.google-analytics.com
3	www.googletagmanager.com	www.viva.co.id www.google-analytics.com www.googletagmanager.com
3	cdn.izooto.com	www.viva.co.id cdn.izooto.com
2	m.exactag.com	0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
2	ad.doubleclick.net	www.viva.co.id
2	c1.adform.net	2 redirects
2	live.rezync.com	2 redirects
2	i.liadm.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	oajs.openx.net	1 redirects
2	ads.pubmatic.com	www.viva.co.id ads.pubmatic.com
2	c.clarity.ms	1 redirects
2	region1.analytics.google.com	www.googletagmanager.com
2	www.clarity.ms	www.viva.co.id www.clarity.ms
2	cdn.prod.uidapi.com	www.viva.co.id securepubads.g.doubleclick.net
1	t.pubmatic.com	ads.pubmatic.com
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	cms.quantserve.com	1 redirects
1	idsync.rlcdn.com	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	image6.pubmatic.com	ads.pubmatic.com
1	mug.criteo.com
1	js-sec.indexww.com	ads.pubmatic.com
1	eb2.3lift.com	ads.pubmatic.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	hbopenbid.pubmatic.com	ads.pubmatic.com
1	a.teads.tv	ads.pubmatic.com
1	htlb.casalemedia.com	ads.pubmatic.com
1	tlx.3lift.com	ads.pubmatic.com
1	ut.pubmatic.com	ads.pubmatic.com
1	c.bing.com	1 redirects
1	ampcid.google.de	www.google-analytics.com
1	api-rengine-stg.viva.id	ajax.googleapis.com
1	ampcid.google.com	www.google-analytics.com
1	data-rengine.viva.co.id	www.viva.co.id
1	sso.thevivanetworks.com	www.viva.co.id
1	ajax.googleapis.com	www.viva.co.id
0	api.rlcdn.com Failed	ads.pubmatic.com
327	80

This site contains links to these domains. Also see Links.

Domain
www.thevivanetworks.com
jagodangdut.intipseleb.com
www.100kpj.com
www.intipseleb.com
www.vlix.id
www.sahijab.com
www.tvonenews.com
www.onepride.net
www.oneprix.id
sso.thevivanetworks.com
bandung.viva.co.id
siap.viva.co.id
mindset.viva.co.id
jabar.viva.co.id
jatim.viva.co.id
lampung.viva.co.id
olret.viva.co.id
ceritakita.viva.co.id
sulawesi.viva.co.id
purwasuka.viva.co.id
banten.viva.co.id
medan.viva.co.id
jateng.viva.co.id
gadget.viva.co.id
gorontalo.viva.co.id
jogja.viva.co.id
malang.viva.co.id
banyuwangi.viva.co.id
cianjur.viva.co.id
wisata.viva.co.id
teknodaily.viva.co.id
padang.viva.co.id
semarang.viva.co.id
www.facebook.com
twitter.com
news.google.com
www.instagram.com
www.youtube.com
www.linkedin.com
www.antvklik.com
www.jagodangdut.com

Subject Issuer	Validity	Valid
*.viva.co.id Sectigo RSA Domain Validation Secure Server CA	`2023-07-25` - `2024-08-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
thevivanetworks.com GTS CA 1P5	`2023-12-09` - `2024-03-08`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.rcvlink.com Thawte TLS RSA CA G1	`2023-09-19` - `2024-10-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
viva.id E1	`2023-12-02` - `2024-03-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2023-08-22` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://www.viva.co.id/
Frame ID: A86A66244A62A7AE540860A67C12885D
Requests: 119 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/main.js
Frame ID: C710CC591CD5A7938607848BC0A53786
Requests: 2 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/iframe.htm
Frame ID: AA8C03FED57BD6029E4C780D09296E60
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: E029DF438849B8FDAB71CCE286597BD4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.viva.co.id
Frame ID: E9689B34090E36634FCD4C5AD92E20F8
Requests: 2 HTTP requests in this frame

Frame: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DBC8372420EDDB14863A142E415E1FC5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Frame ID: 1EBC71533BBF979327687A410ADFBC2A
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 3385A578F5A6D4637BFE6C4F54B4657D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2F7BBC9A1ACC8DDB77EA8E9DE2EA5117
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: FA31E53FA844D5314E17D758C079DDE8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: DD65A3B5C2AE7F3CA792E2EE7A33BA7F
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EDCF7772C0C07A63BA7C1B4148EF9CD6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 19D239B3FFC69AED2C45D7B6CA6F7E35
Requests: 2 HTTP requests in this frame

Frame: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DDA5B45017140A230CDF54311B6776A3
Requests: 20 HTTP requests in this frame

Frame: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 71B1749D229F68B7FA3BCD094D502B8D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: D139008CC1B24DFFB82C376B000A7675
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: D0FAB75AEE0838DBF353BFAB597B3819
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: CB0D4A91EDA144A2C7689D85BF9DF52A
Requests: 12 HTTP requests in this frame

Frame: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2C30BA4E01AFBEF23E7F1DE47715874C
Requests: 21 HTTP requests in this frame

Frame: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DC69D8E33713CDE6955CCE40933DE482
Requests: 12 HTTP requests in this frame

Frame: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 210B5B8C1BD37D6822967F46BF37F914
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNWrRyiuKbMPFTyvlslr2IXj7b0rENJmmOHiqVq7YqoX-vPvnrL8LwQQuBH5rNSMEVs8GgvsrLER8dD4RwaSFg0PTvr-FG5l8xM41u0zJ501hekV9ivwSwQQCABqTXI_P9MnrHsHc4BYLl36AKOCHgLxiBMhKnak0iuCp5EQS0AWjDXsLwo
Frame ID: E66E5B8FA0B26C3F4B5C095EBE0A7B1F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLify4ECMAE&v=APEucNUM0XB9lFiYu4H1XNwQSvnUp17gRDMZR15kOk_Ia22QUQLTCJ783gdCtEwf2Yf-uKklIE70Qx0qvFg1D6oS5OJzgloPTZTYKyBgtSf53UfQ8KUIrOYLD2cgQoXQQ-nS89JTWrsXUndM6BkF6MpsivSX8Ys-rSmwvmC98xl5rAuDwTqfgbI
Frame ID: 597397A4895AB7461EFE4E93FE4AF43C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 8A88B7AB18914043B7DA7A662F374078
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIWWy4ECMAE&v=APEucNUcocsgC_XxngXwzWg-7IYCrDTL9As8vxen-t6n4zLjf97mDmq-Xx61ZGF-QAa5V_v0LKHDlW2jBX4pvwgbNQqgy5Mu8HKjVzYKCIbQ63Bw4ckKk4OGlMDslyJ3xDk81dzZZEUYE-LT3QRuftKZ1C4H9DZ5lMPDKLJsPeZAggWO96LE7-4
Frame ID: 0C5F1DB438633631F64B6242E2B41B09
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYvviFgAIwAQ&v=APEucNXY2SW9JfBiUbdGoc4Ffj8oQQBWBe_74fBVZLtxTfFqg3mnaFN_qzTM2OdZ4pthGjh4RR3cdtf-kYcB_AmdwuQoIbaFeAUJORdncIUBjbMjwKrLIW1oyIntQS04EPfHWnsKvRlfOAy-8xQRjZvXDWYMTWilkTI3HbwFfPeDuvg-CCdYZD0
Frame ID: 61193F077F739555123448B036E02189
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 85736826C063F88F0E2FE37B415B87EF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F414D7FD57BC3EFF2BED3E54FB51FF56
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 24A452A7D1D949A0BB18F20EDD9B69E5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14441809811857851587/index.html?ev=01_250
Frame ID: 92E64321FF16E24903822F0782F6FF27
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=DdJW5bwfhZ&t=1&renderingType=2&ev=01_250
Frame ID: 90C61B84E922A7D50AEF7F1CBF96974D
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 24622E2D2969D5384DF90883CA39E4CB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Frame ID: A5F446A1503879CC21E2A9A014C9A797
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250
Frame ID: 73A75464ACDF607364239F7C31DEF5E3
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 91CBE4D2188EBDD6B0C7BA44B19A5966
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1902495261604645428/index.html?ev=01_250
Frame ID: 9856267A3BA3C468465A7DCFF8FF31FA
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 18D8E1691F14918A231E93194C8FB89E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: C7DC0D8CAB17EBEB3ED5D5F01785900B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Viva.co.id: Berita Terkini Informasi Terbaru Nasional & Internasional

Page URL History Show full URLs

http://www.viva.co.id/ HTTP 301
https://www.viva.co.id/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

327
Requests

89 %
HTTPS

47 %
IPv6

49
Domains

80
Subdomains

65
IPs

9
Countries

3855 kB
Transfer

9940 kB
Size

59
Cookies

68 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thevivanetworks.com/
Title: vivanetworks

Search URL Search Domain Scan URL

URL: https://jagodangdut.intipseleb.com/
Title: JagoDangdut

Search URL Search Domain Scan URL

URL: https://www.100kpj.com/
Title: 100KPJ

Search URL Search Domain Scan URL

URL: https://www.intipseleb.com/
Title: IntipSeleb

Search URL Search Domain Scan URL

URL: https://www.vlix.id/
Title: VLIX

Search URL Search Domain Scan URL

URL: https://www.sahijab.com/
Title: Sahijab

Search URL Search Domain Scan URL

URL: https://www.tvonenews.com/
Title: tvOne

Search URL Search Domain Scan URL

URL: https://www.onepride.net/
Title: One Pride

Search URL Search Domain Scan URL

URL: https://www.oneprix.id/
Title: Oneprix

Search URL Search Domain Scan URL

URL: https://www.vlix.id/tvone
Title: LIVE

Search URL Search Domain Scan URL

URL: https://sso.thevivanetworks.com/
Title: Profil

Search URL Search Domain Scan URL

URL: https://sso.thevivanetworks.com/edit/profile
Title: Edit Profil

Search URL Search Domain Scan URL

URL: https://sso.thevivanetworks.com/logout?ref=https%3A%2F%2Fwww.viva.co.id
Title: Logout

Search URL Search Domain Scan URL

URL: https://bandung.viva.co.id/
Title: bandung

Search URL Search Domain Scan URL

URL: https://siap.viva.co.id/
Title: siap

Search URL Search Domain Scan URL

URL: https://mindset.viva.co.id/
Title: mindset

Search URL Search Domain Scan URL

URL: https://jabar.viva.co.id/
Title: jabar

Search URL Search Domain Scan URL

URL: https://jatim.viva.co.id/
Title: jatim

Search URL Search Domain Scan URL

URL: https://lampung.viva.co.id/
Title: lampung

Search URL Search Domain Scan URL

URL: https://olret.viva.co.id/
Title: olret

Search URL Search Domain Scan URL

URL: https://ceritakita.viva.co.id/
Title: ceritakita

Search URL Search Domain Scan URL

URL: https://sulawesi.viva.co.id/
Title: sulawesi

Search URL Search Domain Scan URL

URL: https://purwasuka.viva.co.id/
Title: purwasuka

Search URL Search Domain Scan URL

URL: https://banten.viva.co.id/
Title: banten

Search URL Search Domain Scan URL

URL: https://medan.viva.co.id/
Title: medan

Search URL Search Domain Scan URL

URL: https://jateng.viva.co.id/
Title: jateng

Search URL Search Domain Scan URL

URL: https://gadget.viva.co.id/
Title: gadget

Search URL Search Domain Scan URL

URL: https://gorontalo.viva.co.id/
Title: gorontalo

Search URL Search Domain Scan URL

URL: https://jogja.viva.co.id/
Title: jogja

Search URL Search Domain Scan URL

URL: https://malang.viva.co.id/
Title: malang

Search URL Search Domain Scan URL

URL: https://banyuwangi.viva.co.id/
Title: banyuwangi

Search URL Search Domain Scan URL

URL: https://cianjur.viva.co.id/
Title: cianjur

Search URL Search Domain Scan URL

URL: https://wisata.viva.co.id/
Title: wisata

Search URL Search Domain Scan URL

URL: https://teknodaily.viva.co.id/
Title: teknodaily

Search URL Search Domain Scan URL

URL: https://padang.viva.co.id/
Title: padang

Search URL Search Domain Scan URL

URL: https://semarang.viva.co.id/
Title: semarang

Search URL Search Domain Scan URL

URL: https://www.vlix.id/video/news/105483-panas-para-pria-di-papua-debat-soal-pilihan-capres
Title: 

Search URL Search Domain Scan URL

URL: https://www.vlix.id/video/sport/105478-catatan-rekor-buruk-shin-tae-yong-melawan-vietnam
Title: 

Search URL Search Domain Scan URL

URL: https://www.vlix.id/video/viva-networks-news-flash/105491-3-capres-cawapres-tiba-di-kpk-bahas-pemberatasan-korupi
Title: 

Search URL Search Domain Scan URL

URL: https://www.vlix.id/video/viva-networks-news-flash/105490-pesan-kpk-ke-capres-copot-pejabat-tak-lapor-harta
Title: 

Search URL Search Domain Scan URL

URL: https://www.vlix.id/foto/news/26992-paku-integritas-pemberantasan-korupsi-capres-cawapres-di-kpk
Title: Paku Integritas Pemberantasan Korupsi Capres-Cawapres di KPK

Search URL Search Domain Scan URL

URL: https://www.vlix.id/foto/news/26991-penampakan-mobil-tertimpa-pohon-tumbang
Title: Penampakan Mobil Tertimpa Pohon Tumbang

Search URL Search Domain Scan URL

URL: https://gadget.viva.co.id/gadget/2266-samsung-luncurkan-beberapa-teknologi-ai-dalam-galaxy-unpacked

Search URL Search Domain Scan URL

URL: https://gadget.viva.co.id/?utm_source=viva.co.id&utm_medium=viva.co.id-aggregate&utm_campaign=viva.co.id-aggregator
Title: Gadget

Search URL Search Domain Scan URL

URL: https://padang.viva.co.id/ragam-olahraga/2935-semua-wakil-ganda-campuran-indonesia-tumbang-di-india-open-2024

Search URL Search Domain Scan URL

URL: https://padang.viva.co.id/?utm_source=viva.co.id&utm_medium=viva.co.id-aggregate&utm_campaign=viva.co.id-aggregator
Title: Padang

Search URL Search Domain Scan URL

URL: https://bandung.viva.co.id/berita-artis/37080-nagita-slavina-pakai-rok-robek-di-acara-party-bareng-pria-bagian-sensitifnya-kelihatan

Search URL Search Domain Scan URL

URL: https://bandung.viva.co.id/?utm_source=viva.co.id&utm_medium=viva.co.id-aggregate&utm_campaign=viva.co.id-aggregator
Title: Bandung

Search URL Search Domain Scan URL

URL: https://gorontalo.viva.co.id/nasional/3290-janji-manis-shin-tae-yong-di-laga-timnas-indonesia-vs-vietnam-akankah-ditepati

Search URL Search Domain Scan URL

URL: https://gorontalo.viva.co.id/?utm_source=viva.co.id&utm_medium=viva.co.id-aggregate&utm_campaign=viva.co.id-aggregator
Title: Gorontalo

Search URL Search Domain Scan URL

URL: https://bandung.viva.co.id/berita-artis/37079-nagita-slavina-seksi-di-acara-party-pakai-rok-robek-anunya-kelihatan

Search URL Search Domain Scan URL

URL: https://gadget.viva.co.id/gadget/2265-samsung-galaxy-s24-ultra-combo-dengan-snapdragon-8-gen-3-hadirkan-galaxy-ai

Search URL Search Domain Scan URL

URL: https://www.100kpj.com/mobil/21607-promo-awal-tahun-cuma-segini-dp-dan-cicilan-wuling-almaz-rs-pro-hybrid

Search URL Search Domain Scan URL

URL: https://www.100kpj.com/?utm_source=viva.co.id&utm_medium=viva.co.id-aggregate&utm_campaign=viva.co.id-aggregator
Title: 100KPJ

Search URL Search Domain Scan URL

URL: https://www.sahijab.com/style/8486-memencet-jerawat-beresiko-memperburuk-kondisi-begini-kata-dokter

Search URL Search Domain Scan URL

URL: https://www.sahijab.com/?utm_source=viva.co.id&utm_medium=viva.co.id-aggregate&utm_campaign=viva.co.id-aggregator
Title: Sahijab

Search URL Search Domain Scan URL

URL: https://www.intipseleb.com/lokal/91542-7-gurita-bisnis-ashanty-dan-anang-hermansyah-pantas-dijuluki-sultan-cinere

Search URL Search Domain Scan URL

URL: https://www.intipseleb.com/?utm_source=viva.co.id&utm_medium=viva.co.id-aggregate&utm_campaign=viva.co.id-aggregator
Title: IntipSeleb

Search URL Search Domain Scan URL

URL: https://jagodangdut.intipseleb.com/artikel/41919-kisah-perjuangan-cak-sodiq-sang-raja-dangdut-koplo-indonesia

Search URL Search Domain Scan URL

URL: https://jagodangdut.intipseleb.com/?utm_source=viva.co.id&utm_medium=viva.co.id-aggregate&utm_campaign=viva.co.id-aggregator
Title: JagoDangdut

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vivacoid

Search URL Search Domain Scan URL

URL: https://twitter.com/VIVAcoid

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMPml3QowmIfRAQ

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vivacoid/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/VIVAcoid

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/vdvc/jobs/
Title: Info Karir

Search URL Search Domain Scan URL

URL: https://www.antvklik.com/

Search URL Search Domain Scan URL

URL: https://www.jagodangdut.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.viva.co.id/ HTTP 301
https://www.viva.co.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B27D98C78DB84D0A852C51BC1CA2DA1D&RedC=c.clarity.ms&MXFR=2C83E2506EA96A6C3AD4F65A6AA96407 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B27D98C78DB84D0A852C51BC1CA2DA1D&MUID=189F6A7ED9F263E319187E74D85E62E7

Request Chain 84

https://sb.scorecardresearch.com/c2/8429568/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 109

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.viva.co.id%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.viva.co.id%2F&rid=esp&cc=1

Request Chain 119

https://gum.criteo.com/sid/json?origin=publishertagids&domain=viva.co.id&sn=ChromeSyncframe&so=0&topUrl=www.viva.co.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=PC-CTHx2MWlneW5Dd3Jqd1l6WjhNMjAyaXpNeURIMW9qeHFDeHJPOHYyZTQxNmVsOGt0NGhxTmd0K1U1RFpSMk9tVURNaU1odXhWVU9QYUNrU0FMVHlaQ2duUjVIbU1oSTVQYmF0V2VMS28rc3UyeENSNmoxLzhQUEI0ZXh3SkdLeW5UTkVrUkNKbW0vSTNTMnRTQVpjenoyTXNRVVh3ZlNzM0FSNUoydGxPbHYwbXB2eVZZVDFtVFhGeXB4bnNha0lycmF3SXNucjlWalhPbHZNdGZiaGlnd0hmRDlYUlBnM09CSmx3VUNYM1BaUUhZZmRuOXZSZ1p1V0FoS0tGNkU1V3VZQzNvOFBJbmRDeUhnbEg5dEwxY0RwQT09fA&cppv=2

Request Chain 123

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 127

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZakjZhCKSxXVFVI0l.NevgAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZakjZhCKSxXVFVI0l.NevgAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2

Request Chain 128

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZakjZhCKSxXVFVI0l-NevgAADRUAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZakjZhCKSxXVFVI0l-NevgAADRUAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZakjZhCKSxXVFVI0l-NevgAADRUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZakjZhCKSxXVFVI0l-NevgAADRUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFMDCo7zxUPmUUinRdnk1iQ&google_cver=1

Request Chain 130

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZakjZhCKSxXVFVI0l.NevgAA%263349&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZakjZhCKSxXVFVI0l.NevgAA%263349&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d9ab92e2c7b0476cb1430a984fd65c82 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d9ab92e2-c7b0-476c-b143-0a984fd65c82 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=1d16ff57-46f6-44a3-8ef4-be35338dae79%3A1705583463.1607707&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D1d16ff57-46f6-44a3-8ef4-be35338dae79%253A1705583463.1607707%26_%3D1705583463.1625004&cb=1705583463.1625311 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529945301831&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D1d16ff57-46f6-44a3-8ef4-be35338dae79%253A1705583463.1607707%26_%3D1705583463.1625004 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=1d16ff57-46f6-44a3-8ef4-be35338dae79%3A1705583463.1607707&_=1705583463.1625004

Request Chain 131

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2053105214117429247&expiration=1706793062

Request Chain 132

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=PHunWzh98FQneKVUPHjrVD4v8FEndvMEPi2Eya0E

Request Chain 133

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 134

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3660946005994303575

Request Chain 175

https://pixel.adsafeprotected.com/rfw/st/1878143/77329995/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015562965&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_placementId=20888172922&bidurl=https://www.viva.co.id/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0izNv5ONriE9X15IF9QeJTy HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

Request Chain 184

https://pixel.adsafeprotected.com/rfw/st/1878143/77746728/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015387910&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_placementId=20930386523&bidurl=https://www.viva.co.id/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0ge9n2zDvrGmucZAKS85z9g HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

Request Chain 192

https://pixel.adsafeprotected.com/rfw/st/1878143/77746722/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015387910&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_placementId=20930386523&bidurl=https://www.viva.co.id/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jC_hpyrULiuqxPlVHHXCyX HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

Request Chain 227

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 234

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1

Request Chain 235

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZakjZhCKSxXVFVI0l.NevgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBiJIaY2CI1Jg-lQKjX4esk&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1

Request Chain 237

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1

Request Chain 239

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZakjZhCKSxXVFVI0l.NevgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2

Request Chain 240

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBiJIaY2CI1Jg-lQKjX4esk&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1

Request Chain 241

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D

Request Chain 242

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1

Request Chain 243

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZakjZhCKSxXVFVI0l.NevgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2

Request Chain 244

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBiJIaY2CI1Jg-lQKjX4esk&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1

Request Chain 245

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1

Request Chain 247

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZakjZhCKSxXVFVI0l.NevgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2

Request Chain 248

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBiJIaY2CI1Jg-lQKjX4esk&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1

Request Chain 249

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D

Request Chain 252

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 274

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184943439&d_placement=383211463&d_campaign=31191216&d_bust=1046175667&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184943439&d_placement=383211463&d_campaign=31191216&d_bust=1046175667&gdpr=&gdpr_consent=

Request Chain 280

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207745936&d_placement=383976328&d_campaign=31090180&d_bust=430695043&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207745936&d_placement=383976328&d_campaign=31090180&d_bust=430695043&gdpr=&gdpr_consent=

Request Chain 285

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207872108&d_placement=383820167&d_campaign=31090180&d_bust=3129378867&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207872108&d_placement=383820167&d_campaign=31090180&d_bust=3129378867&gdpr=&gdpr_consent=

327 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.viva.co.id/
Redirect Chain

http://www.viva.co.id/
https://www.viva.co.id/

142 KB
27 KB

368ms
283ms

Document
text/html

2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8b41f2f22126f6ce5573bf3c99247af9f8e8a0883cf3b91250ef0c61f39c009

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300
cf-cache-status: HIT
cf-ray: 847714cebbc79a2f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 13:10:59 GMT
expires: Thu, 18 Jan 2024 13:07:44 GMT
last-modified: Thu, 18 Jan 2024 13:06:44 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding, User-Agent
viewtype: Mobile
vivabuild: appcode=new-web
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 847714cddc1135fd-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 18 Jan 2024 13:10:59 GMT
Expires: Thu, 18 Jan 2024 14:10:59 GMT
Location: https://www.viva.co.id/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
www.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 20 KB
20 KB 62ms
60ms Font
font/woff2 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3_-gs51os.woff2?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.viva.co.id/
Origin: https://www.viva.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:10:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 26193
alt-svc: h3=":443"; ma=86400
content-length: 20348
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: "65a8b135-4f7c"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d08d9a9a2f-FRA

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
www.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 21 KB
21 KB 56ms
54ms Font
font/woff2 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3t-4s51os.woff2?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.viva.co.id/
Origin: https://www.viva.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:10:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 26193
alt-svc: h3=":443"; ma=86400
content-length: 21080
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: "65a8b135-5258"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d08d9d9a2f-FRA

GET
H2 200 7cHqv4kjgoGqM7E3j-ws51os.woff2
www.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 20 KB
21 KB 60ms
58ms Font
font/woff2 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3j-ws51os.woff2?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff393d6091ca6df956a189411d7f152ec4957f71b09ab2a0ae3d6089c7a5ce16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.viva.co.id/
Origin: https://www.viva.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:10:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 26192
alt-svc: h3=":443"; ma=86400
content-length: 20940
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: "65a8b135-51cc"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d08d9e9a2f-FRA

GET
H3 200 logo.webp
www.viva.co.id/asset-viva/responsive-web/img/ 5 KB
5 KB 64ms
64ms Image
image/webp 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo.webp?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8d673259d0bfc678aacef4e63f8ea06ec4b8694faa22927ec51e4a79ee5976c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 26173
alt-svc: h3=":443"; ma=86400
content-length: 4804
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: "65a8b135-12c4"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d1586e9bf5-FRA

GET
H2 200 rancak.css
www.viva.co.id/asset-viva/responsive-web/css/ 11 KB
3 KB 57ms
55ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/rancak.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ed6481586185d0bc792d7a80390d717d4aa5774bfb85bb95ab09341773d9f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:10:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26192
cf-polished: origSize=11810
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-2e22"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d08d989a2f-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 14:44:55 GMT

GET
H2 200 viva_analytics.js Show response
www.viva.co.id/asset-viva/responsive-web/js/ 1 KB
808 B 54ms
53ms Script
application/javascript 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/js/viva_analytics.js?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99f9762cd613e0d36e9bb53f8c51d5e4c5393d3452e34e9dd532348fe3489475

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:10:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26192
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-57b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 847714d08da19a2f-FRA

GET
H2 200 8c8e12aa600a1d6a06ebd1d766597fa36eb01526.js Show response
cdn.izooto.com/scripts/ 2 KB
1 KB 155ms
64ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/8c8e12aa600a1d6a06ebd1d766597fa36eb01526.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af13d01e84f02dbf639ade1e6fe16464763b30660aadb5d89525cd3066c8546

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 04:09:51 GMT
server: cloudflare
age: 818520
etag: W/"64b4bf0f-775"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 847714d22b44bba3-FRA
x-xss-protection: 1; mode=block
expires: Fri, 19 Jan 2024 13:11:00 GMT

GET
H2 200 rancak-desktop.css
www.viva.co.id/asset-viva/responsive-web/css/ 4 KB
1 KB 59ms
57ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/rancak-desktop.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87f21656043bdb4376994e87569d02f4f1551511402c3358bc56723baaefb947

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:10:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26191
cf-polished: origSize=4293
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-10c5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d08da29a2f-FRA

GET
H2 200 slideshow.css
www.viva.co.id/asset-viva/responsive-web/css/ 2 KB
753 B 57ms
55ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/slideshow.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55ab83f409797cac91d2c9460b08304e6d60672180280a6d8948d9252c641c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:10:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 22900
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-890"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d08da59a2f-FRA

GET
H3 200 slideshow.js Show response
www.viva.co.id/asset-viva/responsive-web/js/ 39 KB
10 KB 66ms
66ms Script
application/javascript 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/js/slideshow.js?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d22dfcb302da250bee26bd83618246a14e3acfe60435f15d6b6b5376a2e5099f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 24164
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-9bc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 847714d1a8b19bf5-FRA

GET
H2 200 icon-profile-small.jpg
www.viva.co.id/asset-viva/responsive-web/img/ 558 B
699 B 58ms
56ms Image
image/jpeg 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/icon-profile-small.jpg?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

679200d4f85b43c2bb416009d7af328f911bf6f55ec077baea8c2a5e7fb166bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:10:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 26192
cf-polished: origSize=596
alt-svc: h3=":443"; ma=86400
content-length: 558
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: "65a8b135-254"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d08da79a2f-FRA

GET
H2 200 giantbanner.css
www.viva.co.id/asset-viva/responsive-web/iklan/css/ 2 KB
657 B 60ms
59ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/iklan/css/giantbanner.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f228ecb988442325ab311d34ac84c698bbb74edbf16be3a9a3aa2ebb3ff7dfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:10:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26193
cf-polished: origSize=1963
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-7ab"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d08da89a2f-FRA

GET
H3 200 giantbanner.js Show response
www.viva.co.id/asset-viva/responsive-web/iklan/js/ 604 B
513 B 57ms
55ms Script
application/javascript 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/iklan/js/giantbanner.js?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20abd9f43eeecccbb5d000c63540bc4f4debd757fc8a75dc7223b7bd48ce82da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 25905
cf-polished: origSize=718
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-2ce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 847714d1a8b39bf5-FRA

GET
H3 200 logo-portal-pemilu.svg
www.viva.co.id/asset-viva/responsive-web/img/ 21 KB
4 KB 65ms
63ms Image
image/svg+xml 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-portal-pemilu.svg?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c5d3698edd60e72617ab3f17e0c5cf265067470c65a433f8cacd0fd4235d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26173
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-5222"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 847714d1a8b69bf5-FRA

GET
H3 200 logo-kemnaker.png
www.viva.co.id/asset-viva/responsive-web/img/ 9 KB
9 KB 97ms
95ms Image
image/webp 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-kemnaker.png?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d50241eb01f1a558d4291b0a3b576a2904fe8f6add1599a4c9172ab8897c1033

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 25158
cf-polished: origFmt=png, origSize=17419
content-disposition: inline; filename="logo-kemnaker.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9138
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: "65a8b135-440b"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d1a8ba9bf5-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 251 KB
84 KB 152ms
65ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KPDQW3

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d87a54d9e853fc621a01f49b8e1d63b02ead71c059e09ce7d886976505c98a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85337
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jan 2024 13:11:00 GMT

GET
H3 200 lazysizes.min.js Show response
www.viva.co.id/asset-viva/responsive-web/js/ 8 KB
4 KB 58ms
56ms Script
application/javascript 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/js/lazysizes.min.js?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9b0999f439d6fc07e37171f45a1cef5a75c419dcfcc28321ec6f2ce12011b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 25905
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-1ebb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 847714d1a8be9bf5-FRA

GET
H2 200 load-more.js Show response
www.viva.co.id/asset-viva/responsive-web/js/ 2 KB
935 B 64ms
62ms Script
application/javascript 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/js/load-more.js?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3789b5498325cf8b466514ccb32b95560de6d135b93f794d77c8ae6009ee4535

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 19980
cf-polished: origSize=5387
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-150b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 847714d0ee0a9a2f-FRA

GET
H2 200 cook.php Show response
sso.thevivanetworks.com/ 236 B
731 B 800ms
700ms Script
application/javascript 2606:4700:3035::ac43:87f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.thevivanetworks.com/cook.php

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:87f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbf0af2030686af9c2b66c8db72742c57530aae9b91b7ae8e3700a24e32578b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-permitted-cross-domain-policies: none
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCuZferiOx%2FKswe48WYDDdyYqCKwrKaFdBrhIxN1Mm9xV7A2Dsbry29X3Zx5%2BMv4mV4AtUHxV4QHu9TOilPhKCwpq%2FuxymE9LrexQbFQoRktPBRwCi8%2FzYWCDAISJbC1SvggBs4fyXP8Tp8pqrFuj827mEZzrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 847714d25deab963-AMS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK uid2-sdk-3.2.0.js Show response
cdn.prod.uidapi.com/ 24 KB
25 KB 155ms
49ms Script
text/javascript 2600:9000:25a2:7a00:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2-sdk-3.2.0.js
Requested by: Host: www.viva.co.id
URL: https://www.viva.co.id/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:7a00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a89306d44791afa482b05eca81136304a9b63e0b2be0967b2cda0a3f64af5df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 18:44:24 GMT
x-amz-version-id: Ig1D8Iwz1EDgtYSS0rWi.KiVAlDG_cbj
Via: 1.1 aca4cfc16ad0f84e78738cc400bfb7f4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH55-P1
Age: 66397
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 24594
Last-Modified: Mon, 09 Oct 2023 04:44:24 GMT
Server: AmazonS3
ETag: "de7d05e12b7d11fa22ad4b16481f1925"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: PPtPWdejGqABLbzdkzVk3jvMh-bb54Tsl9lDezFmDgyW7UxZsZYpcg==

GET
H3 200 unifiedid2.js Show response
www.viva.co.id/asset-viva/responsive-web/iklan/js/ 891 B
753 B 59ms
58ms Script
application/javascript 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/iklan/js/unifiedid2.js?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb08d51471bfd789d128934d1fbaf547ee3593322ebc8aaf7f9c6dada9c3f5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 25905
cf-polished: origSize=1155
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-483"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 847714d1a8c19bf5-FRA

GET
H3 200 viva-app.js Show response
www.viva.co.id/asset-viva/responsive-web/js/ 2 KB
750 B 55ms
54ms Script
application/javascript 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/js/viva-app.js?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84714fb67f035a8801213a5623d70a6b8ff162d57b8649f21711e40456594422

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 25905
cf-polished: origSize=2329
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-919"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 847714d1a8c49bf5-FRA

GET
H2 200 vre-stg.js Show response
data-rengine.viva.co.id/ 443 B
527 B 256ms
245ms Script
application/javascript 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data-rengine.viva.co.id/vre-stg.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f30bc28c4e1079ae2eeba42b81bf119c8e303b099285c6bf186e2737abe21c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-polished: origSize=652
x-obs-request-id: 0000018D1B1E1CF6B01269F85DA6B610
alt-svc: h3=":443"; ma=86400
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSVO6yUXqQc7ga7Hh/bcu3A2sBWSFL8D
cf-bgj: minify
last-modified: Sun, 07 Jan 2024 18:55:29 GMT
server: cloudflare
etag: W/"377873940bf32dad0e7860c33641d6f7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 847714d1bf099a2f-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 18 Jan 2024 11:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4971
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 18 Jan 2024 13:48:09 GMT

GET
H3 200 icon-profile-small.jpg
www.viva.co.id/asset-viva/responsive-web/img/ 558 B
844 B 59ms
59ms Image
image/jpeg 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/icon-profile-small.jpg?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

679200d4f85b43c2bb416009d7af328f911bf6f55ec077baea8c2a5e7fb166bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 26173
cf-polished: origSize=596
alt-svc: h3=":443"; ma=86400
content-length: 558
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: "65a8b135-254"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d1a8c69bf5-FRA

GET
H2 200 main.js Show response
go.rcvlink.com/static/ Frame C710 6 KB
3 KB 164ms
39ms Script
application/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/static/main.js
Requested by: Host: www.viva.co.id
URL: https://www.viva.co.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 3610ab58586e4ac937af60fe2e086cd4d6385568d85a4c94bdbe086df6a261fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 09:51:05 GMT
server: nginx
etag: W/"64f6fa09-1926"
content-type: application/javascript
cache-control: max-age=86400
expires: Fri, 19 Jan 2024 13:11:00 GMT

GET
H3 200 widget-kemnaker.css
www.viva.co.id/asset-viva/responsive-web/css/ 2 KB
1 KB 62ms
61ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/widget-kemnaker.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3a2057db3596d937fc4e3269b10ecb4c31e1c1f6dcc3970db55708411e1ae17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 24163
cf-polished: origSize=2467
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-9a3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d1e9179bf5-FRA

GET
H3 200 widget-vlix.css
www.viva.co.id/asset-viva/responsive-web/css/ 1 KB
761 B 62ms
62ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/widget-vlix.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b7e453f56b14780317e486bfe8714241b2b58cc97274a319ceaee663911b88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26174
cf-polished: origSize=1198
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-4ae"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d1e91b9bf5-FRA

GET
H3 200 footer-style.css
www.viva.co.id/asset-viva/responsive-web/css/ 2 KB
855 B 71ms
68ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/footer-style.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a82ed499909e2232b1bdc3807b4d81bb6497115338abc33d60472c8f0f7bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26173
cf-polished: origSize=1617
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-651"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d2094c9bf5-FRA

GET
H3 200 color-light.css
www.viva.co.id/asset-viva/responsive-web/css/ 3 KB
1 KB 71ms
69ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/color-light.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dad8023dcbc60276ab316da676636411830f7d17444fcfe70714751d4f07060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26173
cf-polished: origSize=3357
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-d1d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d2094d9bf5-FRA

GET
H3 200 color-light-desktop.css
www.viva.co.id/asset-viva/responsive-web/css/ 295 B
444 B 57ms
55ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/color-light-desktop.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82abce0fe71054b83fd78d28aeea185d5423e823a6a3c556daed054ffa8ec0d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26171
cf-polished: origSize=357
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-165"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d2094e9bf5-FRA

GET
H3 200 color-dark.css
www.viva.co.id/asset-viva/responsive-web/css/ 3 KB
1 KB 58ms
56ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/color-dark.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63098da30ac921f0513c578ec1418f869b57385cf038cdc527c8893f38d63370

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26173
cf-polished: origSize=3763
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-eb3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d2094f9bf5-FRA

GET
H3 200 color-dark-desktop.css
www.viva.co.id/asset-viva/responsive-web/css/ 353 B
470 B 71ms
70ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/color-dark-desktop.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dd2c416c3dfcdc1f48962dfd1310e72467d51990916eaf20ef26297106b685f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26171
cf-polished: origSize=401
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-191"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d209509bf5-FRA

GET
H3 200 hold.css
www.viva.co.id/asset-viva/responsive-web/css/ 19 KB
5 KB 72ms
70ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/hold.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d70ebb6738a43c35fc87da8b1aa0a2760a98bbf227e6635370944b30fc174666

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26174
cf-polished: origSize=20216
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-4ef8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d209519bf5-FRA

GET
H3 200 hold-mobile.css
www.viva.co.id/asset-viva/responsive-web/css/ 4 KB
1 KB 80ms
79ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/hold-mobile.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5571264c01dbc05a743318b7e95eef7bfeb633ff095d015337ae8c696cc023b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26173
cf-polished: origSize=3872
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-f20"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d209539bf5-FRA

GET
H3 200 hold-desktop.css
www.viva.co.id/asset-viva/responsive-web/css/ 2 KB
1 KB 73ms
71ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/hold-desktop.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce05aab1e4ce23e06a3e6820a73aee164c8aac8abd6424336090df4842ed3445

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26171
cf-polished: origSize=2588
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-a1c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d209559bf5-FRA

GET
H3 200 iosfix.css
www.viva.co.id/asset-viva/responsive-web/css/ 151 B
386 B 73ms
72ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/iosfix.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6cf6d5639ffcd747e54049ad4bdcca846425e4def6279d2f012c497b2bc2521

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26173
cf-polished: origSize=182
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-b6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d209589bf5-FRA

GET
H3 200 popinfix.css
www.viva.co.id/asset-viva/responsive-web/iklan/css/ 2 KB
954 B 73ms
71ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/iklan/css/popinfix.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73a69cf2a641205f7113f570db28ad9c33d2e517fa9a0f37cca7d8c46ad3e8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26172
cf-polished: origSize=2391
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-957"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d2095a9bf5-FRA

GET
H3 200 macawfix.css
www.viva.co.id/asset-viva/responsive-web/iklan/css/ 303 B
429 B 74ms
72ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/iklan/css/macawfix.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae5f2df856109a86820c1a9a5599f89ea22884b247fd8bcaa46a53e30c624fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26172
cf-polished: origSize=320
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-140"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d2095c9bf5-FRA

GET
H3 200 freakoutfix.css
www.viva.co.id/asset-viva/responsive-web/iklan/css/ 627 B
551 B 74ms
72ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/iklan/css/freakoutfix.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6097e7723e67d1c3cd42c32d06d167f299dc4533e7df509e61b59fd4f986ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26172
cf-polished: origSize=664
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-298"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d2095d9bf5-FRA

GET
H3 200 fontawesome5.css
www.viva.co.id/asset-viva/responsive-web/css/ 2 KB
626 B 75ms
73ms Stylesheet
text/css 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/fontawesome5.css?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc5e335fe3571dbab8bca01a367f3876191db95264692139b626c80bff6dc39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 26171
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: W/"65a8b135-6c3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 847714d2095e9bf5-FRA

GET
H2 200 654b061148dbd-aksi-boikot-produk-pro-zionis-israel-di-mataram_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2023/11/08/ 13 KB
13 KB 260ms
250ms Image
image/webp 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2023/11/08/654b061148dbd-aksi-boikot-produk-pro-zionis-israel-di-mataram_325_183.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87198853dfb318d5d7a4b2ed5efd3f8badc62e4588a16445a38f3c3f0b6f6118

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
cf-polished: qual=85, origFmt=jpeg, origSize=71842
content-disposition: inline; filename="654b061148dbd-aksi-boikot-produk-pro-zionis-israel-di-mataram_325_183.webp"
alt-svc: h3=":443"; ma=86400
content-length: 13522
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 03:52:52 GMT
server: cloudflare
etag: "654b0614-118a2"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d25fbe9a2f-FRA

GET
H2 200 65a7cf8f0f41e-ketua-umum-pimpinan-pusat-muslimat-nu-khofifah-indar-parawansa_325_183.jpeg
thumb.viva.co.id/media/frontend/thumbs3/2024/01/17/ 18 KB
18 KB 269ms
259ms Image
image/jpeg 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2024/01/17/65a7cf8f0f41e-ketua-umum-pimpinan-pusat-muslimat-nu-khofifah-indar-parawansa_325_183.jpeg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bce36fdaf29294f2e97155cc22e21047fbdd2f322d5b89bdc96ffe28c523ca80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
cf-polished: degrade=85, origSize=111684, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 18504
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 17 Jan 2024 13:01:07 GMT
server: cloudflare
etag: "65a7cf93-1b444"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d25fbc9a2f-FRA

GET
H2 200 65a91d1a691ef-viva-militer-pasukan-tawon-bremoro-kostrad-tni-di-astana-giri-bangun_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2024/01/18/ 5 KB
5 KB 774ms
764ms Image
image/webp 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2024/01/18/65a91d1a691ef-viva-militer-pasukan-tawon-bremoro-kostrad-tni-di-astana-giri-bangun_325_183.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de7f0e098372e5a4b42b8d878df4db509285b487f7ffa62251cce9c75ce2d571

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
cf-polished: qual=85, origFmt=jpeg, origSize=44742
content-disposition: inline; filename="65a91d1a691ef-viva-militer-pasukan-tawon-bremoro-kostrad-tni-di-astana-giri-bangun_325_183.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5168
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
server: cloudflare
last-modified: Thu, 18 Jan 2024 12:44:15 GMT
vary: Accept
content-type: image/webp
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 847714d25fbb9a2f-FRA

GET
H2 200 6579305716056-andy-rompas-panglima-laskar-manguni_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2023/12/13/ 15 KB
16 KB 66ms
60ms Image
image/webp 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2023/12/13/6579305716056-andy-rompas-panglima-laskar-manguni_325_183.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d21641fdb7bf587eb08631b69bcced71285987d5bbb85ccf75a93673e6910779

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 17321
cf-polished: qual=85, origFmt=jpeg, origSize=94582
content-disposition: inline; filename="6579305716056-andy-rompas-panglima-laskar-manguni_325_183.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15700
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Dec 2023 04:17:35 GMT
server: cloudflare
etag: "6579305f-17176"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d25fc39a2f-FRA

GET
H2 200 65a918e560d2f-menteri-keuangan-sri-mulyani-indrawati-saat-bertemu-ceo-youtube-neal-mohan_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2024/01/18/ 9 KB
9 KB 810ms
803ms Image
image/webp 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2024/01/18/65a918e560d2f-menteri-keuangan-sri-mulyani-indrawati-saat-bertemu-ceo-youtube-neal-mohan_325_183.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaa800dd3592c5bfa842c7d3b6d1982a73b433f6614be6c0f1566c58e0cffd8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
cf-polished: qual=85, origFmt=jpeg, origSize=57477
content-disposition: inline; filename="65a918e560d2f-menteri-keuangan-sri-mulyani-indrawati-saat-bertemu-ceo-youtube-neal-mohan_325_183.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9138
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
server: cloudflare
last-modified: Thu, 18 Jan 2024 12:26:19 GMT
vary: Accept
content-type: image/webp
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 847714d25fba9a2f-FRA

GET
H2 200 65a215f437f62-bulan-k3-nasional-2024-di-smelter-freeport-gresik_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2024/01/13/ 17 KB
17 KB 62ms
56ms Image
image/jpeg 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2024/01/13/65a215f437f62-bulan-k3-nasional-2024-di-smelter-freeport-gresik_325_183.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

685779e0c39417fd2049e2981107f300b7ab07b523c38f014fceada2e3b35ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 11666
cf-polished: degrade=85, origSize=101012, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 17110
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Sat, 13 Jan 2024 04:48:10 GMT
server: cloudflare
etag: "65a2160a-18a94"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d25fbf9a2f-FRA

GET
H2 200 6587d51fee43c-tungku-smelter-di-morowali-sulteng-yang-meledak_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2023/12/24/ 14 KB
14 KB 68ms
62ms Image
image/webp 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2023/12/24/6587d51fee43c-tungku-smelter-di-morowali-sulteng-yang-meledak_325_183.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f236b26f99d646b96467519eb08ee88afc4e17decb93a60a106c8c68dcab891c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 11666
cf-polished: qual=85, origFmt=jpeg, origSize=75270
content-disposition: inline; filename="6587d51fee43c-tungku-smelter-di-morowali-sulteng-yang-meledak_325_183.webp"
alt-svc: h3=":443"; ma=86400
content-length: 14450
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Sun, 24 Dec 2023 06:52:20 GMT
server: cloudflare
etag: "6587d524-12606"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d25fc29a2f-FRA

GET
H2 200 6580f093e9854-menteri-ketenagakerjaan-ida-fauziah_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2023/12/19/ 9 KB
9 KB 65ms
59ms Image
image/webp 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2023/12/19/6580f093e9854-menteri-ketenagakerjaan-ida-fauziah_325_183.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ec95068389e95fc9de5b8ede2365b4b0e0cc61b4834d69912104c038587128e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 11666
cf-polished: qual=85, origFmt=jpeg, origSize=62330
content-disposition: inline; filename="6580f093e9854-menteri-ketenagakerjaan-ida-fauziah_325_183.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8982
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Dec 2023 01:23:43 GMT
server: cloudflare
etag: "6580f09f-f37a"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d25fc19a2f-FRA

GET
H3 200 fa-solid-900.woff2
www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/ 78 KB
79 KB 63ms
63ms Font
font/woff2 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff2

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/css/fontawesome5.css?v=2.63

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.viva.co.id/asset-viva/responsive-web/css/fontawesome5.css?v=2.63
Origin: https://www.viva.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 26170
alt-svc: h3=":443"; ma=86400
content-length: 80300
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: "65a8b135-139ac"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d299f39bf5-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
222 B 48ms
47ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=557608072&t=pageview&_s=1&dl=https%3A%2F%2Fwww.viva.co.id%2F&ul=en-us&de=UTF-8&dt=Viva.co.id%3A%20Berita%20Terkini%20Informasi%20Terbaru%20Nasional%20%26%20Internasional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=1967421229&gjid=435633051&cid=592416648.1705583460&tid=UA-31106891-1&_gid=1177065732.1705583460&_r=1&_slc=1&z=1708733694

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

bb788ca67295bb93a57fbfb68f266a82fd82e26c279c63abf28778180660baf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 324 KB
76 KB 56ms
56ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/8c8e12aa600a1d6a06ebd1d766597fa36eb01526.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5636fdafa03e708c0937947995f726a2276cfe90281b985f49759a23469e756d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 28 Dec 2023 07:28:10 GMT
server: cloudflare
age: 625314
etag: W/"658d238a-51149"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 847714d2ec16bba3-FRA
x-xss-protection: 1; mode=block
expires: Sat, 03 Feb 2024 13:11:00 GMT

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame C710 31 B
224 B 40ms
40ms Script
text/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: c25e8070c9a9276daba003fee12e739d8f5f18738ea4d56f8be8df707389ad04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 13:11:00 GMT
cache-control: private, max-age=63115200
content-encoding: gzip
content-type: text/javascript;charset=utf-8
server: nginx
expires: Sun, 18 Jan 2026 03:11:00 +0200

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 232ms
51ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-31106891-1&cid=592416648.1705583460&jid=1967421229&gjid=435633051&_gid=1177065732.1705583460&_u=IEBAAAAAAAAAACAAI~&z=613539984

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 18 Jan 2024 13:11:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
82 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E7BJJNJT3T&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad7b24c06a8f429c6737b4f41e931b4852bcb2db481d916e2e03f6839521ca5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84270
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jan 2024 13:11:00 GMT

GET
H2 200 iframe.htm Show response
go.rcvlink.com/static/ Frame AA8C 19 KB
9 KB 39ms
39ms Document
text/html 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/static/iframe.htm
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: a5c236cde0220b8cc58845f8b5dd00dd5bbfc109e5a0ee623bb9fa00753c8ffc

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Thu, 18 Jan 2024 13:11:00 GMT
etag: W/"65a1fc2c-4ce6"
expires: Fri, 19 Jan 2024 13:11:00 GMT
last-modified: Sat, 13 Jan 2024 02:57:48 GMT
server: nginx

GET
H3 200 logo-kemnaker-white.png
www.viva.co.id/asset-viva/responsive-web/img/ 9 KB
9 KB 53ms
52ms Image
image/webp 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-kemnaker-white.png?v=2.63

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad7a92f0cdae168ce1370e4942178468e0a40f71d52c4ae1d2302a45727c2473

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 12046
cf-polished: origFmt=png, origSize=22382
content-disposition: inline; filename="logo-kemnaker-white.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9138
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 18 Jan 2024 05:03:49 GMT
server: cloudflare
etag: "65a8b135-576e"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d34ac19bf5-FRA

GET
H3 200 65a55b9ded382-timnas-indonesia-rakayakn-gol-marselino-ferdinan_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2024/01/15/ 16 KB
17 KB 55ms
55ms Image
image/webp 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2024/01/15/65a55b9ded382-timnas-indonesia-rakayakn-gol-marselino-ferdinan_325_183.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7acd5322498400ef9bc0557db2d783b30f18c2463ae7944bff7ad017daab884b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 26104
cf-polished: qual=85, origFmt=jpeg, origSize=101720
content-disposition: inline; filename="65a55b9ded382-timnas-indonesia-rakayakn-gol-marselino-ferdinan_325_183.webp"
alt-svc: h3=":443"; ma=86400
content-length: 16744
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 15 Jan 2024 16:21:56 GMT
server: cloudflare
etag: "65a55ba4-18d58"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d34ac59bf5-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
93 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YFFX5TN9EH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KPDQW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b4f43f1029b548899e5620c37bc6f40753327379d5cafbcbcfa2ee7dba6658f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95015
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jan 2024 13:11:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
439 B 187ms
47ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.viva.co.id
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 ifo0f39r58 Show response
www.clarity.ms/tag/ 649 B
1012 B 265ms
128ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ifo0f39r58?ref=gtm2
Requested by: Host: www.viva.co.id
URL: https://www.viva.co.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6bcf0a10ac5ae75320ce381d79a1fe6925ee987d5b4a2e0bbaeaf243e9740d38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: -1
date: Thu, 18 Jan 2024 13:11:00 GMT
x-azure-ref: 20240118T131100Z-qbg33ysadh2tm0quwpsxg76s0w00000001t0000000008y2t
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 649
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 181ms
44ms Image
text/plain 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=8429568&ns__t=1705583460365&ns_c=UTF-8&c8=Viva.co.id%3A%20Berita%20Terkini%20Informasi%20Terbaru%20Nasional%20%26%20Internasional&c7=https%3A%2F%2Fwww.viva.co.id%2F&c9=
Requested by: Host: www.viva.co.id
URL: https://www.viva.co.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-29.ams1.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
via: 1.1 1a89beee9d72657437f5e91f57220804.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: VVzPM_4ug4kujLNwjihqb-d7UnfIBEzv5mM1Jvy0vPLZTdinpJrNPw==
x-cache: Miss from cloudfront

POST
H2 200 hit Show response
api-rengine-stg.viva.id/ 7 B
577 B 331ms
212ms XHR
application/json 2606:4700:20::681a:7d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-rengine-stg.viva.id/hit

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9g9pHc3tzvPPDiBU%2FSvbGwA7qCIYUnt7Q8QxgUmpH7pvE1G8DRS1aAkYmMc6SlVL232pn4UUbYB2kUzuhRch16zmukplzZD9p6Vlrb1bknjDjn6aBFb6NropfGEjxeFIxs%2FhC6uCiiebKxmzcT%2FF9%2BW8WL%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, private
cf-ray: 847714d448284d70-FRA

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame E029 4 KB
1 KB 51ms
51ms Document
text/html 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 1755658
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 847714d44da0bba3-FRA
content-encoding: br
content-type: text/html
date: Thu, 18 Jan 2024 13:11:00 GMT
expires: Sun, 18 Feb 2024 13:11:00 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 132ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-E7BJJNJT3T&gtm=45je41a0v9134563548&_p=1705583459919&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=592416648.1705583460&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.viva.co.id%2F&dt=Viva.co.id%3A%20Berita%20Terkini%20Informasi%20Terbaru%20Nasional%20%26%20Internasional&sid=1705583460&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1116
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E7BJJNJT3T&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 121ms
51ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E7BJJNJT3T&cid=592416648.1705583460&gtm=45je41a0v9134563548&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E7BJJNJT3T&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 151ms
65ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E7BJJNJT3T&cid=592416648.1705583460&gtm=45je41a0v9134563548&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1189717061

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
go.rcvlink.com/bdto/FoBCkf46Fh/ Frame AA8C 5 KB
3 KB 44ms
44ms XHR
application/json 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/bdto/FoBCkf46Fh/?cache=uJjb7dzfsWb7&ver=240113-0457&w=0&h=0&vw=1600&ms=358.27&pb=1&me=0&ref=https%3A%2F%2Fwww.viva.co.id%2F
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 896ccae98814bba7253d0e3e328ccf3dc94a0e95e321a85b9b074af3b3157bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/static/iframe.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
content-encoding: gzip
last-modified: Thu, 18 Jan 2024 13:11:00 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
content-type: application/json
hn: b26
cache-control: no-cache, no-store, no-transform, must-revalidate
access-control-allow-origin: *
expires: Thu, 18 Jan 2024 15:11:00 +0200

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 69ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YFFX5TN9EH&gtm=45je41a0v883879034z872652391&_p=1705583459919&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=592416648.1705583460&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705583460&sct=1&seg=0&dl=https%3A%2F%2Fwww.viva.co.id%2F&dt=Viva.co.id%3A%20Berita%20Terkini%20Informasi%20Terbaru%20Nasional%20%26%20Internasional&en=page_view&_fv=1&_ss=1&tfd=1179
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YFFX5TN9EH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 58ms
51ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YFFX5TN9EH&cid=592416648.1705583460&gtm=45je41a0v883879034z872652391&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YFFX5TN9EH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 87ms
65ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YFFX5TN9EH&cid=592416648.1705583460&gtm=45je41a0v883879034z872652391&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=438831815

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6539a1a84075a-pasangan-capres-cawapres-2024_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2023/10/26/ 15 KB
15 KB 55ms
55ms Image
image/webp 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2023/10/26/6539a1a84075a-pasangan-capres-cawapres-2024_325_183.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed9ad716a3ba72b80579ff05cd06b9e7fa11ecdb0df6ed7f3a57b52bb2fa81e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 26107
cf-polished: qual=85, origFmt=jpeg, origSize=90152
content-disposition: inline; filename="6539a1a84075a-pasangan-capres-cawapres-2024_325_183.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15406
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 25 Oct 2023 23:16:00 GMT
server: cloudflare
etag: "6539a1b0-16028"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d44bff9bf5-FRA

GET
H3 200 65a8cbd3c9a8d-viva-militer-danjen-kopassus-anugerahi-pisau-komando-perak_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2024/01/18/ 9 KB
10 KB 59ms
59ms Image
image/webp 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2024/01/18/65a8cbd3c9a8d-viva-militer-danjen-kopassus-anugerahi-pisau-komando-perak_325_183.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2b5c2cf41c59fd0f560489a9c737146f718f65572f652d4662707f97678322

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1090
cf-polished: qual=85, origFmt=jpeg, origSize=66703
content-disposition: inline; filename="65a8cbd3c9a8d-viva-militer-danjen-kopassus-anugerahi-pisau-komando-perak_325_183.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9358
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 18 Jan 2024 06:57:29 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 847714d44c039bf5-FRA

GET
H3 200 65a87591c1860-anggota-dpd-ri-arya-wedakarna-sidak-di-smkn-5-denpasar_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2024/01/18/ 15 KB
16 KB 62ms
62ms Image
image/jpeg 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2024/01/18/65a87591c1860-anggota-dpd-ri-arya-wedakarna-sidak-di-smkn-5-denpasar_325_183.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf8f8703af54c9622eb20ae65eef1d223676852252e5e08bdce5f5829d32d240

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 21802
cf-polished: degrade=85, origSize=77696, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 15867
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 18 Jan 2024 00:49:29 GMT
server: cloudflare
etag: "65a87599-12f80"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d44c059bf5-FRA

GET
H3 200 639c20cc9ac23-militer-ukraina-menembak-jatuh-drone-kamikaze-shahed-136-rusia-buatan-iran_325_183.jpg
thumb.viva.co.id/media/frontend/thumbs3/2022/12/16/ 16 KB
16 KB 54ms
54ms Image
image/jpeg 2606:4700:10::6816:3658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumb.viva.co.id/media/frontend/thumbs3/2022/12/16/639c20cc9ac23-militer-ukraina-menembak-jatuh-drone-kamikaze-shahed-136-rusia-buatan-iran_325_183.jpg

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7e8f31d9b7bf5a67dd0ad68768afd7a745145553b3f43bb4dee06955f40ff6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 25238
cf-polished: degrade=85, origSize=74540, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 16052
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 17 Jan 2024 23:28:00 GMT
server: cloudflare
etag: "65a86280-1232c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 847714d44c089bf5-FRA

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
368 B 145ms
47ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.viva.co.id
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 151ms
63ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-31106891-1&cid=592416648.1705583460&jid=1967421229&_u=IEBAAAAAAAAAACAAI~&z=2086741377

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 66ms
64ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-31106891-1&cid=592416648.1705583460&jid=1967421229&_u=IEBAAAAAAAAAACAAI~&z=2086741377

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 78ms
78ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ifo0f39r58?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:00 GMT
content-encoding: br
last-modified: Wed, 17 Jan 2024 09:38:21 GMT
etag: W/"0x8DC17400B6A7365"
vary: Accept-Encoding
x-azure-ref: 20240118T131100Z-qbg33ysadh2tm0quwpsxg76s0w00000001t0000000008y37
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 5bafff2b-501e-004b-1c2a-49d288000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 46ms
45ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=557608072&t=pageview&_s=1&dl=https%3A%2F%2Fwww.viva.co.id%2F&ul=en-us&de=UTF-8&dt=Viva.co.id%3A%20Berita%20Terkini%20Informasi%20Terbaru%20Nasional%20%26%20Internasional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAABAAQCACAAI~&jid=332619380&gjid=1577968779&cid=592416648.1705583460&tid=UA-85211792-1&_gid=1177065732.1705583460&_slc=1&gtm=45He41a0n71KPDQW3v72652391&cd1=AMP%20Page&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=47259724

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 50ms
50ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-85211792-1&cid=592416648.1705583460&jid=332619380&gjid=1577968779&_gid=1177065732.1705583460&_u=aGDAgAABAAQCAGAAI~&z=844986367

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 18 Jan 2024 13:11:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
294 B 388ms
127ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.viva.co.id
Date: Thu, 18 Jan 2024 13:11:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B27D98C78DB84D0A852C51BC1CA2DA1D&RedC=c.clarity.ms&MXFR=2C83E2506EA96A6C3AD4F65A6AA96407
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B27D98C78DB84D0A852C51BC1CA2DA1D&MUID=189F6A7ED9F263E319187E74D85E62E7

42 B
442 B

59ms
58ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B27D98C78DB84D0A852C51BC1CA2DA1D&MUID=189F6A7ED9F263E319187E74D85E62E7
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
last-modified: Wed, 10 Jan 2024 21:11:32 GMT
server: Microsoft-IIS/10.0
etag: "d765ee95944da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B202E56CE0C84958BD2B08AF3C188F66 Ref B: FRA31EDGE0118 Ref C: 2024-01-18T13:11:01Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B27D98C78DB84D0A852C51BC1CA2DA1D&MUID=189F6A7ED9F263E319187E74D85E62E7
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/8429568/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
382 B

40ms
39ms

Script
application/javascript

18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 18.65.39.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-29.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 08:52:23 GMT
via: 1.1 1a89beee9d72657437f5e91f57220804.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 15614
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: jA1sTX3IbKimMIzw66TQDM8MYJnuoW116JT1Nk4o9ZTKr93y2ZmRXA==

Redirect headers

date: Thu, 18 Jan 2024 13:11:01 GMT
via: 1.1 1a89beee9d72657437f5e91f57220804.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: 4ibOqJ_9WO2Ag9Lsaa4CNwTXrroWIuaT-IcdUb9bNMbI76tIu-iQ7Q==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
30 KB 172ms
85ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07aeafc3abac717331327b8d0cf0ef4b0bf160ed31da23d7851cf2825aadbf74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30292
x-xss-protection: 0
server: cafe
etag: 357 / 19740 / 31080488 / config-hash: 4378279991211349337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:11:01 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157005/907/ 478 KB
146 KB 140ms
46ms Script
application/javascript 23.211.9.91
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Requested by: Host: www.viva.co.id
URL: https://www.viva.co.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-9-91.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0a43bf49567c71acd7a53e1cdb82940710e70cdf17c7ab1ae8ceb9bdc36c1516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 07:13:03 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=317
accept-ranges: bytes
content-length: 148629
expires: Thu, 18 Jan 2024 13:16:18 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 430 KB
135 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 19:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63228
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138162
x-xss-protection: 0
server: cafe
etag: 1666572220375911148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 16 Jan 2025 19:37:13 GMT

GET
H2 200 geo Show response
ut.pubmatic.com/ 12 B
93 B 162ms
44ms XHR
application/json 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ut.pubmatic.com/geo?pubid=157005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 13:11:01 GMT
cache-control: max-age=172800
content-length: 12
content-type: application/json

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
694 B 133ms
41ms XHR
application/json 3.120.222.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.2.0&referrer=https%3A%2F%2Fwww.viva.co.id%2F&tmax=950

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.120.222.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-222-225.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:01 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
x-auction-status: 7, 7, 7, 7, 7, 7, 7
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
receive-cookie-deprecation: 1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
554 B 156ms
91ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=313582
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0e5b5225d49e42790aac246a9e24efd59af61a4aa1aab8eb7eb68cea3215bd8

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKXjuwfuPLxiYggjBw%2Fy5qpAhlg2K6d%2FIUs6%2FQcAnO%2FhAt%2FNmFItkD70q%2B1KlJ1wUjFQRliEt4R3Z%2FmJoL8ZCfIyFrGf%2FFlb3yqDsVZCM7zDWOtBEFtpP7VNIXzV8eiC6HLeiUOY"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 847714da4df84504-TXL
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 186 B
564 B 383ms
112ms XHR
application/json 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.viva.co.id
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 186 B
569 B 275ms
130ms XHR
application/json 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:01 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.viva.co.id
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 186 B
564 B 312ms
167ms XHR
application/json 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:01 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.viva.co.id
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 186 B
564 B 272ms
125ms XHR
application/json 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:01 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.viva.co.id
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 186 B
564 B 269ms
123ms XHR
application/json 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:00 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.viva.co.id
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 186 B
564 B 303ms
156ms XHR
application/json 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:01 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.viva.co.id
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 186 B
564 B 304ms
158ms XHR
application/json 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:01 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.viva.co.id
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
381 B 228ms
89ms XHR
application/json 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:01 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.viva.co.id
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 18 Jan 2024 13:11:01 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 221ms
65ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=397
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.viva.co.id
date: Thu, 18 Jan 2024 13:11:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 45ms
43ms Script
text/javascript 2600:9000:25a2:7a00:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:7a00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Thu, 18 Jan 2024 09:17:41 GMT
Via: 1.1 aca4cfc16ad0f84e78738cc400bfb7f4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH55-P1
Age: 14001
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: QCA-zvkxb8ttIGT3VxUmq9ZwH8uF9yw19YRn0dWl95x_TDa9hXDX6Q==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 172ms
60ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:01 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: ab2ea68e18d3d9312f971c008df4542b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 146ms
42ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 05:37:13 GMT
content-encoding: gzip
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 27229
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: TF70cj9bR8LYXpwiYWTKJuI1ehjzB-i8rNjIirEYdVWpwtJ3ZycYMg==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 135ms
54ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 24529
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230100-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HYBizRrMmVzwVXVvkg3755JnuLa17FcsaGg3e8Qc0oZrS%2B3vH42ufBCJL0FCmou2C2NwNDjLjUCV2gobrur5J2pqWwES%2F911u6w2oerdnDDGpWQRVBrGNlL5STJVSBL19%2FgeDmSonzaCThVzSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 847714da79ac91d5-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 114 KB
29 KB 138ms
57ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: HKP1V3SEAMEW355Z
age: 1320
etag: W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 847714da7cf81cbf-FRA
x-amz-id-2: G/bbfXEgLZnSs/sThnnByTsGsbfxzKHt0EjGUCAG7rMgLeFzyHacmBYQlPcqHkQcZoULOO+weEM=

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 140ms
40ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:42:46 GMT
content-encoding: gzip
age: 1099695
x-guploader-uploadid: ABPtcPoloqixCCgTXomADCSOsA3BvcXFUxsBHUY7D-XO-cwUIkLuV-5nhidCq6Qut0LCqSjbEWf0KZgVTA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 04 Jan 2025 19:42:46 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 137ms
54ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 19:21:40 GMT
server: cloudflare
age: 61535
etag: W/"65833ec4-2d18"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 847714da7a7e4541-TXL
expires: Sun, 21 Jan 2024 13:11:01 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 167ms
82ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3dd103ba888c627706f31656287652d5fceb9ef7a7099eec5a07aac2f7d397dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 10 Jan 2024 15:13:35 GMT
server: nginx
etag: W/"659eb41f-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 19 Jan 2024 13:11:01 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
230 B 126ms
41ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.viva.co.id
date: Thu, 18 Jan 2024 13:11:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.viva.co.id%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.viva.co.id%2F&rid=esp&cc=1

85 B
194 B

153ms
152ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.viva.co.id%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: f788f7f435cb386dab1f27c42e3ba38738f782b9c6dc35c474ad26626d2cc31c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:01 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-t+Ocjs/ZjgZVwDq8SSfHZSblfHc"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.viva.co.id
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 18 Jan 2024 13:11:01 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.viva.co.id
location: /esp?url=https%3A%2F%2Fwww.viva.co.id%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 174ms
56ms XHR
application/json 63.32.195.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.195.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-195-36.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 10251e1644c453a1b0ae9c51412ed5534d1d6b0def1f1dbc7725d9c6f1cb3f0d

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache
x-server: 10.45.4.8
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E968 14 KB
6 KB 139ms
49ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.viva.co.id

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 307085
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 565 KB
132 KB 1058ms
1057ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=275103510086354&correlator=3279481319351613&eid=44809527%2C31080256%2C31080488%2C31079724%2C31080115&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=11225321%2CVIVA.CO.ID%2CHome%2Cinterstitial%2CUMKM&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F4&prev_iu_szs=728x90%7C970x250%2C970x100%2C300x250%2C300x250%2C300x250%2C160x600%2C160x600%2C728x90%2C1x1%2C300x250%2C300x250&ifi=1&didk=448557249~4081313187~3701212228~3701212229~3701212230~2034924552~1059785318~3353032748~3219457213~3171852772~3171852773&sfv=1-0-40&ists=4&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1705583461812&lmt=1705583204&adxs=436%2C315%2C985%2C985%2C985%2C140%2C1300%2C-9%2C-9%2C-9%2C-9&adys=295%2C450%2C1850%2C2709%2C3373%2C359%2C359%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C0%7C0%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&tos=~~~~~~~~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.viva.co.id%2F&vis=1&psz=970x200%7C970x100%7C300x250%7C300x250%7C300x250%7C160x600%7C160x600%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=728x0%7C970x0%7C300x0%7C300x0%7C300x0%7C160x0%7C160x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C4%2C516%2C516%2C516%2C516%2C516%2C2%2C2%2C2%2C2&ohw=970%2C970%2C300%2C300%2C300%2C160%2C160%2C0%2C0%2C0%2C0&ga_vid=592416648.1705583460&ga_sid=1705583462&ga_hid=557608072&ga_fc=true&ga_cid=1177065732.1705583460&a3p=EhcKCHJ0YmhvdXNlGOOJyeXRMUgAUgIIahIZCgp1aWRhcGkuY29tGNmIyeXRMUgAUgIIag..&dlt=1705583459906&idt=1484&prev_scp=pos%3Dleaderboard%7Cpos%3Dleaderboard_custom%7Cpos%3Drectangle_1%7Cpos%3Drectangle_2%7Cpos%3Drectangle_3%7Cpos%3Dskin-left%7Cpos%3Dskin-right%7Cpos%3Dbottomframe%7C%7Cpos%3Dumkm_1%7Cpos%3Dumkm_2&adks=363344576%2C2297056952%2C522079042%2C522079043%2C522079040%2C1683619082%2C3246983854%2C1240739531%2C1653184459%2C3791764080%2C3791764081&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbc64e4fa32a2b559e7a575912c79a3963b8215825c433c9226f60b0642596dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:02 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135019
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,6422159278,-1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,-1,-1,138456251787,-1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.viva.co.id
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 284ms
83ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401160101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36668d983b328b2426643f5b15c2ed9337df7f4405cb37b9b690086183b3ccfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12309
x-xss-protection: 0

GET
H2 200 container.html Show response
0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DBC8 6 KB
3 KB 271ms
73ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:02 GMT
expires: Fri, 17 Jan 2025 13:11:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 40 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl_page_level_ads.js?cb=31080488

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eb063dd5efc39b1b3492ea35f77a7fa157fbdbd8ef1dcbeb885d9349066f3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 19:37:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63182
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13863
x-xss-protection: 0
server: cafe
etag: 12572411096080002997
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 16 Jan 2025 19:37:59 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1EBC 16 KB
6 KB 43ms
43ms Document
text/html 23.211.9.91
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-9-91.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=85730
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Thu, 18 Jan 2024 13:11:01 GMT
expires: Fri, 19 Jan 2024 12:59:51 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 3385 37 B
140 B 217ms
41ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 18 Jan 2024 13:11:02 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 2F7B 3 KB
2 KB 224ms
48ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 468
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 847714ddb8cd2675-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 13:11:02 GMT
expires: Thu, 18 Jan 2024 17:11:02 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame E968
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=viva.co.id&sn=ChromeSyncframe&so=0&topUrl=www.viva.co.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=PC-CTHx2MWlneW5Dd3Jqd1l6WjhNMjAyaXpNeURIMW9qeHFDeHJPOHYyZTQxNmVsOGt0NGhxTmd0K1U1RFpSMk9tVURNaU1odXhWVU9QYUNrU0FMVHlaQ2duUjVIbU1oSTVQYmF0V2VMS28rc3UyeENSNmoxLzhQUEI0ZX...

454 B
659 B

46ms
46ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=PC-CTHx2MWlneW5Dd3Jqd1l6WjhNMjAyaXpNeURIMW9qeHFDeHJPOHYyZTQxNmVsOGt0NGhxTmd0K1U1RFpSMk9tVURNaU1odXhWVU9QYUNrU0FMVHlaQ2duUjVIbU1oSTVQYmF0V2VMS28rc3UyeENSNmoxLzhQUEI0ZXh3SkdLeW5UTkVrUkNKbW0vSTNTMnRTQVpjenoyTXNRVVh3ZlNzM0FSNUoydGxPbHYwbXB2eVZZVDFtVFhGeXB4bnNha0lycmF3SXNucjlWalhPbHZNdGZiaGlnd0hmRDlYUlBnM09CSmx3VUNYM1BaUUhZZmRuOXZSZ1p1V0FoS0tGNkU1V3VZQzNvOFBJbmRDeUhnbEg5dEwxY0RwQT09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a571fbade65c67dd77285cae77101b1dc3b1ecc7b3e7fbb28ab356b6c1d69510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1290170
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=PC-CTHx2MWlneW5Dd3Jqd1l6WjhNMjAyaXpNeURIMW9qeHFDeHJPOHYyZTQxNmVsOGt0NGhxTmd0K1U1RFpSMk9tVURNaU1odXhWVU9QYUNrU0FMVHlaQ2duUjVIbU1oSTVQYmF0V2VMS28rc3UyeENSNmoxLzhQUEI0ZXh3SkdLeW5UTkVrUkNKbW0vSTNTMnRTQVpjenoyTXNRVVh3ZlNzM0FSNUoydGxPbHYwbXB2eVZZVDFtVFhGeXB4bnNha0lycmF3SXNucjlWalhPbHZNdGZiaGlnd0hmRDlYUlBnM09CSmx3VUNYM1BaUUhZZmRuOXZSZ1p1V0FoS0tGNkU1V3VZQzNvOFBJbmRDeUhnbEg5dEwxY0RwQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 304423
content-length: 0
expires: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1EBC 0
42 B 164ms
42ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30772337&p=157005&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157005
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:02 GMT
content-length: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame FA31 199 B
298 B 151ms
49ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Thu, 18 Jan 2024 13:11:02 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
294 B 126ms
126ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.viva.co.id
Date: Thu, 18 Jan 2024 13:11:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame DD65
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
839 B

111ms
110ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72fceb17bb92baacf248770a9bac801c61fc078966d821508e135cd991498399

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 847714def9094504-TXL
content-encoding: br
content-type: text/html
date: Thu, 18 Jan 2024 13:11:02 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvuT3sTLYwV9ggDPv2EHdnkIJLYAwuMljsP3B%2F5mg3t8%2F4gGnxwKzbluKmgquk5qDPLFIhkv9No8EcP4cqnFHU1KcYwik35%2BRPvtiERPU%2F2PXWD7FUTb8PasSyI7U4xhyd6wgIpMcliCtA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 847714de2f034504-TXL
content-length: 0
date: Thu, 18 Jan 2024 13:11:02 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLIeIPifksOp6vIAUui7QasBF1Z9Dbjw8mCCxZfXmJxMvtjC%2FVd3%2BiCxhGu97vXINnhfnmrsVoetQ0jFDTFkg9%2Blv98g4vxjRY74WjktwnT2sYAWqii5XmZt7H%2FYJcIuYcLJyITliEc0ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 198ms
86ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 13:11:02 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EDCF 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 12:55:52 GMT
expires: Fri, 17 Jan 2025 12:55:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 19D2 829 B
1000 B 50ms
50ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3a141359db35ddc2ec37fa5290e16e08165e83005a14f0064b4bb075fd89b3a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0C1K-Yh_B4PGRQJ3gQ8ADw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0C1K-Yh_B4PGRQJ3gQ8ADw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:02 GMT
expires: Thu, 18 Jan 2024 13:11:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame DD65
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZakjZhCKSxXVFVI0l.NevgAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZakjZhCKSxXVFVI0l.NevgAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2

43 B
739 B

80ms
80ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08ouDHqTjTrFElHcNx9%2Fza970pvK4KgBWZxkbfCfiWAK7gcevrWS0aZk9x%2BvhG%2F7L47bSNV2hrgXj7mJQc4ECdu7DS8ZLJjg%2FscCLHfE1Sk1e9vJ%2FQl%2BQu5xtkHHwGUnpKnYC%2F8TQyaHVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e119aa58f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame DD65
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZakjZhCKSxXVFVI0l-NevgAADRUAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZakjZhCKSxXVFVI0l-NevgAADRUAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

145ms
145ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZakjZhCKSxXVFVI0l-NevgAADRUAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 13:11:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ETY6923654SW4Z45XE00
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 13:11:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S4DVADHJE36G48KCBH1T
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZakjZhCKSxXVFVI0l-NevgAADRUAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame DD65
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZakjZhCKSxXVFVI0l-NevgAADRUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZakjZhCKSxXVFVI0l-NevgAADRUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFMDCo7zxUPmUUinRdnk1iQ&google_cver=1

43 B
735 B

80ms
79ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFMDCo7zxUPmUUinRdnk1iQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfDG97yoWtzTre7mq8%2BF%2BfA1DI8i0dzUJiuQCp2XNUySOuB%2F11WnJCdwVUoOM6s6rc26aXX2Y72vXnKQrKoXOBEXSiZIfeMapGF16bfbn43eCHbGtl%2F91bT%2F4Hcgo3yJL8%2BcCMM9sj5BmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e0e94958f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFMDCo7zxUPmUUinRdnk1iQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame DD65
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZakjZhCKSxXVFVI0l.NevgAA%263349&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZakjZhCKSxXVFVI0l.NevgAA%263349&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d9ab92e2c7b0476cb1430a984fd65c82
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d9ab92e2-c7b0-476c-b143-0a984fd65c82
https://p.rfihub.com/cm?pub=39342&in=1&userid=1d16ff57-46f6-44a3-8ef4-be35338dae79%3A1705583463.1607707&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D1d16ff57-46f6-44a3-8ef4-be35338...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529945301831&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D1d16ff57-46f6-44a3-8e...
https://idsync.rlcdn.com/501709.gif?partner_uid=1d16ff57-46f6-44a3-8ef4-be35338dae79%3A1705583463.1607707&_=1705583463.1625004

0
98 B

158ms
52ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=1d16ff57-46f6-44a3-8ef4-be35338dae79%3A1705583463.1607707&_=1705583463.1625004
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 18 Jan 2024 13:11:03 GMT
via: 1.1 b03c46754456cd1729ff37c2faafd4ec.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: ZRH55-P1
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=1d16ff57-46f6-44a3-8ef4-be35338dae79%3A1705583463.1607707&_=1705583463.1625004
content-length: 447
x-amz-cf-id: Kq7aptUxCihdZL68N0L7qjd55Y0JaGt3VLEx-IGlpc-V-pljE9dMew==

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame DD65
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2053105214117429247&expiration=1706793062

43 B
727 B

80ms
80ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2053105214117429247&expiration=1706793062
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXsMTmbZfnKcRtROWGOuHoEvVJzC4ja2qUZCTcVu1vhAU121oZgD2YJWFPmY5xM%2B0uhilfwWrAdU9mBq298KlDyTeuosbS8fYBOsUl0ZN80XhqecYha3AiYI929NkrM2poF6nqwaMSootA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e0d8f858f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2053105214117429247&expiration=1706793062
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DD65
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=PHunWzh98FQneKVUPHjrVD4v8FEndvMEPi2Eya0E

43 B
773 B

90ms
87ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=PHunWzh98FQneKVUPHjrVD4v8FEndvMEPi2Eya0E
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgGGjlYUCsEkwRTSExOll82lFlcTDhM3%2Fcc%2FPNbe%2Fdr4Nc52zA0yQMsEVbUiC%2Brdx4PA%2B9ZU7VLH1vAczNy%2BrH6vZw4I2RyZWqQto6Lf3sdnDacWz821mByTHqdXKO5KL16ZpBK4pojfMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e0884958f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=PHunWzh98FQneKVUPHjrVD4v8FEndvMEPi2Eya0E
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame DD65
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
741 B

71ms
71ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgVYlrCxXOwASgkEh83FW%2BPLVZe8WVoN5NOTrZUEErZfRQ%2F6cwMpr1TQ%2BnYIVTs%2F29YtSW8yHzzjCbH9c4ji3k6UYMpRis%2BGUPTIGC10g%2BpO2zjXAOxGKmdVIAljnLxWPBJG%2BBE8jh60Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e3c84858f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Thu, 18 Jan 2024 13:11:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DD65
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3660946005994303575

43 B
737 B

86ms
86ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3660946005994303575
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRg1H3hhVlv3IftHh95GPkQdWgMGRj8yKqEDvuS614GaYchs0K7FDAZ4kcQ25dUGRJP%2Ba57ddK%2FPdVmvQ%2Bn9%2B0YR5XWuKvfmGUPN3R%2Fvl8m5%2Bxso4R1487lCrByF0GoBj07aEEVBXqVJvA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e0c8de58f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3660946005994303575
pragma: no-cache
date: Thu, 18 Jan 2024 13:11:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame DD65 43 B
230 B 45ms
39ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZakjZhCKSxXVFVI0l.NevgAA%263349
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.viva.co.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:02 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 19660
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 847714dfbd6f2675-TXL
content-length: 43
expires: Fri, 19 Jan 2024 13:11:02 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame EDCF 39 KB
15 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 11:05:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 19D2 0
0 255ms
186ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401160101&jk=275103510086354&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EDCF 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gD7tbA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DDA5 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:02 GMT
expires: Fri, 17 Jan 2025 13:11:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 71B1 6 KB
3 KB 43ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:02 GMT
expires: Fri, 17 Jan 2025 13:11:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012312191621000/ Frame D139 196 KB
56 KB 140ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 19:43:23 GMT
age: 62860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56099
x-xss-protection: 0
server: sffe
etag: "b4f73150f1481343"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 19:43:23 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame D139 15 KB
5 KB 280ms
180ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 02:19:24 GMT
age: 125499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "1615cf8c9658662f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 02:19:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame D139 95 KB
28 KB 269ms
170ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jan 2024 16:12:39 GMT
age: 161904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29030
x-xss-protection: 0
server: sffe
etag: "4993b3249a87fa76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Jan 2025 16:12:39 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame D139 5 KB
2 KB 278ms
179ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 02:31:34 GMT
age: 124769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1930
x-xss-protection: 0
server: sffe
etag: "09131eec19261354"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 02:31:34 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame D139 40 KB
13 KB 281ms
182ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jan 2024 21:00:52 GMT
age: 144611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "b1091b2fa725aeb2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Jan 2025 21:00:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D139 6 KB
1 KB 134ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 13:04:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H3 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D139 3 KB
3 KB 39ms
39ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 23:49:39 GMT
x-content-type-options: nosniff
server: cafe
age: 48083
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Thu, 18 Jan 2024 23:49:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D139 344 B
368 B 40ms
40ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 19:01:23 GMT
x-content-type-options: nosniff
server: cafe
age: 65379
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 18 Jan 2024 19:01:23 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/13502479457489174100/ Frame D139 33 KB
33 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13502479457489174100/2076313506083323656

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b127a23ecc6f89444978df823ef1e9086efb39b89cdc4ef7f2814d93d6eed2b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 16:32:26 GMT
date: Tue, 16 Jan 2024 16:32:26 GMT
x-content-type-options: nosniff
age: 160716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33870
x-xss-protection: 0
last-modified: Thu, 21 Dec 2023 11:39:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame D139 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 288a22ffc91efc3d480223a6d01055f0a9cccd13edceeae7fb82ce9dee9d7896

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D139 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4798307508aa969c667bc00cdc86c744cabcf5f70e65ed9abb74957f2b5db577

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012312191621000/ Frame D0FA 196 KB
55 KB 150ms
90ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 19:43:23 GMT
age: 62860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56099
x-xss-protection: 0
server: sffe
etag: "b4f73150f1481343"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 19:43:23 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame D0FA 15 KB
5 KB 161ms
159ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 02:19:24 GMT
age: 125499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "1615cf8c9658662f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 02:19:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame D0FA 95 KB
28 KB 162ms
160ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jan 2024 16:12:39 GMT
age: 161904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29030
x-xss-protection: 0
server: sffe
etag: "4993b3249a87fa76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Jan 2025 16:12:39 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame D0FA 5 KB
2 KB 168ms
167ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 02:31:34 GMT
age: 124769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1930
x-xss-protection: 0
server: sffe
etag: "09131eec19261354"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 02:31:34 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame D0FA 40 KB
13 KB 169ms
168ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jan 2024 21:00:52 GMT
age: 144611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "b1091b2fa725aeb2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Jan 2025 21:00:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D0FA 6 KB
779 B 110ms
63ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 13:09:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H3 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D0FA 3 KB
3 KB 40ms
40ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 23:49:39 GMT
x-content-type-options: nosniff
server: cafe
age: 48083
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Thu, 18 Jan 2024 23:49:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D0FA 344 B
368 B 44ms
44ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 19:01:23 GMT
x-content-type-options: nosniff
server: cafe
age: 65379
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 18 Jan 2024 19:01:23 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012312191621000/ Frame CB0D 196 KB
55 KB 196ms
146ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 19:43:23 GMT
age: 62860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56099
x-xss-protection: 0
server: sffe
etag: "b4f73150f1481343"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 19:43:23 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame CB0D 15 KB
5 KB 170ms
169ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 02:19:24 GMT
age: 125499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "1615cf8c9658662f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 02:19:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame CB0D 95 KB
28 KB 171ms
170ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jan 2024 16:12:39 GMT
age: 161904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29030
x-xss-protection: 0
server: sffe
etag: "4993b3249a87fa76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Jan 2025 16:12:39 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame CB0D 5 KB
2 KB 177ms
177ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 02:31:34 GMT
age: 124769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1930
x-xss-protection: 0
server: sffe
etag: "09131eec19261354"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 02:31:34 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame CB0D 40 KB
13 KB 178ms
178ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jan 2024 21:00:52 GMT
age: 144611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "b1091b2fa725aeb2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Jan 2025 21:00:52 GMT

GET
H3 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CB0D 3 KB
3 KB 39ms
38ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 23:49:39 GMT
x-content-type-options: nosniff
server: cafe
age: 48083
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Thu, 18 Jan 2024 23:49:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CB0D 344 B
368 B 41ms
41ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 19:01:23 GMT
x-content-type-options: nosniff
server: cafe
age: 65379
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 18 Jan 2024 19:01:23 GMT

GET
DATA 200
OK truncated
/ Frame CB0D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 017a761e140476b31c509a04d75401f0d0fc16d99c1bc2ef03a78ab5519ccc44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 13611886988643599379
tpc.googlesyndication.com/daca_images/simgad/ Frame CB0D 38 KB
38 KB 39ms
39ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13611886988643599379

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1b54667f2604f8b93930d1f03f0779bf2e81fdace89dafe580c7bb80971841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 02:22:00 GMT
date: Wed, 17 Jan 2024 02:22:00 GMT
x-content-type-options: nosniff
age: 125343
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39219
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 16:34:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 container.html Show response
0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2C30 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:02 GMT
expires: Fri, 17 Jan 2025 13:11:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DC69 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:02 GMT
expires: Fri, 17 Jan 2025 13:11:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 210B 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viva.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:02 GMT
expires: Fri, 17 Jan 2025 13:11:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E66E 624 B
368 B 274ms
81ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNWrRyiuKbMPFTyvlslr2IXj7b0rENJmmOHiqVq7YqoX-vPvnrL8LwQQuBH5rNSMEVs8GgvsrLER8dD4RwaSFg0PTvr-FG5l8xM41u0zJ501hekV9ivwSwQQCABqTXI_P9MnrHsHc4BYLl36AKOCHgLxiBMhKnak0iuCp5EQS0AWjDXsLwo

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:03 GMT
expires: Thu, 18 Jan 2024 13:11:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DDA5 89 KB
31 KB 153ms
152ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DDA5 42 B
63 B 192ms
190ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AVSX1FsR86QIOG_FOltmyg4UpizAGBJl_T8-tR8GrvXqqZhGVqz9qiPU9CD0KkoHOrGR8v8DTvZGgiPFurGA_KiqvaLnMucGUHUkFVzbwWPzcv8Go

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame DDA5
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1878143/77329995/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015562965&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

43 B
483 B

224ms
43ms

Image
image/gif

2600:9000:25a2:1a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
Requested by: Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:25a2:1a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 3267680
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: vTTMCgM3as58uQyCWCqPur9LjT8tmFOHU49XKQfG3BTaTFiJJE8O1Q==

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: nginx
x-server-name: app06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame DDA5 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:00:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:00:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame DDA5 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDA5 206 KB
65 KB 316ms
123ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/13502479457489174100/ Frame D0FA 33 KB
33 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13502479457489174100/2076313506083323656

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b127a23ecc6f89444978df823ef1e9086efb39b89cdc4ef7f2814d93d6eed2b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 16:32:26 GMT
date: Tue, 16 Jan 2024 16:32:26 GMT
x-content-type-options: nosniff
age: 160717
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33870
x-xss-protection: 0
last-modified: Thu, 21 Dec 2023 11:39:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame D0FA 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 288a22ffc91efc3d480223a6d01055f0a9cccd13edceeae7fb82ce9dee9d7896

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D0FA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06c09cc4da7b409a54293acc0f244e36e2185906174802e37875351fcb7e7a42

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5973 624 B
368 B 259ms
81ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLify4ECMAE&v=APEucNUM0XB9lFiYu4H1XNwQSvnUp17gRDMZR15kOk_Ia22QUQLTCJ783gdCtEwf2Yf-uKklIE70Qx0qvFg1D6oS5OJzgloPTZTYKyBgtSf53UfQ8KUIrOYLD2cgQoXQQ-nS89JTWrsXUndM6BkF6MpsivSX8Ys-rSmwvmC98xl5rAuDwTqfgbI

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:03 GMT
expires: Thu, 18 Jan 2024 13:11:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8A88 89 KB
31 KB 215ms
214ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 8A88
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1878143/77746728/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015387910&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

43 B
482 B

232ms
46ms

Image
image/gif

2600:9000:25a2:1a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
Requested by: Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:25a2:1a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 3267680
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Rjx4qLSN1HUop6FijfDKJAOVBOTwYNbxZibLobnT7nlfViJtKEzqNQ==

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: nginx
x-server-name: app03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 8A88 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:00:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:00:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 8A88 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A88 206 KB
65 KB 431ms
253ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A88 42 B
63 B 186ms
186ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYuV8i3cvYR5aWDYWl1Be-z-nxROAiOJxNR4Kgmtg2C5C0IJpF8vaTXK2dvdvRhqEsYf3dFqp6ZNrn8_DHq7BQT1YRkyRzAFH0AGy9z-fpzK4dcSs

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0C5F 624 B
534 B 239ms
78ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIWWy4ECMAE&v=APEucNUcocsgC_XxngXwzWg-7IYCrDTL9As8vxen-t6n4zLjf97mDmq-Xx61ZGF-QAa5V_v0LKHDlW2jBX4pvwgbNQqgy5Mu8HKjVzYKCIbQ63Bw4ckKk4OGlMDslyJ3xDk81dzZZEUYE-LT3QRuftKZ1C4H9DZ5lMPDKLJsPeZAggWO96LE7-4

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:03 GMT
expires: Thu, 18 Jan 2024 13:11:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2C30 89 KB
31 KB 217ms
217ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C30 42 B
63 B 188ms
188ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ApvpwpaAEh8yl9Kf1qcN-eclLxHLVNJ8wj4usui1L8AtP1j9gk_8MqVFtksU7r8f7lFbdDRnYpB4LJDFOWVbB_Hia7MkEzwTIERwJtagQy5rcapBY

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 2C30
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1878143/77746722/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015387910&ias_pubId=pub-8778850799846731&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

43 B
481 B

229ms
45ms

Image
image/gif

2600:9000:25a2:1a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
Requested by: Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:25a2:1a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 3267680
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: HuLW-wytGzmINUY0Yg4wJ4l2HM8rHmznKfUq4n-j3uZhluTwY_ij0w==

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: nginx
x-server-name: app05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 2C30 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:00:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:00:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 2C30 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C30 206 KB
65 KB 354ms
195ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6119 624 B
368 B 229ms
79ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYvviFgAIwAQ&v=APEucNXY2SW9JfBiUbdGoc4Ffj8oQQBWBe_74fBVZLtxTfFqg3mnaFN_qzTM2OdZ4pthGjh4RR3cdtf-kYcB_AmdwuQoIbaFeAUJORdncIUBjbMjwKrLIW1oyIntQS04EPfHWnsKvRlfOAy-8xQRjZvXDWYMTWilkTI3HbwFfPeDuvg-CCdYZD0

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:03 GMT
expires: Thu, 18 Jan 2024 13:11:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame DC69 111 KB
39 KB 188ms
39ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Origin: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 21:44:19 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/ Frame DC69 8 KB
3 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:01:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/ Frame DC69 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/abg_lite_fy2021.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:30:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:30:47 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DC69 41 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame DC69 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:00:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:00:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame DC69 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC69 42 B
63 B 222ms
221ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DS8mKTnz7JFe6rFioeEW8lq_-xNBqAJV2JS9pR3q1P2BKAVC-ngwjG2q8vxyt4--2TygStJgYGXt5K6lGHLZxy5wMgxRgzAKt0p_WMcbwAnoOVT4c

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC69 206 KB
65 KB 414ms
270ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 210B 4 KB
744 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 13:09:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8573 14 KB
1 KB 53ms
52ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 12:56:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 8573 2 KB
822 B 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/ Frame 8573 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/abg_lite_fy2021.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:03 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F414 143 B
383 B 167ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1963
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 12:38:20 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 8573 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:00:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:00:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 8573 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8573 206 KB
65 KB 380ms
253ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 8573 37 KB
16 KB 169ms
42ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 17:10:43 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/ Frame 210B 22 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:46:42 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 210B 205 B
519 B 176ms
52ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 09:40:51 GMT
x-content-type-options: nosniff
age: 99012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Jan 2025 09:40:51 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 210B 604 B
695 B 176ms
52ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:17:22 GMT
x-content-type-options: nosniff
age: 125621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Jan 2025 02:17:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D139 15 KB
16 KB 158ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.viva.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 505902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D139 15 KB
15 KB 206ms
89ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.viva.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 00:01:51 GMT
x-content-type-options: nosniff
age: 220152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 00:01:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D0FA 15 KB
16 KB 163ms
51ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.viva.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 505902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D0FA 15 KB
15 KB 214ms
102ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.viva.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 00:01:51 GMT
x-content-type-options: nosniff
age: 220152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 00:01:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 194ms
194ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401160101&jk=275103510086354&bg=!HR6lHlHNAAa8BdJLnAU7ADQBe5WfON1BumxSkSXW_CgVN6hAiYH-LVxpol9AHA1hGjcwMLE4hpg5IeMLFeRPACmSKnKXAgAAADNSAAAAAWgBB5kCsYB2NrCqqK_v8FDkVrZI9TdXRZhzG1agdwjCBNj_-MBH9DMpHUb2hW8-I39IXGzy4gjLGj_hWXY0L_AduL7dqCR1La6QRIMKREQrEZgSpUbHQP_CIerJZCf1CgQF_N1hlLK6AlMpxTr0VldqLXyiWKr0wgtnpcN1tvHDBo8Isyo3VONIToceZW3f5xQptKTQZHaKVMdyVH5rgPn0LTAYPjU_3O6krrFCbSDAP-gtePEH0P0ZL63pSPQnJGt5thUSARaYUoVf4TMTCVHfX7dDx7bA-aCRMkUWtIuoYbK5Jro00e336_rR1TjTfWK9Q9IR6ZLjTIyOX4Xv1JZMM4KZLralWBrC3ueVmqELCndHmKUC8fNk0onh27U0jjylWEWH5UFEY1hiTBInLM_ZRnULz5j1k8jhnja0-D3B4ROujdilGoATL6c7JK8WA7BPpfUuCI9s-vKsOyNIhhORddVmqGWV7wXIcfkGcpIPvfGP0abdvUCOK0UELrI1dbZB5-Xkhi9a6RDH1XTt2o75kpGXQasopr9q0WTVdBL16RFNG7mU_Rh_vC8IWo4kRnYmfxFyddd8CAgWZnOt-cJhMJdtQuAEiFr71HiUXr8pmKWtofxHmUghZAY_bCnKrb9ieDLzCPrQXL2GdMVidnWEmd_Jeg31VSKksg4te6OX18SWEaPFG2ZxpCgGW4KiQ0N4j9bgF7rxO03IdbSealkmgSuNAnwMIRDchqhNktRhoj4QmlAqpmPpoPy_Qib4tLZJdPnXoJ9hLx0wLPlXx5Awfcttsr346JiCrRsObHx173Xt5MEaMn0JXmlfENYy7i2YaQhyBqZhuBPd-b1vkl3essmQFz_uqVgh6qSLGUwh97FcmRcHKgLkSLGYoPtXCRyTMGxWCGzzaYqJbhW8GZ-5S7TYL9PV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 24A4 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 145015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DC69 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84b768087f57a7c18074c2fe4ccb13641b706ee99dc2eef4138971d903716354

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DDA5 0
20 B 192ms
186ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7395854125314&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DDA5 0
20 B 191ms
187ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7395854125314&version=m202309260101&ct=76&x=1&cor=15290605411367850000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DDA5 100 KB
39 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGpzfTRXykTbYngkQEjPOcodnuxqt4sw0roE0L6d6eVbiFmSvSn6eya2Gd5IDAlZMnafUqDjg3EBktchNyolKayHPdtoIZ93kimy0TrNdqOeqBrV0tNzCXBc-YdOqzsWtgiX1xZjEyJW1llIDqytOndJxfWziPGvs1i88JWIad7h1B3Ys&dbm_d=AKAmf-CiPL_wpz527R-DFaqBt4SsPhJ_zwjxxAtzoGu4ZDn2rZZvhhEaefXqIqZ1Ef8XBFhpLu7nrJoysNtSD4L4J2tJn3mGl5-VFskx3inz5Xq8K2tXUYcyb7SCkh4r2WaiuFV4WOCRR5JY96M8T1Iy1wUusTn9AV9r0wu06XJ7KhVluOcdrZedOoHkWGK7y9Ti7LEBdibWOAr2EzvQlgdEQ7XXsXzu6z9obYCenB4hK3uY3vDLDquOTbX0kGfaosQhzxHAYXMLCe3lebfj9K_IC11N_DVmLdrt_w2gh-3lOG3weopQWRabdiy0OvF1DirNEKEDiWfx5IMn9SwGbCLU-Iwl_ZSn3VbzgwuCM7VCPavytZV5xOtKdCfQCMOS5PD04r7rQJp7nVL-3QgXAHfimpKezajLZpAOaAMjiCE6kqIV4nVFRuRjJqCJiBYO8c_8vyqPDMDLkd-45hJE1R-UZuLarze-yPxIKi1b8sNe8H9hFMLlUTDvoEAuiE1m54FnHMDxRIwwNWKZE1lB_rYlTMPdVpm9vjI075rsTZ399-fGhC_9OjMg1zVMuIuW-OpFyq5MKxHTGz_-R1UD9RYvzlwNXzAenftEsElxc3G3VqIYpONTnBZpraoshKl5iHXmYsoApHhk3BgPSQJ54odeWFgz0FJ-n0PfDjnk6_a-xqqpLldzFvobUoe2Z1MK-TF93taBAwqU5BKnXbhp0Vu5BSv2SN6H_e2_GmEUxzlkyCUiqnFszdDx2RZTmrWTcc-xLs7vnlhMePhbQq3_5TYZrxHd7IEcB4UENJjBYF602UO6PyeDLuMcalY_8Sr-SJ8ao5kPPk5CSSiKoM5M2kVwPZWww29Jv2CDgkIxyF3cwvDextRf63T2ovGf1OrHc6M5BrE-XTQB_sfGS4iUDeED9HXc81h5WO_nXEmvW8CTKDk6Egqph9Bo4PS4KXhLOdX4-Ql84LapABFotNDn3PeAutcw8VatjhdsnB8BQ7vV2R4GOV5pPkccJwGhR5-FTuvaemkw8u_sK9uZUxwOzpR8Ari_nD5m6cqT7u56AI08m9ocNsUn3Rq_BdN5qVexIuI3H5VzkkfbxY4_waDP8mLm9vvEHB4k_2uGwgh_Hqm6Ftd6f_1SzIH7XcEPmXOsqCM8P-LabStoZ0_5xDcdcIJSud3Y25szcdifgNJEJhVNRjs266HEvjtx8tG8O-2jOZqQpnsCPG5j8yVnYvWWjSlPsVXPiYeX9y2BnLpfXC_Omaij-wzT1DGgw8FR_l2cEBL9Atq3TaOkvo1FIzGLlsRJfr-QbjwSRjZfZwW0YqatDgLqD0mXJgzDUEL1_sCH6BdX1SHbmJ-huDJLYhq9V7FnW1P7aq-5R4q7iv63lIYpczdneea2Aub9_PDFWnFZIzmHBJMt54gxE7725SSfWGVtJBfxS2DrTbBqTA1h4pJ61UVd2WcrnelPskgkgR8DctU5hVKSOeHOvx6I3sA_Efi4xNek81srtnj_ALMy70sH9g-Dg9WuE4B_3jqsPgCEXWcfUCbsDDlZgTVg-sQZNEj41vEdqLqfB8OsxnEvCjfNXl-MmUcbHhRRNRbCAjbpFlSL-kncaWkEg0acVTTWroWwSYUKfoy34jXXNO05JxIVBGhyEtPkSPrhlmzR5WqmVel9BB48QvGle64_N_RBlUBCO-yKhPXlsbzNiKhkf75Fc9h1cgiYiswUR0cWI6hJM2pmVJrG_D1-pmBsB3iOtXVPMO5BF2jHTnnqrbZ48eMhoEXD-2W1tTYdq_vZwuzWlyfkeUhLVGxYcQAXObzN2rxzG0jxLZqsnOeK0G8mGx2Fjpw0uwtZuc9Hlp2hhVwgHI5-28bOVI4r6mCpe_paj5S0bvyJgmdzKi23nGNsLu42eLj-k76icd-oghXsgSM5d-5epx6uw4L3tfsNfnq42b_Gc3d6CaXz-j5xk99q_DbZ3T8_acsera5iu2iUA4OJmBVmhxGDsp9SmqVNdvoTthZ9Jpgyd8si_gIgYQQNeAj3ZY7y0iVAOfr8CZvUp_AdC-eY_p_PAflwjb7PZwea3cE-GQXlX1ENF1u77g5-kQDexlQjqLPg1fblIW5aKdv8Gb1i4oLmHpPq8c5FyZUxq9JTS-6KWkXA7oMMS9_dRcDN4RcfdD2bBSnLGq5wc1wgahxigj7biQtMEym8pCPeAY6Khd7KHep6QyyRfHv2W_ZtmY0zBOSSJyj7ZriNX7JmCM6qFIY1LH6ETPyYec2CGdBwe-dPjfSBAOtQeTJ9i93cz89MaF8xv0WzVKO8I_1EwgPLeVo96PkvWyZQQNFv_BQGysDx9J-uZXVOHotS34VdnKihkwbVo5wRQtL2m9zwTyf8pz1lqyCfVNns3DDvle4PWrYyxbkLND5vSPwwpnIOVBEC7qPf0AHyxHIo02w2YtGnUJfvYuHQ2jnM7EIDqndcdkE3ykEpexco94YtAKkQ_qavQOHEdUGtECM8ws_ocO-KxAjvdUczLeiYekHPZokx06zv--i6glJzq1PDSWdB5nhqAUV0NhlmrJM3rOn5ntA6tPdcVf92cFeh420AiHa2xL9bXb57_BJaykgE4mi-A5amQYHkY7BqN9Z8HXD22wLREd8zuazBI0unE8uwKeCuTrqm33sXJt7C_FaygDR3oHtErNQnEtllukf9vKrw0PWMvjQqivXj22FztVZ2PF72bwKuk1FfQCAHzR-1qwcY6i2HKvK9lbw2en_fpncOy2gRNy16pdC7K_uIAeO8sKGZEavbQLZp6MNT98Hve5jLf94q8ZKXpkcito3_hZz4wOiWkgMruWpW6NJlk51-EFywTCt7Yb0kZjHQcHyfwj5eEHlZS7HuLR_-0a5Q5uOeV6gQ3fLxgXlz1toQpxh26aPG9uM_zFtgqR9D0vhFvR1wIkV-St49cbykH0C7yKtJLoU5pPd474d0YiVQDcL10_whtofnszvOMRovQYCEhPewhlk7wzzXi2gPLDOfb6Z_o_MTPxQ4aXjPShEYLGhqOo-OdEjGXPX3_lnv9hBViBZTgWVOffR4FAbOX4BprKFRKpeznFMeMqs0xe6qQI1N1VVpOzBOQaNP0xMUOovcB8AHX8yS331dUr8KzJJu3cHGDgye0q4pjdKtmo6IsGBbt6LGTeCELHFDhX2Cw1pFHB9ZNk6gLkbmPmwYxStL0CJ6hmb2qRvbtsul2Owij0mr_M4beCb0AwCCD6pwRoT83e4pgGm0dRiVI8NdHGBBwOeyJXBBcztevDSBtc1nCDIPzIUnWM78xhFrfUW3pKUBonb70YMj6XzOKB45YDmnHEbqGfHLavAS4JkM6YSXs8CPUPJdADfTxGBBwxoFNNaRPgEZl4nizcCGpxnNk-oe8L-XJ7FjzXxMnmsa5Y6_r2Rgha1H1NSXoOGborv_sqFnu3HQ4pc9wgTZdIngyqn1nIUgwpliehWMX2-c1_2nGt34I5NIDSMLoXwnph_AX9MxvhUzCkHheiFN5JIENqZAwl96h81zYoZrPGmDlekkrnXQF6LZWHrSsD84ClZpDag_EzSIsY4H8cXx0G0pEn1fBm2rUVNblsT16PD6B8GUh_osNZM5M-x-0YM-Hg_9-_X75MWbjnTm4rvXB5azNlPrLuEi0tptpvlKfKnv6RKa1RchgHok8PriJ1XUUT-V6AdcQQr0Mm9mODG_i7QqcnFu0kEoUxQ23syjOgXu-0NSQydpnfjgE-ID5cnM2TMoxkdZhktYQqFfXrgmbjIE0e5U5sy-AXDO8wsTrfDkDxe8gG8csKjAWdF3iUeZDSeBkWCNLo9JN4QGJa0cSRaQWLV4q91FZAhRpB8aBt5xKB7DRmPlUHGRspgsTFbyk-MchNhuWSgKg4e6IIwzxWy7y8PL4i53jPCqyxM1cURvvvktPVkCIGpHXjyJcNJH_w&cid=CAQSTwAvHhf_a7IcebrF4IJBQoIg1P03j5ZmeLvqQ9cKfg8Xk-v3mrUyN9U1ql71dOXIT72J1aOxK1jDPh1ccP9uQ6rYzmAxx7cyhrnSY1iawYEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.viva.co.id%2F&ds=l&xdt=1&iif=1&cor=15290605411367850000&adk=943508964&idt=181&cac=0&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8c130da0cd35c484e842b0b3ca4931e2006a33d687950cd400dc39728ed41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39924
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame CB0D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

74ms
73ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.viva.co.id
URL: https://www.viva.co.id/
Protocol: H2
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A88 0
20 B 186ms
186ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=103974954717&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A88 0
20 B 186ms
186ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=103974954717&version=m202309260101&ct=76&x=1&cor=8977530660215219000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8A88 93 KB
38 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9h5mIP304VAvBr_0-prmJ1FpuXl44jqN5U6MGiB0sVU4dsDpxmKBw7iRXirmJ-ygBpy722qM57JCyAOixmszrH7yldT_njKHIj_UPdhGpPIlFup8j11qme0qF6C7ZtPpmziHTiqdDMtQEb8jS-_nCC4BejVhChksGW1S8NPj_Dxq-nWk&dbm_d=AKAmf-AueXjwr39JeDhq-C2tQ2YGXX8VPBTcKhpzsdjRWsGK5OJ9lpvUzw9wgktkjUnaMK1KUzOaUYYOF3YeJXPnM64EID3X5ZsGC8ajZ9ILOM3t7O9asIzVgY90Sqcj-d4ZSi_EZbOHFE6fIogOT6HK4GDL-MfNpJz779KN2eK0OrsAbuNY8QQhzIwVF83zQwJe9UaEf3aO37LVQPygDQO9f5kBBJfo9AzrJem5Sn7Q7WlhJQ7aPQynTLtDD1uUAvgbfiTtwxdmkx3JCNjMxG_fwSEMyTsR_Owebs1cCgEm_WjmbcchujemCbl6G5MJ_Wwa2edRVMk0oMHUuttwOulsDmMJP6WTzJEpusl1zqqEHQ12ZJ1HYm3RXhUKTvLxsEssgjVVu0U4WfOWABoX0eoqym_kpUxYmdvAeh6nWO-JktISkFuhOIgoDV_9-0IrsYSxEZvUfmKlgqFnvn5b9ywh08323WkNku9ZD5ZckXeu3LzbHRP6tozzjsApRFT3j0A7iwTCUdyDoOcbHA0zVRDV8oLYg9ruDguis379uzwTn61eOrd5D0jVAiQ1pxlMXXTFum_8NS730w2DPRpLLUXStFmWddY131rmF4fa1YIt7JZJVCJjnmeMPPrYAn7EnCI0t46tox4Vx8XLareSAQ13qEfSCXKg9due6HDNsB8qk7CI0-Lhv_B5BWYkvDEqXEUS_EY1ALzsMr3MkZ8CdNSL3hSJXIR7UjrSpYEZY0ZcUlzV04asi2ZbyOfZyvSwwvIIsn6HLUm3-L9edAh-jSpsiY6BrgMGJIziEA9M93cFaM_K6JstrZKH1toF28yWXqZpZFhDWR1eQrlRrVurtpi1Wi0kY1SozbWiJhlBupslK3W5jlMgqfPS1we76I2TEfxzpCiTz6LXEzmYeTLHwQ7bM-PkB9857BwrPb80IXIQrR5cYfKOV2W_p7mufZyQPOf2GY4eA6JPtdrFbU1y3wBNG9kQENzl-D_SIB0CC98HL6k6CwHfGPDoeqX5-naO30moa5XnYcwLwWa9mNNiFMrosL_8yW1BsUjljGyxEi3_X5L4umFAKy365YeL02NcrVVAC67tXnAmJbXUDz9w3MKBJt1flw7759F-Msi0v9WFMzDq2jxqi-lgUbwksprS_nuWVg6ClbrTWq_jprj8ql76ImwiWGMohEb2ekeS3FLOnHv9sb_b1mukniFQYMmc-MZRkSGtj7dhoyMXjwb-jlVqPhHV5dywyZDGnlglvOwhsHMz2oWuX3gDyov9-D5OHKOMhur_z0pLR3TZvFL30cFab2JY7O9GsJMPsOQebNLtTjqcCgH2Vika5VtkHkwC6j_W5ru7vc6GPTQPYZameSt-_T7jyXXgo71BnQLg16B5pP9HGPbMLy8KpVUxVTBUQJEq9A4DqbmidMjKam5TCSaztp9pSxuiZs6YKV33tYK09-XIR-K2SNFct-enyg6EkCftftaobXdtbndqTQRTmGb_Q_fW7Of0J2hcSaRwAGfKwGxBJH-LGmIqYB-ranrHgRj_AaQIx6s7T_6oTR2wxXbovRDcN1qVBETJHDV4XUqbFjDEVbdlGc8hNaMq9m7GIUcqCXORIDe7ZYlscfYcIXtNwfWK1-99cq5gjNw7JFjpAgmxuvPT8gGBf5ybJvHeTnY4Dki_cYtVUoOvDdOQkKfy1bjJsob3RlLmqS-QvMC_X5LZWDQp-o_ECN86xwuAPPJ9FvxaCoD6bHGNRD13kLRgS383KUyfkIE0x0gyuKsh0ZGDI-Lh0qqdNHn5GQUVKAMlLUXlqn3rlXdNU2LfVmvXXJZCaeparzcAbRgFadD-rxZnAMBE6gYAWz9enfHs7M5F5XzfNsYUzYrItdybAIH1ltbQc-3NgP2DmhfR7fSN4nABhQZ_IW_aIvDj-5L7-debXBdDlkxx9ZOsrKE9E-pezIetQW8sv5HhaS_2UButcS6f6obu2wD7BuKxIFAhtSUwuR-m0NMc2YuJPOs09C16UcelaNMHXjfodK40tZ7TDyXL09tch75kZ_y5gkdjPwC065Kvh8gKLumSejo37dWj9zP1oRUnSWe0YH1ACeVUT9FtE901PBdFRBf6JED13r9gKli6AFrzIh1df0jiSxdx0Eq2Cnl16s9J5mqkTtg9WClZ7mdVDFTnh9bTqMeY2H8RmzVXcMMJm2B0Gy9xD0I8kfdrHFF_CPoGbC7G9OW7pn7pgDPgRA3zy2_nGEHR94NogkZY2sBGHmcew0-GfqeQ9wOfLGlXaTnC1__oC1XEy1YKUnQajredVAt5c_E_Mgsl-gmcvR-cQfliigieU0mZAkqCB8djFhIDjl8q1sX3CmbPix9VIUPAvfH1xaHKynniuoFcKsDCMB4OKUuLuuYvyD3lbjygjhMJAmssKAmjwlLgv4Zi-Z--kfDxmIws1GF4o7IfIwSIhFr3pQcJ-Dsq8OhROTxJKHAbcHddS5AsIL5sj0E0XY4cUaXtZOQWnPkTWer7EbQaGDK3UOn43yib2LEru5nFO2-fjpkswZt_pHq8lYMBTkiffHeWHlmqWEQX3wk0fZ8O9qX2fiP7uws3s_VIk0lKQnNN2tRCwAYPmYHR-U1QQJzcwEUVe524b-cnLAtv8SvhHE2ifb4vsiIYwmlXoKRUDLPnELg5mOtssqyIxHCk036c6Uh5FYP-5F9quw_d_ugDuqQSWzIRTI-eiJN0Ywx-OOaDCBSK5Dujj2S4y_iACSMN9_cUMdfp67oWjDpev_MBSUm_W52Uk4pjGH_OpG0bge3Jf-3DhDEQAKohxuPfVH2r-dAD_CFHtvdSt9syJKcg5kqBrHJ4JzNd9kFhWOw3QMh8m66K23C7GuAo9YJEgxEOQWpsldvJQN78xDh-_CAvyIhwet8ILIZ6zkw04m7NfGEae4XfgRt7luER4BCUq3Htd8hX3iu4tMzMjxlHD8VJOjgrAgz2YUCl50sWt9vdhNo6RHNW3liDSIttmH_RuAOEKOMPxGXiWh-aPD3rA9Gb-_2jS0RaOWeg1JYp8ts5UGNoslOixThLh70YkqX_ZqRxGbFXejTyZSW79tWTmXD0_LmvKn9Y7Ge8XtGM-0uMHR7hKrgdGNg1ePWUL9XT-TmtL_TUOxdY99eHkuLhJ5q8jlZeZwmoZDxVWJPeIw1PQdDdCwm9qfx5oNiueYodEIXwS2dVrKj7yAgawV9XgzAZbcE7NrU4WEHwHLEqKRo7eBGlBA99xZLbZ4gRRvD5GPNW7X34mQhaWJdjiGwhbctE0jzbsJeL5YhXwuoGtV0W0wwUiwvGeLLt0-9MzAzrjJ_dnglLbqQtPlyYIQsflAifNbF55ZosA3iiWAgPCb0kMMBnT1nNQrF7LWm4Tx7NdzB8hh83Y7ycYFRAwqTrpMD7Zi7YaUsIPNcnQylg4YvXITkSycNLmOQ_E5noq7P_N6bRTINLE241LCC9lw-Yt8EvVWABVqEWJoG3P2wgZEBUXBpcgDtXVOjBiiyvaIZd3Rlya2kCEAHuRUMsGeMZ0KWEsSy8f3nekh0tsM4UObCAuIs3ldVtwuvcobU2FSVhV025qdlesuF8-rxNmBV69WS4TVzK3QwyO8w-pNRrn7bXWv5PcNtx9izpXVXnYWUFnu0MFULdZK5kFt6N5PTxa9rQet99o7bY5lA3cJsbCoXmKvASN-WL7-nBJZq5o4IlOF4AtY1vwH_NI77yqPM6YwRwIvV7TCCUTNNoTjm-wTheLg&cid=CAQSTwAvHhf_a7IcebrF4IJBQoIg1P03j5ZmeLvqQ9cKfg8Xk-v3mrUyN9U1ql71dOXIT72J1aOxK1jDPh1ccP9uQ6rYzmAxx7cyhrnSY1iawYEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.viva.co.id%2F&ds=l&xdt=1&iif=1&cor=8977530660215219000&adk=2515327513&idt=247&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f05e51f708b643ae47a73901b6e2d91e1d95b7d2c4430f6ea233398772da69ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39197
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C30 0
20 B 192ms
192ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6514038712328&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C30 0
20 B 191ms
191ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6514038712328&version=m202309260101&ct=76&x=1&cor=5978295940392062000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2C30 93 KB
38 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4UZRJi_BJPvuMdejXojug0HTUpmGoPLe6LWERDvda0GudViJDY2dDlkAiGghiCaVy1eyhKX6YShTmjpDHeuP1fOnx8pWr9zRhi3YJLuGIe4K3DfxRqfSGXYDSZnP2GQO-8Xrg9Xzmhtfspiy2_YzS_SwS4yH4YJv-VTF4OnPPgV26pGw&dbm_d=AKAmf-DvWKDeauSUb-Fam0LY4svDhr8TPG5Et5XBuGcpEyvbkT6xsJS9ej38_Os9Vmx6boEtQxqziCrjUgSPka5xY3KxhC-tcUH0YIyuI3HK2RtyrjlqtqjACnR4bbmnCLq7B4DBo80AY2HeHzG5-yIJBJNUd7gWtb_SzEB0VOngUgo5LW_iKIWqaMrC5bvE6cDRhj6fo0pmjM0vnVrx_4ZL-i81YlRuSZtIlCQGKS4PhLvohpLGqsz83ekPc81VjO6icmSOLQ2bR_nWfTIBndh8hJ_IZUom96GCIpsUbypQXSEmY76VVTYa1UibVc7StxR-uG6lbolGrxesrpE8ZWBnHrpr0cYbPhU-XChotUAMsbhEt7_zI96GOaH8j-7mX5tlk0jIMxEyZPHXm2beXfECd-K8pDVDHe9uGJOCPTDnDqDPf44q7wAOfbCp-g-QZf3g_FEjeT8vgykG_WJWnodDFCVffhZwpNDGFqlzRG0C-Ogw01qICvTu2T7Csk1B-lgeeWh5XBhSkysH3SUUSNWgOP8h_eLvsE-hAKsHHuAK1059hDpE7LcT7dbh1ZtY671uYGz805ukgyY8IAxRWg0MDqA8NJ8R6xXMNq-v-3lO9t3RF91Sm3Wpc34KnZOmjhLb2YSRcH36pYVj8Acha9Gl7KnF_dxSr7mEOQzulWyawYvYY1Rv934NpVU9ROUQI0wytibWl_IIgvEnbPxnte-cCSl7Xhr2Zu20EKdkGYLUvGh6pWWZYngrenoYmoMfoKg-olRlGUw9pfohce_2N_gA_E83gw1kr4WjkmTHUHRNaBSpWLV4llLU9u0E_8u-zBOxLCjDAoxXNDgOA2eB7wCtcfMNpFYlEMTD_yWz1GsEH5vWeRyx4kePJwOoTH48rSCpTZ7t62oaYpqLB0sBVKkxfFjAo6Bnehi_Pa2W9FOFq7lvZNMF9_mirCeZyqCDOSr81UgNoMFXn5ffq7TaJo5R595F6DY2j4BD2NioaNnXDFeOkZHfxEN7D_hC70TiZRqVdN8J0qe7omDQfH4mRa_xcHhTPZV7CvsLvvsMiO4YRKANgRtww5sfSJPn1fRxbW1e9z9SlmKXouDiCDMFbjinQb9uUVS9a5hic09yDcunGZx_7k_Mzkyn3f0K8vjWRU-eBtLgzFot8k3vWI-Qui9yHpuJwuw6wNyWqxmKWm--EEQbs8ZNXMs5RIEqe_ausJ8DfqAn62jI5PTsRnTsTbLMTto6llARebv3wK9FJA_klirXfCksCWEgDRQZCv2Hsc1fClFqwYWeV3HfW8b-KChMws3C-QTZcAaYNEF2-ryw48FXSIq357IgxCDO3BkWnlJryEfrDG-gjRy1Q_cvIcOb50r-YdOd5qEssmH9wGGasb5KJP9J2pXft7AUL5qHSwmTDLAXA7Nwy9sILtlZVh6XHAydAyBPfTgtWwTBRwl04AMnVjhB84XbuxZM0o-ws3NhI0ax9WYXTwSTEAHBfIFM7WEfxUvp9HdA4B_Y-5HPQgMd8X9-ulXS4x5GIZyjuA5pxKN14fzq7tYZv6fvhiLg5Uu7gAvzEfBM0DLGiP0zZN_VjuvxH_3lHw5eHsBrk2MnZLeI3rrpmODRlYHn8zwT-UAnllxJn8mWBlNf4yegXAPCIT_WPNvjF66UEm-q3HFpJGx2gWgpjZHomzXz5yfhPUMM0a_aS1pAyVU_ZeNB-Oe6iH0xzQ06xPPBTqBAK6vHVLMHOEOJDJClUY3aCO5XFTVCs2eaO-Hnavy-nFs6FQPIsvIOeYnrYHYyYXhQoLS6qfW1F63GjAg3qgFtVHS6k7wNtkNSg7X310Di1eDzGSnvQMCe2u-De0oqGWKct3Y7D2wNDgSzLbZOzDSujSztlHaY7UIwuSE5UbnsIoo8bVO9YzGb_cyXULyU8PA_fPZmnHDB0WUCd6iSmvIMHG1tTS982uP39Kgtw-C8zGAfkE3GmcK04UAVRwjoJOAro5pCUYbOGtU5ol6_NkNrtXquF19aAE3GFh9cslwTPuE7cKf2RkMfdA39xqyqe6zUpmKWUYIV2UwvSonu_hvAhwF1qbFNETEYv6Xbmp1GU_OBTKD00RpPXJLupTgJO-pPw_uH4gXuX7Qm-NYXqCv88Ccis-puLPcCfhhGQr852XcpsXnZFUiT62HY4wznzu46OjIlB7Q1zc8QHDbtl0W8T7sjKITqDUldcmPfPHKyrcAFBj0rVLte0hykJGU0VhRpDZCa7SP4gXRcwkbWTULH4Rm9Jq6I1rpUFDT0ge0rJo_ja-HguN2MBPsTJYnxw8v3GA-91YCW7Lm7LwCDnemuSmfjPco33W8FPMdjp0DuyUO7xYZso-4bL29Cp2uwDzKWhDxqkeVLJWu1TJh586xTxNNtZreOllOaczwvDmBx31aY6t4B2Af9uIm4IqieFld2Fk8XCZUKE4AA3UpN7_vxljSmifD60_ZEVHGRZVJ9BrBpoDGVfmVFmidCiF1eIVd0-pnBew2iuOEX4TpVU3CyYdgDllUk4f4r4ZqOIN9oaqMS1T9JmJh8QEAB8U3B1pAkqjnpZXV3f6YqGjM-7J8Sh4MMbVvsDpnOVcyDZUZ9TNrvMKB_lhkYpSNQwhXpENqubwlbrrn8fu2LuM2XtwYU3IJFgbDrWKoLf0LXBwVHDcQT3jfpBJ9NJfFIimdhzQ2cW9SE7rcacuy2UNgkxxV6MUw86fA3RASBvG_dac2Q21iz9a8sGribKxemmUPeDgeaeyUUnKdt6jpuX0MwGPeTp2esgUAzhPOH8sl2f8PQLCVRNTh4JBm2CPR7Odg_URhaJq5SHf2CbuAtYr4_s0WtdMm-C3w7bCJzC22cLvKylwljGGx5VV-LZriWMGo-5r7BD2CHlqYQU4wt-8QFAXN92WHkFTg8yD_YQcPgnCJNQS7W1jV0ks6IwvofbUH_fCNtXMirmV5yz3KWR_bbi5BYPQzGEp03iSCF310xIHEuepV2Q034k7MKmQdc6r8irXEDjbur1zfY4x0BJJz8kYPGmSj6M8WsjIngCs7Wm8ZtHZ176eVdiHQglXlZNoYNApeIAXtD7y-EqHiE_7heS3k_Dls2x5QW8DQ23iA3ySSwedMSKhu_mp5J0gHbPvF2q60HfxsdjPgmMzQofHm2giT4iu3vHfm0ACDJs2q3yofes9TEAummRsKqgY2Frw0lpgpV3pcp1_xHA1k3ikhFisItUi6CEs__Wso0NcUj2vP9eU35_2JsBWpPk8nlvaCkkWS0Zt4m7O6OXBYcHdUL1mNxKICgISjaeqSAT0AT0fDw4gVt8oOmkvaZTiHLPXgQSKFTGBvzAGoHlnk2PszE9fW3iASliHxN9Pn5StrYnWE-vTeu58C9G2zOc7Vg-ppEeCkpx3smUEm6hWUQI5K_um3CQ23BhsGLKQ6BWwQGaJiN0SiNMqeZr2-U2kdDYDIXtfpHQzjXJ6SrGuYtmm_A1KAN1tKB0LBgTTqwU3RhEMCyz4bBcJ96MMCnlSnBVazZOf4tRswgx-4qkMaHWXGNGX5jtEOMgXKEKNi9X-iIOniw68G8-orp_xjsZxIo-vohmWT45AOzOM8HeAi958Qb5xVzEnA6h_kimwW6Ledm8qa6C3GdNaY3ncyf6Hddrh-KG2YMVlD4NFBCejodh8ycmBEkt9YW5G3MjBs1MtJ7_APIq4IdlF9PHKA8UCIl0WOHoDvqPqGXpv8fnP-0OtbY_i1QGC55gjm5ry3xvQ&cid=CAQSTwAvHhf_a7IcebrF4IJBQoIg1P03j5ZmeLvqQ9cKfg8Xk-v3mrUyN9U1ql71dOXIT72J1aOxK1jDPh1ccP9uQ6rYzmAxx7cyhrnSY1iawYEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.viva.co.id%2F&ds=l&xdt=1&iif=1&cor=5978295940392062000&adk=2004672171&idt=238&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

273e821545a2266807e6727a03409dbf5847d4ea9e9772c5a805b8a9c0a6d08c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38972
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0C5F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1

43 B
732 B

66ms
66ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIWWy4ECMAE&v=APEucNUcocsgC_XxngXwzWg-7IYCrDTL9As8vxen-t6n4zLjf97mDmq-Xx61ZGF-QAa5V_v0LKHDlW2jBX4pvwgbNQqgy5Mu8HKjVzYKCIbQ63Bw4ckKk4OGlMDslyJ3xDk81dzZZEUYE-LT3QRuftKZ1C4H9DZ5lMPDKLJsPeZAggWO96LE7-4
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31%2FVUeMIDYwo2GJbuFqDecbGbdKn0%2BPMDrH01ed%2FN0rgzY3hJ9GoaQzlGuUtoU6fZFY7%2BMWOZboKw093d0V9tlCKJQHroEDF63szOTQ1PcU4zjaC0mY5VxK8ssRAGmIVbApVycMEw3t47w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e62e5c58f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0C5F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZakjZhCKSxXVFVI0l.NevgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2

43 B
732 B

83ms
83ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIWWy4ECMAE&v=APEucNUcocsgC_XxngXwzWg-7IYCrDTL9As8vxen-t6n4zLjf97mDmq-Xx61ZGF-QAa5V_v0LKHDlW2jBX4pvwgbNQqgy5Mu8HKjVzYKCIbQ63Bw4ckKk4OGlMDslyJ3xDk81dzZZEUYE-LT3QRuftKZ1C4H9DZ5lMPDKLJsPeZAggWO96LE7-4
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJE2L9OCH%2BfxPItOc5htSfZRRXaCCCIWwos4C6IeAcnZU2pQVrDypYqHhCyRrDWd4hC73VQh3h45BlQRWAvPJFH9iLhL4GiJA3ptxfGFZbxYATEDAX%2B9219Cp3UuPIYKIFQlFZdid6sDaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e6f81d58f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 0C5F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBiJIaY2CI1Jg-lQKjX4esk&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1

43 B
1 KB

50ms
47ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIWWy4ECMAE&v=APEucNUcocsgC_XxngXwzWg-7IYCrDTL9As8vxen-t6n4zLjf97mDmq-Xx61ZGF-QAa5V_v0LKHDlW2jBX4pvwgbNQqgy5Mu8HKjVzYKCIbQ63Bw4ckKk4OGlMDslyJ3xDk81dzZZEUYE-LT3QRuftKZ1C4H9DZ5lMPDKLJsPeZAggWO96LE7-4

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
an-x-request-uuid: e9b2b5f2-8112-426d-8792-014e8dd5f628
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
an-x-request-uuid: 647fe460-8984-4054-8bac-3557a8a60631
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C5F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D

170 B
188 B

55ms
53ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
an-x-request-uuid: d4213f4d-8d0e-4374-a680-26b9b343ca03
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D
x-proxy-origin: 80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6119
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1

43 B
734 B

73ms
73ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYvviFgAIwAQ&v=APEucNXY2SW9JfBiUbdGoc4Ffj8oQQBWBe_74fBVZLtxTfFqg3mnaFN_qzTM2OdZ4pthGjh4RR3cdtf-kYcB_AmdwuQoIbaFeAUJORdncIUBjbMjwKrLIW1oyIntQS04EPfHWnsKvRlfOAy-8xQRjZvXDWYMTWilkTI3HbwFfPeDuvg-CCdYZD0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhelCEnn%2BVBIqdlRvZOx2yvz5rCnFwTfx7ALiza3zR3QXFqv5xV3sHiekvtK0MqQxiPp8gcoimzAcfJukH6JP00GQnfqzIaB8U%2BAbiaZIlTR8%2FoCnp8TIcYynSaFO3M3vBNwiBWOOKCKtg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e63e7258f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6119
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZakjZhCKSxXVFVI0l.NevgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2

43 B
735 B

162ms
161ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYvviFgAIwAQ&v=APEucNXY2SW9JfBiUbdGoc4Ffj8oQQBWBe_74fBVZLtxTfFqg3mnaFN_qzTM2OdZ4pthGjh4RR3cdtf-kYcB_AmdwuQoIbaFeAUJORdncIUBjbMjwKrLIW1oyIntQS04EPfHWnsKvRlfOAy-8xQRjZvXDWYMTWilkTI3HbwFfPeDuvg-CCdYZD0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FVDn3PCZwACOacpsXWogjEiU54T%2FQKLYXz1BaWe3QRi9pcmK4Sg3XtvFHcu7Uy19YgkwhMoyjYoScDOOSPd%2Bui0T2JpaUGwLqL1NWn3GboxGJq%2FpA6RzeZvf411mgRHY0wzVXUVbsovFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e7894958f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 6119
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBiJIaY2CI1Jg-lQKjX4esk&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1

43 B
1 KB

110ms
110ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYvviFgAIwAQ&v=APEucNXY2SW9JfBiUbdGoc4Ffj8oQQBWBe_74fBVZLtxTfFqg3mnaFN_qzTM2OdZ4pthGjh4RR3cdtf-kYcB_AmdwuQoIbaFeAUJORdncIUBjbMjwKrLIW1oyIntQS04EPfHWnsKvRlfOAy-8xQRjZvXDWYMTWilkTI3HbwFfPeDuvg-CCdYZD0

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
an-x-request-uuid: f8c8d3a7-ba6a-47b2-bae8-125e21a6a072
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
an-x-request-uuid: b2a13553-44a8-4758-b486-70a56384f64a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6119
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
an-x-request-uuid: db49f161-3dae-4929-8940-0ac7c944f0cb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D
x-proxy-origin: 80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E66E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1

43 B
735 B

83ms
83ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNWrRyiuKbMPFTyvlslr2IXj7b0rENJmmOHiqVq7YqoX-vPvnrL8LwQQuBH5rNSMEVs8GgvsrLER8dD4RwaSFg0PTvr-FG5l8xM41u0zJ501hekV9ivwSwQQCABqTXI_P9MnrHsHc4BYLl36AKOCHgLxiBMhKnak0iuCp5EQS0AWjDXsLwo
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Xf3ejKvvxXyQR%2FXMa7V6Lrjif9JcnPESnyNQbJs7V0wLcH26%2F20wktfhmDkiqdFHLOpdqW41HSNkSgTtu%2FG5NLIV1Til4fM4qqf4ed7bjRR9X4UOYTZ5qXKpVOYE4fMomb%2BZoTuBBkjVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e63e7958f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E66E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZakjZhCKSxXVFVI0l.NevgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2

43 B
733 B

78ms
78ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNWrRyiuKbMPFTyvlslr2IXj7b0rENJmmOHiqVq7YqoX-vPvnrL8LwQQuBH5rNSMEVs8GgvsrLER8dD4RwaSFg0PTvr-FG5l8xM41u0zJ501hekV9ivwSwQQCABqTXI_P9MnrHsHc4BYLl36AKOCHgLxiBMhKnak0iuCp5EQS0AWjDXsLwo
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0md2C3L%2FVjQbdkJWOTrMCTXyt0vr%2Fvi2BWn51M07W8lW3OXVE6UFE%2Fi8Dr1P9ezzkIKvpMSTn4RO0JlLR53YcJHhtBh%2F8nMBU2L6hWx0yYi14O04yofs7zEs4jw2KL48i2UYZCu0T1z0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e6f81a58f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame E66E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBiJIaY2CI1Jg-lQKjX4esk&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1

43 B
1 KB

110ms
109ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNWrRyiuKbMPFTyvlslr2IXj7b0rENJmmOHiqVq7YqoX-vPvnrL8LwQQuBH5rNSMEVs8GgvsrLER8dD4RwaSFg0PTvr-FG5l8xM41u0zJ501hekV9ivwSwQQCABqTXI_P9MnrHsHc4BYLl36AKOCHgLxiBMhKnak0iuCp5EQS0AWjDXsLwo

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
an-x-request-uuid: cd0dc9be-c914-4277-8d8e-d8896ed543e4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
an-x-request-uuid: 4613a390-d6e4-4fd1-aa0f-e4a68ff2e826
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E66E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
an-x-request-uuid: d4879176-760d-4d4a-9cde-dcebec422e91
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D
x-proxy-origin: 80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5973
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1

43 B
734 B

88ms
87ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLify4ECMAE&v=APEucNUM0XB9lFiYu4H1XNwQSvnUp17gRDMZR15kOk_Ia22QUQLTCJ783gdCtEwf2Yf-uKklIE70Qx0qvFg1D6oS5OJzgloPTZTYKyBgtSf53UfQ8KUIrOYLD2cgQoXQQ-nS89JTWrsXUndM6BkF6MpsivSX8Ys-rSmwvmC98xl5rAuDwTqfgbI
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mI0f3Z2XgERbdUCioeERYNcVvJeZJd97hTaKNWIAx4sZ%2BJWhaLqTml3ty2ZdM6%2BaD4%2FBrc0tLoycnVzCaTLK%2FusR2HyD8rUasWXP65qm5wsSPgHRueQT%2Flp2tQoRFrpwGIHF75Trqzg3dA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e68f4258f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5973
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZakjZhCKSxXVFVI0l.NevgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2

43 B
741 B

166ms
165ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLify4ECMAE&v=APEucNUM0XB9lFiYu4H1XNwQSvnUp17gRDMZR15kOk_Ia22QUQLTCJ783gdCtEwf2Yf-uKklIE70Qx0qvFg1D6oS5OJzgloPTZTYKyBgtSf53UfQ8KUIrOYLD2cgQoXQQ-nS89JTWrsXUndM6BkF6MpsivSX8Ys-rSmwvmC98xl5rAuDwTqfgbI
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0aesAlX%2FIzwOHMQbU9M%2FTG97xfEoL3p0TR64cArFbtiUkTlwbxG4LE9tDDKfvyyNavWq2%2BxJ7E42UQM4wDfk%2B%2Fvotwm8xza%2Fy%2FXx64idfRGCX3N%2B9ovxiCM5a%2FecdjIgk3hdVXfB424Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847714e758e158f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOwuu6pLkQTYbnLokCD3SRg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 5973
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBiJIaY2CI1Jg-lQKjX4esk&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1

43 B
1 KB

49ms
46ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLify4ECMAE&v=APEucNUM0XB9lFiYu4H1XNwQSvnUp17gRDMZR15kOk_Ia22QUQLTCJ783gdCtEwf2Yf-uKklIE70Qx0qvFg1D6oS5OJzgloPTZTYKyBgtSf53UfQ8KUIrOYLD2cgQoXQQ-nS89JTWrsXUndM6BkF6MpsivSX8Ys-rSmwvmC98xl5rAuDwTqfgbI

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
an-x-request-uuid: 00fa6e3f-7843-4b45-8a2b-9c29abb8fc88
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
an-x-request-uuid: b5dd90f6-8ddd-4cd1-b185-027f41cf66e3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBiJIaY2CI1Jg-lQKjX4esk%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5973
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
an-x-request-uuid: 1c24cbda-36d1-4e8d-a037-762fa88ed40d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODE0NDY5MDQ4NTg5MDQ%3D
x-proxy-origin: 80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D139 0
0 90ms
90ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGuu2ZSOpZZ2NN9L63wPa0RjG4JKzdd77gdy1EtugtY7FARABILmhuSlglaKfgrAHoAG4wqODA8gBCakCWQWXWctCsj7gAgCoAwHIAwqqBKACT9D8gN5CxVMmpTBTPnaAAth8aXNmNtSrFsbiSSbLevXjWFaSm-pQ9q1XDm3Z-cNFwEv9OciJlvEm5a0cZ5bn_pJmK5lhRvwKGTD6r_aUepWmCslxPrqezD_eBap6EKnUSOh-LcYq8G-8ElM_kalAR33gI-ReLi3zAziFTubBlFILfY2Ea-n-Jp1Ek-J3c9qaP1vbvR4ZPvhsZAUS-o2Q4j58hBcj65AQoRGQN5I0CgVVTiiZlCe7y9zRmt4nMgdX1wZKvTr_wUEgZZWvNEsdq2tqcJKDyC5riyxdWyA3ZY9JPnetj6F1VLK69ph1C8KGxjRi99fgCGla7VHlcDGIeFvx2X3lhUTFcamcviUo2URsqhcPmlv4glZrxpE-cPKSwATTq6yQ3gTgBAGIBdTNkuNNkgUECAQYAZIFBAgFGASgBi6AB86a_vAEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ598P0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljdzIPDgeeDA5oJOmh0dHBzOi8vYnVpbGR5b3VyLmxhbmRyb3Zlci5kZS9sci9kZV9kZS9sNTYwP2djbHNyYz1hdy5kcyaACgPICwHiDRMIsruEw4HngwMVUv13Ch3aKAYAuBPkA9gTDNAVAYAXAbIXHgocCAASFHB1Yi01Nzg5MzQ5MDc4NTc1MDkzGPGkFA&sigh=XSD_3og_vVg&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_a7IcebrF4IJBQoIg1P03j5ZmeLvqQ9cKfg8Xk-v3mrUyN9U1ql71dOXIT72J1aOxK1jDPh1ccP9uQ6rYzmAxx7cyhrnSY1iawYEYAQ&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 24A4 50 KB
19 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:33:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 160681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 16:33:02 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F414
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
54ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:03 GMT
expires: Thu, 18 Jan 2024 13:11:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14441809811857851587/ Frame 92E6 130 KB
23 KB 137ms
45ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14441809811857851587/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5cf8138eca565ba0df697f21b9491a8e77dab62c4860a8b7ffc88fa10153f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 161903
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23155
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 16:12:40 GMT
expires: Wed, 15 Jan 2025 16:12:40 GMT
last-modified: Fri, 17 Nov 2023 07:46:35 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame DC69 0
0 190ms
86ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsugoJgGO-bHB4hI4EmcLHyX-9rzg-6IErMgmJS_7KK1uDak469Ca5StYscmlW_ZFWph44koZCFyAGPYV1ft_XSnSSEJ2WwvIJuheD335B3cXmpAtUh0WLTT9jaeScTzm_sbQryvGTZ2cIAA5WYK9YiHOmlftFVXKwm6elYTJPFm3sqd-CF6f563BotyfkV9bm4LCCVHm5EJGono0LWz_Xbhu_JgeJIRmBbXUGpo-TWcPLUs74bITinfw31AIvLATWy-p1w774vojQ4-b6-zmAg24wiRXbXvrzELOv7Phopy3w42xbKonO6ZaDyEYsXZDXRVIOqBYJ_XwSD78c4-zeTXpF4yIIeVuwnihWU0j657iw6FJKyiyL38g3v_nsQvisD0XNpk6QjPN4vFGEMRX84OtWSUWu5kN8pd-BfcwMWU7UP9mrvjQSMOh7l1NgQqn-hpBwk-gzO840XtpHRaMSnI1boCrpauupvqej9DGB9YbnqAFeex3OAloXGJB-QlYQ4Cy8CezrJ-R8bGeS4gaCLzIrPh2HHaCdaXNlw1dpsFnBUVNGT4aeeNDlsscKzs0YBLg91IhFiHoG_TB0Nl8F6RG0uqSTXNmUNhjlGiioQpVe7jfzX1Ep0jBz0BoItNKauKG4SxtlOpHsYmP3Kt6raoeuhpLQsRmocDg6hC7-qpk-2SYhFjgUrntHsJ92_Ci11S_TWmvtPf5U2MTCngVBY5MJbZ4SbGEtBSjg2TaqHUF1CEwOrTmQbkQZ-nigZePglBXqHX8_NALO97MldR2eESmOGjVpGJa2oYTi-23SVc3DCoW8vy9w_zS37ogkcvB7luQnMlibAfIIuS-BGVVcFfrGBZGatYFksYFIi1NaGJVqkfgNGavPt1Debrb4Iu3JUvkhQwGIBlvpaK-aFihu3r9DU9POInXkmG8PKwS4I6RIl2jY1oOI6jUapwVDHpL562MBhYxJVNKZclNlHiTOF7cKdaJR5uqW3DbFX3_JNq_KlUXetSX0D0Lzjw1IGyvrJtCkERqXfpI3t_IdpVGgnpFgNoJCJGw2Lu00SXBozfl6U9PjKZRTK6iMSj8h6EPTysmPllbuii4kUNixnR_JJJPLQnJCHtP6_CW64ZbOoVjK0mgNJ_6kaJqqlpPSTpt5Nk3ezV-I8vr528EoJglNthmyQ_B6UAhzbU9Uhm6fZm6ZWE_jm2cz2ZYqwkuD__wiXS8_8BZ9FyNkcbFhMBbA_4KPPWGla7Zetvu3dzmz-uMpbGsFx7mWr5lE5pcLfXh8XWhyEvwJpfX_OV0IfSA7pnWCHb17-0l4k03fX65G4ZIrPrydDCOY7Qo4FiKwvKY7fM-U_gW4I0xuhR7-Hp0yU8XUNO-_TjSxfJOW647wqHYJoAflIICj_--JNNQQF7M-OrYkr0z-GZOe-oAzrp&sai=AMfl-YRGWEyUvtJn-PCNM0WhwYfjIOv0ykMGV2AtVbUck_RAo8q9YjgxEoIhzV2jXO8WGb8S6pgOOtm6aEmp3Rq4wzpIxv2UCS1aglgrgKpgzOiIHVfUJD88a5rK33lf9F9RLPj-uY70gENbY5f6py7uiPbxgmC04CWhl_30nVdZOnH8DyijFQUdRhB9_6mBZ_ziq2xe5GdoP-rch1Vvm_DSS46vqMa0DzmUSscDJ3V2tOuYyyZyQrdKKUCr_C6M5qU4P1MmJtDWKUCRsfb4K14LJARot-hHSMz1YRxC3Pfnfw2gDYT15OnsZFGbpExMntm4SzOKdi6DSYzyRlrGNwUWWR258FmecB_nEp9WxvENGd-x7Omb9t9DGz1oR7I37XmnThqCsQIkng0xYBeTGi6asNue0b1LqSk2PkoFCfe5i3WrbJVpeeDZCltyEl1Z88khGCcL7a9Jl6-gr4-RNk3SAFdVnAprSj6N8K0eNtRogg7tZO5PjVnPt-_qMhPchiebhh8Khf0l7oU&sig=Cg0ArKJSzHuV4ithCPmIEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly90dWkuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=303&cbvp=1&cstd=301&cisv=r20240117.90697&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D0FA 0
0 82ms
82ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeZyeZSOpZZ-NN9L63wPa0RjG4JKzdd77gdy1EtugtY7FARABILmhuSlglaKfgrAHoAG4wqODA8gBCakCWQWXWctCsj7gAgCoAwHIAwqqBKACT9CswVCsKieHPzHduKK61XI6T0aWqYfUetvlxnNjjf4Mchb3Y-oSAANmz-0Ij8J4dsesMPW6FdITq7BVcX2nh_NuQw8nhyFzFKRZnJ3Zet2glwJNTPSPS850iysWSnRmhjUdwiWhaCWzzn6ro8Yys3F0oWjcHAK0t9W95RsITkRdSBT7lDM__GHxcaq49dQ2-6q9Eu6JMkDVJ-xhS6MihnNsivxw8J3tyghsNuLs1RIpQKy0nXw9L-domN4OuU2JRiz3bEv5Pixb7k6W3LyP1hUhU7-QkOp3JtiQVdbHZbYuH7AZLgi6Ll1n-RPXyvN1-ZyrlBkxZVYtHBJ3aEa-y-T3LY46FhAaJFWBcZWJ_llznn2XmEbwfnqNGvd-Qr69wATTq6yQ3gTgBAGIBdTNkuNNkgUECAQYAZIFBAgFGASgBi6AB86a_vAEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ05In0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljdzIPDgeeDA5oJOmh0dHBzOi8vYnVpbGR5b3VyLmxhbmRyb3Zlci5kZS9sci9kZV9kZS9sNTYwP2djbHNyYz1hdy5kcyaACgPICwHiDRMItLuEw4HngwMVUv13Ch3aKAYAuBPkA9gTDNAVAYAXAbIXHgocCAASFHB1Yi01Nzg5MzQ5MDc4NTc1MDkzGPGkFA&sigh=QEijZo2cx8g&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_a7IcebrF4IJBQoIg1P03j5ZmeLvqQ9cKfg8Xk-v3mrUyN9U1ql71dOXIT72J1aOxK1jDPh1ccP9uQ6rYzmAxx7cyhrnSY1iawYEYAQ&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame DDA5 172 KB
60 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Origin: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48119
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/ Frame DDA5 12 KB
4 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGpzfTRXykTbYngkQEjPOcodnuxqt4sw0roE0L6d6eVbiFmSvSn6eya2Gd5IDAlZMnafUqDjg3EBktchNyolKayHPdtoIZ93kimy0TrNdqOeqBrV0tNzCXBc-YdOqzsWtgiX1xZjEyJW1llIDqytOndJxfWziPGvs1i88JWIad7h1B3Ys&dbm_d=AKAmf-CiPL_wpz527R-DFaqBt4SsPhJ_zwjxxAtzoGu4ZDn2rZZvhhEaefXqIqZ1Ef8XBFhpLu7nrJoysNtSD4L4J2tJn3mGl5-VFskx3inz5Xq8K2tXUYcyb7SCkh4r2WaiuFV4WOCRR5JY96M8T1Iy1wUusTn9AV9r0wu06XJ7KhVluOcdrZedOoHkWGK7y9Ti7LEBdibWOAr2EzvQlgdEQ7XXsXzu6z9obYCenB4hK3uY3vDLDquOTbX0kGfaosQhzxHAYXMLCe3lebfj9K_IC11N_DVmLdrt_w2gh-3lOG3weopQWRabdiy0OvF1DirNEKEDiWfx5IMn9SwGbCLU-Iwl_ZSn3VbzgwuCM7VCPavytZV5xOtKdCfQCMOS5PD04r7rQJp7nVL-3QgXAHfimpKezajLZpAOaAMjiCE6kqIV4nVFRuRjJqCJiBYO8c_8vyqPDMDLkd-45hJE1R-UZuLarze-yPxIKi1b8sNe8H9hFMLlUTDvoEAuiE1m54FnHMDxRIwwNWKZE1lB_rYlTMPdVpm9vjI075rsTZ399-fGhC_9OjMg1zVMuIuW-OpFyq5MKxHTGz_-R1UD9RYvzlwNXzAenftEsElxc3G3VqIYpONTnBZpraoshKl5iHXmYsoApHhk3BgPSQJ54odeWFgz0FJ-n0PfDjnk6_a-xqqpLldzFvobUoe2Z1MK-TF93taBAwqU5BKnXbhp0Vu5BSv2SN6H_e2_GmEUxzlkyCUiqnFszdDx2RZTmrWTcc-xLs7vnlhMePhbQq3_5TYZrxHd7IEcB4UENJjBYF602UO6PyeDLuMcalY_8Sr-SJ8ao5kPPk5CSSiKoM5M2kVwPZWww29Jv2CDgkIxyF3cwvDextRf63T2ovGf1OrHc6M5BrE-XTQB_sfGS4iUDeED9HXc81h5WO_nXEmvW8CTKDk6Egqph9Bo4PS4KXhLOdX4-Ql84LapABFotNDn3PeAutcw8VatjhdsnB8BQ7vV2R4GOV5pPkccJwGhR5-FTuvaemkw8u_sK9uZUxwOzpR8Ari_nD5m6cqT7u56AI08m9ocNsUn3Rq_BdN5qVexIuI3H5VzkkfbxY4_waDP8mLm9vvEHB4k_2uGwgh_Hqm6Ftd6f_1SzIH7XcEPmXOsqCM8P-LabStoZ0_5xDcdcIJSud3Y25szcdifgNJEJhVNRjs266HEvjtx8tG8O-2jOZqQpnsCPG5j8yVnYvWWjSlPsVXPiYeX9y2BnLpfXC_Omaij-wzT1DGgw8FR_l2cEBL9Atq3TaOkvo1FIzGLlsRJfr-QbjwSRjZfZwW0YqatDgLqD0mXJgzDUEL1_sCH6BdX1SHbmJ-huDJLYhq9V7FnW1P7aq-5R4q7iv63lIYpczdneea2Aub9_PDFWnFZIzmHBJMt54gxE7725SSfWGVtJBfxS2DrTbBqTA1h4pJ61UVd2WcrnelPskgkgR8DctU5hVKSOeHOvx6I3sA_Efi4xNek81srtnj_ALMy70sH9g-Dg9WuE4B_3jqsPgCEXWcfUCbsDDlZgTVg-sQZNEj41vEdqLqfB8OsxnEvCjfNXl-MmUcbHhRRNRbCAjbpFlSL-kncaWkEg0acVTTWroWwSYUKfoy34jXXNO05JxIVBGhyEtPkSPrhlmzR5WqmVel9BB48QvGle64_N_RBlUBCO-yKhPXlsbzNiKhkf75Fc9h1cgiYiswUR0cWI6hJM2pmVJrG_D1-pmBsB3iOtXVPMO5BF2jHTnnqrbZ48eMhoEXD-2W1tTYdq_vZwuzWlyfkeUhLVGxYcQAXObzN2rxzG0jxLZqsnOeK0G8mGx2Fjpw0uwtZuc9Hlp2hhVwgHI5-28bOVI4r6mCpe_paj5S0bvyJgmdzKi23nGNsLu42eLj-k76icd-oghXsgSM5d-5epx6uw4L3tfsNfnq42b_Gc3d6CaXz-j5xk99q_DbZ3T8_acsera5iu2iUA4OJmBVmhxGDsp9SmqVNdvoTthZ9Jpgyd8si_gIgYQQNeAj3ZY7y0iVAOfr8CZvUp_AdC-eY_p_PAflwjb7PZwea3cE-GQXlX1ENF1u77g5-kQDexlQjqLPg1fblIW5aKdv8Gb1i4oLmHpPq8c5FyZUxq9JTS-6KWkXA7oMMS9_dRcDN4RcfdD2bBSnLGq5wc1wgahxigj7biQtMEym8pCPeAY6Khd7KHep6QyyRfHv2W_ZtmY0zBOSSJyj7ZriNX7JmCM6qFIY1LH6ETPyYec2CGdBwe-dPjfSBAOtQeTJ9i93cz89MaF8xv0WzVKO8I_1EwgPLeVo96PkvWyZQQNFv_BQGysDx9J-uZXVOHotS34VdnKihkwbVo5wRQtL2m9zwTyf8pz1lqyCfVNns3DDvle4PWrYyxbkLND5vSPwwpnIOVBEC7qPf0AHyxHIo02w2YtGnUJfvYuHQ2jnM7EIDqndcdkE3ykEpexco94YtAKkQ_qavQOHEdUGtECM8ws_ocO-KxAjvdUczLeiYekHPZokx06zv--i6glJzq1PDSWdB5nhqAUV0NhlmrJM3rOn5ntA6tPdcVf92cFeh420AiHa2xL9bXb57_BJaykgE4mi-A5amQYHkY7BqN9Z8HXD22wLREd8zuazBI0unE8uwKeCuTrqm33sXJt7C_FaygDR3oHtErNQnEtllukf9vKrw0PWMvjQqivXj22FztVZ2PF72bwKuk1FfQCAHzR-1qwcY6i2HKvK9lbw2en_fpncOy2gRNy16pdC7K_uIAeO8sKGZEavbQLZp6MNT98Hve5jLf94q8ZKXpkcito3_hZz4wOiWkgMruWpW6NJlk51-EFywTCt7Yb0kZjHQcHyfwj5eEHlZS7HuLR_-0a5Q5uOeV6gQ3fLxgXlz1toQpxh26aPG9uM_zFtgqR9D0vhFvR1wIkV-St49cbykH0C7yKtJLoU5pPd474d0YiVQDcL10_whtofnszvOMRovQYCEhPewhlk7wzzXi2gPLDOfb6Z_o_MTPxQ4aXjPShEYLGhqOo-OdEjGXPX3_lnv9hBViBZTgWVOffR4FAbOX4BprKFRKpeznFMeMqs0xe6qQI1N1VVpOzBOQaNP0xMUOovcB8AHX8yS331dUr8KzJJu3cHGDgye0q4pjdKtmo6IsGBbt6LGTeCELHFDhX2Cw1pFHB9ZNk6gLkbmPmwYxStL0CJ6hmb2qRvbtsul2Owij0mr_M4beCb0AwCCD6pwRoT83e4pgGm0dRiVI8NdHGBBwOeyJXBBcztevDSBtc1nCDIPzIUnWM78xhFrfUW3pKUBonb70YMj6XzOKB45YDmnHEbqGfHLavAS4JkM6YSXs8CPUPJdADfTxGBBwxoFNNaRPgEZl4nizcCGpxnNk-oe8L-XJ7FjzXxMnmsa5Y6_r2Rgha1H1NSXoOGborv_sqFnu3HQ4pc9wgTZdIngyqn1nIUgwpliehWMX2-c1_2nGt34I5NIDSMLoXwnph_AX9MxvhUzCkHheiFN5JIENqZAwl96h81zYoZrPGmDlekkrnXQF6LZWHrSsD84ClZpDag_EzSIsY4H8cXx0G0pEn1fBm2rUVNblsT16PD6B8GUh_osNZM5M-x-0YM-Hg_9-_X75MWbjnTm4rvXB5azNlPrLuEi0tptpvlKfKnv6RKa1RchgHok8PriJ1XUUT-V6AdcQQr0Mm9mODG_i7QqcnFu0kEoUxQ23syjOgXu-0NSQydpnfjgE-ID5cnM2TMoxkdZhktYQqFfXrgmbjIE0e5U5sy-AXDO8wsTrfDkDxe8gG8csKjAWdF3iUeZDSeBkWCNLo9JN4QGJa0cSRaQWLV4q91FZAhRpB8aBt5xKB7DRmPlUHGRspgsTFbyk-MchNhuWSgKg4e6IIwzxWy7y8PL4i53jPCqyxM1cURvvvktPVkCIGpHXjyJcNJH_w&cid=CAQSTwAvHhf_a7IcebrF4IJBQoIg1P03j5ZmeLvqQ9cKfg8Xk-v3mrUyN9U1ql71dOXIT72J1aOxK1jDPh1ccP9uQ6rYzmAxx7cyhrnSY1iawYEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.viva.co.id%2F&ds=l&xdt=1&iif=1&cor=15290605411367850000&adk=943508964&idt=181&cac=0&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:30:46 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/ Frame DDA5 31 KB
12 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:30:46 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DDA5 41 KB
14 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CB0D 0
0 93ms
93ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9rYmZSOpZaGNN9L63wPa0RiP4qyudcW_5qmaEmQQASC5obkpYJWin4KwB6ABxN_89ALIAQKpAlkFl1nLQrI-4AIAqAMByAMIqgSdAk_Qt1XNTfSgLUED2NL8YY8wH7fe2Iuq8q4Ma90fe_IsLNOkpcuybJB80Ul_RhSjCXIcs6F0VGoxIC2Kd6z7vk_mBW4R2SbjKcWW9Qkx7YKEH7N7fCLMB3A_xeKC45DdRwzhiWnahWjx0sJDWgK9gQtG9qn2yaQBxxVWy_BCRBc0UXpOCojhs5H6IUhLpvX5dwFq0p1yjo9Mpgb994vKgj63g9lQHFGUIhAYPHNnteFGnXJxjXcVjWapHiG-nTiuD_zC571lQGvUxxwqg59lXasHrG90M5dZOOtPlIb8JBFZSi7QNeaE6MGZl48rSndcHKLkTSE8fiegIrruR1gPJ8VI-TgiWtA0iDrf_wXQRDTlEqb8xtUmor8UFXCsgcAEisKh69EE4AQBiAX4p6SETpIFBAgEGAGSBQQIBRgEoAYCgAekoIOLAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMjSK9IIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY3cyDw4HngwOaCS5odHRwczovL3d3dy5zY2hsYXJhZmZpYS5kZS9tYXRyYXR6ZW4vbXluYXAtdGZrgAoDyAsB4g0TCLa7hMOB54MDFVL9dwod2igGANgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi01Nzg5MzQ5MDc4NTc1MDkzGPGkFA&sigh=X2cKaZQxbeo&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_a7IcebrF4IJBQoIg1P03j5ZmeLvqQ9cKfg8Xk-v3mrUyN9U1ql71dOXIT72J1aOxK1jDPh1ccP9uQ6rYzmAxx7cyhrnSY1iawYEYAQ&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame DDA5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f1c16b6a9b3bbd5c33f22e5fb32d892d233ba7631da317d35a245a6f70b4ceb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8A88 111 KB
39 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Origin: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 21:44:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/ Frame 8A88 12 KB
4 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9h5mIP304VAvBr_0-prmJ1FpuXl44jqN5U6MGiB0sVU4dsDpxmKBw7iRXirmJ-ygBpy722qM57JCyAOixmszrH7yldT_njKHIj_UPdhGpPIlFup8j11qme0qF6C7ZtPpmziHTiqdDMtQEb8jS-_nCC4BejVhChksGW1S8NPj_Dxq-nWk&dbm_d=AKAmf-AueXjwr39JeDhq-C2tQ2YGXX8VPBTcKhpzsdjRWsGK5OJ9lpvUzw9wgktkjUnaMK1KUzOaUYYOF3YeJXPnM64EID3X5ZsGC8ajZ9ILOM3t7O9asIzVgY90Sqcj-d4ZSi_EZbOHFE6fIogOT6HK4GDL-MfNpJz779KN2eK0OrsAbuNY8QQhzIwVF83zQwJe9UaEf3aO37LVQPygDQO9f5kBBJfo9AzrJem5Sn7Q7WlhJQ7aPQynTLtDD1uUAvgbfiTtwxdmkx3JCNjMxG_fwSEMyTsR_Owebs1cCgEm_WjmbcchujemCbl6G5MJ_Wwa2edRVMk0oMHUuttwOulsDmMJP6WTzJEpusl1zqqEHQ12ZJ1HYm3RXhUKTvLxsEssgjVVu0U4WfOWABoX0eoqym_kpUxYmdvAeh6nWO-JktISkFuhOIgoDV_9-0IrsYSxEZvUfmKlgqFnvn5b9ywh08323WkNku9ZD5ZckXeu3LzbHRP6tozzjsApRFT3j0A7iwTCUdyDoOcbHA0zVRDV8oLYg9ruDguis379uzwTn61eOrd5D0jVAiQ1pxlMXXTFum_8NS730w2DPRpLLUXStFmWddY131rmF4fa1YIt7JZJVCJjnmeMPPrYAn7EnCI0t46tox4Vx8XLareSAQ13qEfSCXKg9due6HDNsB8qk7CI0-Lhv_B5BWYkvDEqXEUS_EY1ALzsMr3MkZ8CdNSL3hSJXIR7UjrSpYEZY0ZcUlzV04asi2ZbyOfZyvSwwvIIsn6HLUm3-L9edAh-jSpsiY6BrgMGJIziEA9M93cFaM_K6JstrZKH1toF28yWXqZpZFhDWR1eQrlRrVurtpi1Wi0kY1SozbWiJhlBupslK3W5jlMgqfPS1we76I2TEfxzpCiTz6LXEzmYeTLHwQ7bM-PkB9857BwrPb80IXIQrR5cYfKOV2W_p7mufZyQPOf2GY4eA6JPtdrFbU1y3wBNG9kQENzl-D_SIB0CC98HL6k6CwHfGPDoeqX5-naO30moa5XnYcwLwWa9mNNiFMrosL_8yW1BsUjljGyxEi3_X5L4umFAKy365YeL02NcrVVAC67tXnAmJbXUDz9w3MKBJt1flw7759F-Msi0v9WFMzDq2jxqi-lgUbwksprS_nuWVg6ClbrTWq_jprj8ql76ImwiWGMohEb2ekeS3FLOnHv9sb_b1mukniFQYMmc-MZRkSGtj7dhoyMXjwb-jlVqPhHV5dywyZDGnlglvOwhsHMz2oWuX3gDyov9-D5OHKOMhur_z0pLR3TZvFL30cFab2JY7O9GsJMPsOQebNLtTjqcCgH2Vika5VtkHkwC6j_W5ru7vc6GPTQPYZameSt-_T7jyXXgo71BnQLg16B5pP9HGPbMLy8KpVUxVTBUQJEq9A4DqbmidMjKam5TCSaztp9pSxuiZs6YKV33tYK09-XIR-K2SNFct-enyg6EkCftftaobXdtbndqTQRTmGb_Q_fW7Of0J2hcSaRwAGfKwGxBJH-LGmIqYB-ranrHgRj_AaQIx6s7T_6oTR2wxXbovRDcN1qVBETJHDV4XUqbFjDEVbdlGc8hNaMq9m7GIUcqCXORIDe7ZYlscfYcIXtNwfWK1-99cq5gjNw7JFjpAgmxuvPT8gGBf5ybJvHeTnY4Dki_cYtVUoOvDdOQkKfy1bjJsob3RlLmqS-QvMC_X5LZWDQp-o_ECN86xwuAPPJ9FvxaCoD6bHGNRD13kLRgS383KUyfkIE0x0gyuKsh0ZGDI-Lh0qqdNHn5GQUVKAMlLUXlqn3rlXdNU2LfVmvXXJZCaeparzcAbRgFadD-rxZnAMBE6gYAWz9enfHs7M5F5XzfNsYUzYrItdybAIH1ltbQc-3NgP2DmhfR7fSN4nABhQZ_IW_aIvDj-5L7-debXBdDlkxx9ZOsrKE9E-pezIetQW8sv5HhaS_2UButcS6f6obu2wD7BuKxIFAhtSUwuR-m0NMc2YuJPOs09C16UcelaNMHXjfodK40tZ7TDyXL09tch75kZ_y5gkdjPwC065Kvh8gKLumSejo37dWj9zP1oRUnSWe0YH1ACeVUT9FtE901PBdFRBf6JED13r9gKli6AFrzIh1df0jiSxdx0Eq2Cnl16s9J5mqkTtg9WClZ7mdVDFTnh9bTqMeY2H8RmzVXcMMJm2B0Gy9xD0I8kfdrHFF_CPoGbC7G9OW7pn7pgDPgRA3zy2_nGEHR94NogkZY2sBGHmcew0-GfqeQ9wOfLGlXaTnC1__oC1XEy1YKUnQajredVAt5c_E_Mgsl-gmcvR-cQfliigieU0mZAkqCB8djFhIDjl8q1sX3CmbPix9VIUPAvfH1xaHKynniuoFcKsDCMB4OKUuLuuYvyD3lbjygjhMJAmssKAmjwlLgv4Zi-Z--kfDxmIws1GF4o7IfIwSIhFr3pQcJ-Dsq8OhROTxJKHAbcHddS5AsIL5sj0E0XY4cUaXtZOQWnPkTWer7EbQaGDK3UOn43yib2LEru5nFO2-fjpkswZt_pHq8lYMBTkiffHeWHlmqWEQX3wk0fZ8O9qX2fiP7uws3s_VIk0lKQnNN2tRCwAYPmYHR-U1QQJzcwEUVe524b-cnLAtv8SvhHE2ifb4vsiIYwmlXoKRUDLPnELg5mOtssqyIxHCk036c6Uh5FYP-5F9quw_d_ugDuqQSWzIRTI-eiJN0Ywx-OOaDCBSK5Dujj2S4y_iACSMN9_cUMdfp67oWjDpev_MBSUm_W52Uk4pjGH_OpG0bge3Jf-3DhDEQAKohxuPfVH2r-dAD_CFHtvdSt9syJKcg5kqBrHJ4JzNd9kFhWOw3QMh8m66K23C7GuAo9YJEgxEOQWpsldvJQN78xDh-_CAvyIhwet8ILIZ6zkw04m7NfGEae4XfgRt7luER4BCUq3Htd8hX3iu4tMzMjxlHD8VJOjgrAgz2YUCl50sWt9vdhNo6RHNW3liDSIttmH_RuAOEKOMPxGXiWh-aPD3rA9Gb-_2jS0RaOWeg1JYp8ts5UGNoslOixThLh70YkqX_ZqRxGbFXejTyZSW79tWTmXD0_LmvKn9Y7Ge8XtGM-0uMHR7hKrgdGNg1ePWUL9XT-TmtL_TUOxdY99eHkuLhJ5q8jlZeZwmoZDxVWJPeIw1PQdDdCwm9qfx5oNiueYodEIXwS2dVrKj7yAgawV9XgzAZbcE7NrU4WEHwHLEqKRo7eBGlBA99xZLbZ4gRRvD5GPNW7X34mQhaWJdjiGwhbctE0jzbsJeL5YhXwuoGtV0W0wwUiwvGeLLt0-9MzAzrjJ_dnglLbqQtPlyYIQsflAifNbF55ZosA3iiWAgPCb0kMMBnT1nNQrF7LWm4Tx7NdzB8hh83Y7ycYFRAwqTrpMD7Zi7YaUsIPNcnQylg4YvXITkSycNLmOQ_E5noq7P_N6bRTINLE241LCC9lw-Yt8EvVWABVqEWJoG3P2wgZEBUXBpcgDtXVOjBiiyvaIZd3Rlya2kCEAHuRUMsGeMZ0KWEsSy8f3nekh0tsM4UObCAuIs3ldVtwuvcobU2FSVhV025qdlesuF8-rxNmBV69WS4TVzK3QwyO8w-pNRrn7bXWv5PcNtx9izpXVXnYWUFnu0MFULdZK5kFt6N5PTxa9rQet99o7bY5lA3cJsbCoXmKvASN-WL7-nBJZq5o4IlOF4AtY1vwH_NI77yqPM6YwRwIvV7TCCUTNNoTjm-wTheLg&cid=CAQSTwAvHhf_a7IcebrF4IJBQoIg1P03j5ZmeLvqQ9cKfg8Xk-v3mrUyN9U1ql71dOXIT72J1aOxK1jDPh1ccP9uQ6rYzmAxx7cyhrnSY1iawYEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.viva.co.id%2F&ds=l&xdt=1&iif=1&cor=8977530660215219000&adk=2515327513&idt=247&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:30:46 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/ Frame 8A88 31 KB
12 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:30:46 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8A88 41 KB
14 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
DATA 200
OK truncated
/ Frame 8A88 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be651cb02ca20ab57e55f7fbe4f90fcd535e81161c1011f655ff6e0a87092b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2C30 111 KB
39 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Origin: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 21:44:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/ Frame 2C30 12 KB
4 KB 50ms
44ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4UZRJi_BJPvuMdejXojug0HTUpmGoPLe6LWERDvda0GudViJDY2dDlkAiGghiCaVy1eyhKX6YShTmjpDHeuP1fOnx8pWr9zRhi3YJLuGIe4K3DfxRqfSGXYDSZnP2GQO-8Xrg9Xzmhtfspiy2_YzS_SwS4yH4YJv-VTF4OnPPgV26pGw&dbm_d=AKAmf-DvWKDeauSUb-Fam0LY4svDhr8TPG5Et5XBuGcpEyvbkT6xsJS9ej38_Os9Vmx6boEtQxqziCrjUgSPka5xY3KxhC-tcUH0YIyuI3HK2RtyrjlqtqjACnR4bbmnCLq7B4DBo80AY2HeHzG5-yIJBJNUd7gWtb_SzEB0VOngUgo5LW_iKIWqaMrC5bvE6cDRhj6fo0pmjM0vnVrx_4ZL-i81YlRuSZtIlCQGKS4PhLvohpLGqsz83ekPc81VjO6icmSOLQ2bR_nWfTIBndh8hJ_IZUom96GCIpsUbypQXSEmY76VVTYa1UibVc7StxR-uG6lbolGrxesrpE8ZWBnHrpr0cYbPhU-XChotUAMsbhEt7_zI96GOaH8j-7mX5tlk0jIMxEyZPHXm2beXfECd-K8pDVDHe9uGJOCPTDnDqDPf44q7wAOfbCp-g-QZf3g_FEjeT8vgykG_WJWnodDFCVffhZwpNDGFqlzRG0C-Ogw01qICvTu2T7Csk1B-lgeeWh5XBhSkysH3SUUSNWgOP8h_eLvsE-hAKsHHuAK1059hDpE7LcT7dbh1ZtY671uYGz805ukgyY8IAxRWg0MDqA8NJ8R6xXMNq-v-3lO9t3RF91Sm3Wpc34KnZOmjhLb2YSRcH36pYVj8Acha9Gl7KnF_dxSr7mEOQzulWyawYvYY1Rv934NpVU9ROUQI0wytibWl_IIgvEnbPxnte-cCSl7Xhr2Zu20EKdkGYLUvGh6pWWZYngrenoYmoMfoKg-olRlGUw9pfohce_2N_gA_E83gw1kr4WjkmTHUHRNaBSpWLV4llLU9u0E_8u-zBOxLCjDAoxXNDgOA2eB7wCtcfMNpFYlEMTD_yWz1GsEH5vWeRyx4kePJwOoTH48rSCpTZ7t62oaYpqLB0sBVKkxfFjAo6Bnehi_Pa2W9FOFq7lvZNMF9_mirCeZyqCDOSr81UgNoMFXn5ffq7TaJo5R595F6DY2j4BD2NioaNnXDFeOkZHfxEN7D_hC70TiZRqVdN8J0qe7omDQfH4mRa_xcHhTPZV7CvsLvvsMiO4YRKANgRtww5sfSJPn1fRxbW1e9z9SlmKXouDiCDMFbjinQb9uUVS9a5hic09yDcunGZx_7k_Mzkyn3f0K8vjWRU-eBtLgzFot8k3vWI-Qui9yHpuJwuw6wNyWqxmKWm--EEQbs8ZNXMs5RIEqe_ausJ8DfqAn62jI5PTsRnTsTbLMTto6llARebv3wK9FJA_klirXfCksCWEgDRQZCv2Hsc1fClFqwYWeV3HfW8b-KChMws3C-QTZcAaYNEF2-ryw48FXSIq357IgxCDO3BkWnlJryEfrDG-gjRy1Q_cvIcOb50r-YdOd5qEssmH9wGGasb5KJP9J2pXft7AUL5qHSwmTDLAXA7Nwy9sILtlZVh6XHAydAyBPfTgtWwTBRwl04AMnVjhB84XbuxZM0o-ws3NhI0ax9WYXTwSTEAHBfIFM7WEfxUvp9HdA4B_Y-5HPQgMd8X9-ulXS4x5GIZyjuA5pxKN14fzq7tYZv6fvhiLg5Uu7gAvzEfBM0DLGiP0zZN_VjuvxH_3lHw5eHsBrk2MnZLeI3rrpmODRlYHn8zwT-UAnllxJn8mWBlNf4yegXAPCIT_WPNvjF66UEm-q3HFpJGx2gWgpjZHomzXz5yfhPUMM0a_aS1pAyVU_ZeNB-Oe6iH0xzQ06xPPBTqBAK6vHVLMHOEOJDJClUY3aCO5XFTVCs2eaO-Hnavy-nFs6FQPIsvIOeYnrYHYyYXhQoLS6qfW1F63GjAg3qgFtVHS6k7wNtkNSg7X310Di1eDzGSnvQMCe2u-De0oqGWKct3Y7D2wNDgSzLbZOzDSujSztlHaY7UIwuSE5UbnsIoo8bVO9YzGb_cyXULyU8PA_fPZmnHDB0WUCd6iSmvIMHG1tTS982uP39Kgtw-C8zGAfkE3GmcK04UAVRwjoJOAro5pCUYbOGtU5ol6_NkNrtXquF19aAE3GFh9cslwTPuE7cKf2RkMfdA39xqyqe6zUpmKWUYIV2UwvSonu_hvAhwF1qbFNETEYv6Xbmp1GU_OBTKD00RpPXJLupTgJO-pPw_uH4gXuX7Qm-NYXqCv88Ccis-puLPcCfhhGQr852XcpsXnZFUiT62HY4wznzu46OjIlB7Q1zc8QHDbtl0W8T7sjKITqDUldcmPfPHKyrcAFBj0rVLte0hykJGU0VhRpDZCa7SP4gXRcwkbWTULH4Rm9Jq6I1rpUFDT0ge0rJo_ja-HguN2MBPsTJYnxw8v3GA-91YCW7Lm7LwCDnemuSmfjPco33W8FPMdjp0DuyUO7xYZso-4bL29Cp2uwDzKWhDxqkeVLJWu1TJh586xTxNNtZreOllOaczwvDmBx31aY6t4B2Af9uIm4IqieFld2Fk8XCZUKE4AA3UpN7_vxljSmifD60_ZEVHGRZVJ9BrBpoDGVfmVFmidCiF1eIVd0-pnBew2iuOEX4TpVU3CyYdgDllUk4f4r4ZqOIN9oaqMS1T9JmJh8QEAB8U3B1pAkqjnpZXV3f6YqGjM-7J8Sh4MMbVvsDpnOVcyDZUZ9TNrvMKB_lhkYpSNQwhXpENqubwlbrrn8fu2LuM2XtwYU3IJFgbDrWKoLf0LXBwVHDcQT3jfpBJ9NJfFIimdhzQ2cW9SE7rcacuy2UNgkxxV6MUw86fA3RASBvG_dac2Q21iz9a8sGribKxemmUPeDgeaeyUUnKdt6jpuX0MwGPeTp2esgUAzhPOH8sl2f8PQLCVRNTh4JBm2CPR7Odg_URhaJq5SHf2CbuAtYr4_s0WtdMm-C3w7bCJzC22cLvKylwljGGx5VV-LZriWMGo-5r7BD2CHlqYQU4wt-8QFAXN92WHkFTg8yD_YQcPgnCJNQS7W1jV0ks6IwvofbUH_fCNtXMirmV5yz3KWR_bbi5BYPQzGEp03iSCF310xIHEuepV2Q034k7MKmQdc6r8irXEDjbur1zfY4x0BJJz8kYPGmSj6M8WsjIngCs7Wm8ZtHZ176eVdiHQglXlZNoYNApeIAXtD7y-EqHiE_7heS3k_Dls2x5QW8DQ23iA3ySSwedMSKhu_mp5J0gHbPvF2q60HfxsdjPgmMzQofHm2giT4iu3vHfm0ACDJs2q3yofes9TEAummRsKqgY2Frw0lpgpV3pcp1_xHA1k3ikhFisItUi6CEs__Wso0NcUj2vP9eU35_2JsBWpPk8nlvaCkkWS0Zt4m7O6OXBYcHdUL1mNxKICgISjaeqSAT0AT0fDw4gVt8oOmkvaZTiHLPXgQSKFTGBvzAGoHlnk2PszE9fW3iASliHxN9Pn5StrYnWE-vTeu58C9G2zOc7Vg-ppEeCkpx3smUEm6hWUQI5K_um3CQ23BhsGLKQ6BWwQGaJiN0SiNMqeZr2-U2kdDYDIXtfpHQzjXJ6SrGuYtmm_A1KAN1tKB0LBgTTqwU3RhEMCyz4bBcJ96MMCnlSnBVazZOf4tRswgx-4qkMaHWXGNGX5jtEOMgXKEKNi9X-iIOniw68G8-orp_xjsZxIo-vohmWT45AOzOM8HeAi958Qb5xVzEnA6h_kimwW6Ledm8qa6C3GdNaY3ncyf6Hddrh-KG2YMVlD4NFBCejodh8ycmBEkt9YW5G3MjBs1MtJ7_APIq4IdlF9PHKA8UCIl0WOHoDvqPqGXpv8fnP-0OtbY_i1QGC55gjm5ry3xvQ&cid=CAQSTwAvHhf_a7IcebrF4IJBQoIg1P03j5ZmeLvqQ9cKfg8Xk-v3mrUyN9U1ql71dOXIT72J1aOxK1jDPh1ccP9uQ6rYzmAxx7cyhrnSY1iawYEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.viva.co.id%2F&ds=l&xdt=1&iif=1&cor=5978295940392062000&adk=2004672171&idt=238&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:30:46 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/ Frame 2C30 31 KB
12 KB 48ms
44ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:30:46 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2C30 41 KB
14 KB 49ms
44ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
DATA 200
OK truncated
/ Frame 2C30 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca95a93493caca87372748da55838b6f35d46d02aaa80f1be7d0a828ad86b7ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13605343744850012072/ Frame 90C6 30 KB
5 KB 76ms
76ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=DdJW5bwfhZ&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89d64f8363e9fe274098d3a8744fc70607e0482d5cb955b65a4753d04673bef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 13:11:03 GMT
expires: Fri, 17 Jan 2025 13:11:03 GMT
last-modified: Wed, 27 Sep 2023 08:55:34 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DDA5 0
0 216ms
103ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8FpTMY2OrruIsr0QlbJ99LPKldC9dVf42cIqyWWvZuaFPnD3st-q_wRArPjrSKDakvcVTAig7gXqsWNYbvv3eqJLGk1zUJfJ5CwCrrd1gOxCmGDmB_r5cQ7W_EPYjtTBuCo4gdO3NYKtIQQSEXIXgHKH-7UGxBDFEkCzinS3Nj9RCoK-sjV4V_Dz9x3hbSKBdZiBZiZQLkqXXm846A7rE9QGlmxQLOpJZQPlljyw_UMmkrEEbPvEBmhngo9cS5FA8ZaGxgJP2cI9nZ3EFe545Z0siBMv96gy13vv1JLuZJp41ncTkW1UZQ5hfO6IKbWbEBounPGCMV1cSZSfQ2Yrf5IUAzoyu8J13I42ZeYEhN9trKEw4z6RWSWMO4XwarBsyIpgHfENH_bcP0-SiPrUrYVqRI7PL8DfpZ9b-TLwZnChaWHUYaXsJ1QElgiEGy-buDSbT9wJkjr9ZLEitocQ1o7J_ws9m3sXurmBeOdVmxWHjwi2eUOGbV4iSU7zzGdnPwQ5Xun8XoQnCmSnZQNZnIhIGp-bEHDYFV0cSsdl5aA6-lRw_42YMzq4SakENe3bOmXB4rXzG6PMPX96Awq0K1Vp4VSU_nqOKWK9qaABQOqkPQdKxHPleDnMLyeOwH9T1UBrAg-M9VoCLSaBkM4wPKB60s46636WeHPw-iRCg3PNksqSB2b_xNZusU_d1uNDjdHfDsRmebdsSodz8tHTlmXj9dZFCDBtrhh1O1NOa635inI-w795N734V1ch9G3fqpaVYbR0diYDEOjZfEmINIfyWsOGZsHOjwagzvYEOgLvY8_cjWVW3aW2izQdzWhuEa40dxNOWiejhBZo7P_wXUB1GOgCnU3RP1KHRwEllPV6k5MR9bLY_FChwmSc-IJ0GqPsmvUGrGqQ8rfkX0HdOIPA1tbGuvZepgB-CnNWZmHI8HhrzSTtYHcYrluxYrllwwXp49oFEZUrNM1X0BXNLcesyZJ-OjL_ct7291iQ6qDwP0BlSGWB5Sh4yrjHlZkMqu59JGqknsU2Kzatjam4TOYpI50658H1ie0LU3X5JSL1CEOyABCd4olK4RFuzwpZR9b9fLorYzSHPO6zvb2icS3u0KEz2xTfvESkxAUcRSMx2Xz4jf-aYQEg14nkBrp2HfyZORG2fEk2gZqMH081FCIo74snwpEKGK9SXrK1ElyzPe1RP9UUt0AVlRNHQRRreE6dY8XTuUQka4AB7VhzDasMfPwddctAB_hz0AAqBd00SscivzBTx5tHzsCYy8ll83OgqhIsbx5uubBKpDKAysRnl32ZSWUa8SZZmZJUaUNyZ7sRwuffT-SpPPooVdieN0Z56QHaLNCJWerFi-fPQa6Kas00QNgKW6A&sai=AMfl-YS2xGFEt0ICa2UuOuhDpolFmnZbUOzK0XfaZ-sGi2bP3WcBuboKWUDKSDgp6Llbbt3vDA3a-YdjF3VOOhsc9dZclHyV_CCDJsx1QkQZTUbUhKBhOofoBZOwPhZisYumHMfVxBabKSSkAyJtQZRxFmJofK29r24vN6f2usWtc97HcFAb2sSAguFuCCVNsntHygss42QqxBiQJaQLB8L1St-p6IcpRQPtqmDaf5cs0yr8g7XQGv9I22mkpCMdo87M-F5UlNCMLoOMPMCh8HbMgAoSe6tEYjgo62k6WjVwuA&sig=Cg0ArKJSzCMQlkRdBCkbEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=219&cbvp=1&cstd=213&cisv=r20240117.58827&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

firstevent
skydeutschland.demdex.net/ Frame DDA5
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184943439&d_placement=383211463&d_campaign=31191216&d_bust=1046175667&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184943439&d_placement=383211463&d_campaign=31191216&d_bust=1046175667&gdpr=&gdp...

42 B
733 B

66ms
65ms

Image
image/gif

34.255.50.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184943439&d_placement=383211463&d_campaign=31191216&d_bust=1046175667&gdpr=&gdpr_consent=

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

34.255.50.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-50-52.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0dac29aa5.edge-irl1.demdex.com 9 ms
pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: EjrTcIEOS2E=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-052072f40.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: oM7ii75oQM0=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184943439&d_placement=383211463&d_campaign=31191216&d_bust=1046175667&gdpr=&gdpr_consent=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 92E6 32 KB
11 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14441809811857851587/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14441809811857851587/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 23:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 23:49:09 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2462 38 KB
13 KB 48ms
47ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 145015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A5F4 50 KB
19 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:33:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 160681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 16:33:02 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7849941690979828464/ Frame 73A7 15 KB
5 KB 49ms
48ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d781bb8800ce7a95168ca8e02a9e9f7c18382aa832a8ba222ad82a73ffa73759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 125225
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4936
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 02:23:58 GMT
expires: Thu, 16 Jan 2025 02:23:58 GMT
last-modified: Tue, 02 Jan 2024 13:23:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8A88 0
0 158ms
103ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuY9GmUY4w058UpzM6ccNcT6XjpPXWiTR12011liNf4BicCdpfpkOQq8rlpQHG-VkQpDfsFyWLP8zlGWPw3eI7Dl-bjKyY-qg3L8MwF-3UU4PjIifc8BKe4XrLZKaCRpcCV0v-aOO0nNEDDWuHr0GlzU22eOo2ZXzKokzFt2Cl_KGgd31W9Q6mw4QIvDlv4kBaZEg6ZI0BJ7Zom--1I8HuzvwfG_BcTRlmc5mA06-aBES82R-83T4RoS18FXpDMEUjq9aGxqnou87HdGdouOA8qqub2NWkaOIsoUrF_Pg9eHefn7qrnYJD0NuaLdJv35xCn3KU6QvsIc2qew8vW4VY-PauObRZVs0TAvRo20pfXJmE8M-F9yBTGbS9Us_p14BYSiy68wHoBy_e0qhuZpdUu3jaXN8HMrDFQcz2fiv2-eOlx4a9Zx_7kX8-M2v75P0mgea-HVGu7k1QoPwxFWah2X60FUnGMqB5--TYxWGpLRsCohMt48kkNOq0Baq6wlmvT9l9g-urzouwC2xeXUMLh8QZ991cQxOiOBYMF-8unRUOniwLQux8GPpjoyB7XTMSFDlAJoAdWplTYrjImQLeSMvNftgTy3tc83-C_iyBZ13Mxlzvp_Xsq2tkaHYwgVftFKd1UHZ-D_KnIK4wAiwWNKdJFoInzIBtSZz5Cg51z6jJQVLzwtE8Rf5c7bWSgHhu5hv2kxIhiwiypKjEakHRXDLZA3Zzy7H370CUQaBN0sUY1JTHeJfL5aAX37qSCkduRXh_6orCyjQW0VKz8xxlm0UKEBLXzbxUpv-kddJlEgGoby0q7_DWbRKjYkwMiBP_fNEVi0WNS0z2TLBv8qXwobKkOGD85Pydr3cWSdXEr1qLEzYwCouRHKnphPP8a_4OJjw_Ky5sA2je1EA2XXYdLjDWuz2a8yur0ZobveRmKRhIuEJBH6HpsI7_Ob8lZAql3TXXWqQGCmBVNnjjRTTpOlT_X_xYWNt3LNyvec5kDNiXVP0kCMebpOLC5FxC_oAmXX9hfMlp7rX3-TlSdkBV2wdq9evld65r0dHNsk5URS070IrTkmYZQKsVdoLzHV1wpSzNe7maHB8Ai4oLJbnzodXSN9AO09hDEQYco7W9yS210QwvFs-9Bgg62gYdYyiF96tYIXEBq9QCnSscIAXVuZ_5Xv6SIFyQSIJFMGc2qDAjkymdO1on3S1G-h-5QkteqVh2WClVNYUVta7Fa536JAe6E5LYqsRgPf270i-g_9iQwAD_GMwPJbZ2iMNx-_uZqpuv9Uaxy1b-YvLSKg1bNAb_tF2rf_lafB2YZ3X0SL9M1zzZKoHv3vw10J0hRw-Rr5V9WUrHyA3lR9mG9y59WLXgpE3eNylIATUGn2w&sai=AMfl-YQvC9Gn58FaEkbMQUt8CoerOgMTBSBmu4yLJRG-egCMkwYC2Rf2wLZv-XF8zhMXa8eyMVjwjKRPxEezB-Gio28JHu0ITuxv8Z7BJTUWhEyTfpHmcVVxiNbSVH53bzdfktUBZKNKnLJHmSz6GPGYRcCwGeYIdZKJIkXwFFjVBCKklJd6TriwVVFt9bekSeilJPOU7NuhwuvOoYCA-wqriPdAoKzxj5DaOt3xCkLG9BiKO9XAUM3NOWo200cAZIr4zinyIx0rCVTF2bhP-uxiUZCKSjDWVPlAA_gsl4YYSw&sig=Cg0ArKJSzGB30brYwpT7EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=199&cbvp=1&cstd=198&cisv=r20240117.42042&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

firstevent
skydeutschland.demdex.net/ Frame 8A88
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207745936&d_placement=383976328&d_campaign=31090180&d_bust=430695043&gdpr=&gdpr_cons...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207745936&d_placement=383976328&d_campaign=31090180&d_bust=430695043&gdpr=&gdpr...

42 B
733 B

64ms
63ms

Image
image/gif

34.255.50.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207745936&d_placement=383976328&d_campaign=31090180&d_bust=430695043&gdpr=&gdpr_consent=

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

34.255.50.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-50-52.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-089284889.edge-irl1.demdex.com 6 ms
pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: YWmgLmjCR8g=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-05129358f.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: iMsO2+aCTY8=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207745936&d_placement=383976328&d_campaign=31090180&d_bust=430695043&gdpr=&gdpr_consent=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 8A88 43 B
1 KB 315ms
51ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1015387910&extPm=540200888&extCr=20930386523&gdpr=&gdpr_consent=&rnd=430695043

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 18 Jan 2024 13:11:03 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Do, 18 Jan 2024 01:11:03 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 91CB 38 KB
13 KB 49ms
49ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 145015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1902495261604645428/ Frame 9856 15 KB
5 KB 49ms
49ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1902495261604645428/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b902277d956cb287cc65da44046904f3e333c977f27dd2cc1ff9c5c41561ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 61435
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4937
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 20:07:08 GMT
expires: Thu, 16 Jan 2025 20:07:08 GMT
last-modified: Tue, 02 Jan 2024 13:23:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C30 0
0 141ms
104ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3Yg1CtcMd9fRrcdoYWYuHjFR396B0R6MlTgXlWDKDEx0iGIgviFNWVMZkhqHcYmR-X--rHzhLFZwcGsgMAofpk2hlWMiAs3zCvNpElYrg7SX1umodexO9Z52fjwnTqDQWzomRJNhmHXFO_7FZx9AuGbU2dT--bG_dZM6NzOLeA-ziwrs19UMsIfMbDV3Pch6yLBfxMdyneDz6od2TLoIpJ4zDLO7HQcfSPP3Fe4EQrK8zgNn9s10GDBIsCfkukfUczZT1kgmHvQwfw45paEUx0r1Xc-NzutEgdmHKXpwfrmy2Zu7-UzvDIHFQp0yEnYzssaQkpsrDo_AG5PHbgsad2gXT_MLYuXyfkdyUuXw_kfBWr81PMN369NW5fWmmm5Nc8JE0NWTgIACA3kFmnUtoay673nfhntnwTItTSznW0_0ii91QJty5sZQPb1rkd356SQgCc6HvQObaxTQDZvu5mlvelPEY7YMT_BAxvX_BohUZ3JMreJBx_5glR6YteV46aBh-5TGubDljEZbTu2Gu-xA5G35kOG2debp5KlI8vmAMCyofRgSjq2UPbLJQ5-IGnWSSFEW0kpVxRx-WCewksqOYHGqHn89zfuFYdtoXCeha2aA7MGO5n0CDBF36AwD29rCFs8irDhCiD35t537KGHuIDLTrRkp0AnjAj7v4Z_X4jt9HLzzMpzsq2761HfG6wGY3mYDFDHfWQrBg-a4Mu0_mwUqBS5ifz18tHqLXu6YcadzNDuI5kVSPEokbml8Dgr4feopbblUmzi9ejIbFTQLkPHuxpexWi7tEaZF1ih5ecIA3hxLXSAD-PsdYH9Vx9Lb1VNzOf4Zzah66qQM-Um7gRUhsebaBKxMIrUdIPmb_Qu4QdXLgVicLduYT1AQ7HD6kdP18oKxTS2ammFiPZTZqA7pso7PJkwFjtq9mcSsyIBpi3k9JaQKZzfdiKybs5xjv8yhLPtrNqxRNto9xOmMUdwGobO8qjdkH4MYWwb6YAh_RH7wDU86ifwywaoHZIHAWvAKyJZJrFC3JGB2GW2RTIZpzHkIh_fhsMx0M9Ub9ahAgB52wUsdl6mhqW8VxAngoNiD9UTpMYFPHKmp-xGuPAmR2EDwuifFljaOVG84GwfibnpaAgVvtjUJcw5-9Yv0Cfq8jXgQgbFPU_Ydz2kIDKZxU8YAbor820LSd16RJA8QJ2-aiWJ6kIsHmxDI4eeoOHWw8kmxFQ2FvWOSNN55pEgqGL5WrW8uQEN3ouqLSMUlnomqddhWXcsjU0eGynyzIpTMjvv_Ep7mqF47Mig9EYHy4Gt0HBHLsiQJSGwLttqqrwI1hyTkQ9wP1QG76-59ORd6Iu3p8TG-NZPYHgpCp8Tw98AQTf5bqvg&sai=AMfl-YRc1CBozSXqbgOpResJe_sMlaT4JDkULDKjd6KHgUdF8VHIRog7jnwpSlNKIegSPpF9S4fK5f4DbRPrEk53riHcKYI_swcVZNhyLSEWDolH2dD0OousOa6XVbRrknFsK02x2P4knkzqGcQejLGAYiMatcMzMd2B36tNJmmHcsxgh6UbqhZUmIVpPrWdA5ze2_QFEKGtGBGLUpKql38WUf17oHUm7WaH5ZE2tl_fkH0LQM9E8WioqQiPFY_hOXwn5uS53Z-NfzS-J3uI3_ivz2c1klg_aMpWxRdqdhz4-A&sig=Cg0ArKJSzNKLWazJNboMEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=173&cbvp=1&cstd=172&cisv=r20240117.97641&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

firstevent
skydeutschland.demdex.net/ Frame 2C30
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207872108&d_placement=383820167&d_campaign=31090180&d_bust=3129378867&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207872108&d_placement=383820167&d_campaign=31090180&d_bust=3129378867&gdpr=&gdp...

42 B
733 B

63ms
62ms

Image
image/gif

34.255.50.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207872108&d_placement=383820167&d_campaign=31090180&d_bust=3129378867&gdpr=&gdpr_consent=

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

34.255.50.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-50-52.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-05348b51c.edge-irl1.demdex.com 6 ms
pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: Ryk1LJknThc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-09f0ac7a1.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: FJkD6iyoTb0=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207872108&d_placement=383820167&d_campaign=31090180&d_bust=3129378867&gdpr=&gdpr_consent=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 2C30 43 B
1 KB 298ms
52ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1015387910&extPm=540199685&extCr=20930386523&gdpr=&gdpr_consent=&rnd=3129378867

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 18 Jan 2024 13:11:03 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Do, 18 Jan 2024 01:11:03 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 18D8 38 KB
13 KB 50ms
49ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 145015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/13605343744850012072/ Frame 90C6 5 KB
2 KB 50ms
50ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=DdJW5bwfhZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46072ff450e58861395db6f972ea897ef9e4869c2779aed03527b5b0f994bbb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=DdJW5bwfhZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 08:57:45 GMT
date: Tue, 16 Jan 2024 08:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1757
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 08:55:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 90C6 120 KB
41 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=DdJW5bwfhZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=DdJW5bwfhZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jan 2024 11:17:24 GMT

GET
H3 200 gsap_3.11.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 90C6 69 KB
27 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=DdJW5bwfhZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=DdJW5bwfhZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27635
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:03:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame DC69 0
0 215ms
214ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsugoJgGO-bHB4hI4EmcLHyX-9rzg-6IErMgmJS_7KK1uDak469Ca5StYscmlW_ZFWph44koZCFyAGPYV1ft_XSnSSEJ2WwvIJuheD335B3cXmpAtUh0WLTT9jaeScTzm_sbQryvGTZ2cIAA5WYK9YiHOmlftFVXKwm6elYTJPFm3sqd-CF6f563BotyfkV9bm4LCCVHm5EJGono0LWz_Xbhu_JgeJIRmBbXUGpo-TWcPLUs74bITinfw31AIvLATWy-p1w774vojQ4-b6-zmAg24wiRXbXvrzELOv7Phopy3w42xbKonO6ZaDyEYsXZDXRVIOqBYJ_XwSD78c4-zeTXpF4yIIeVuwnihWU0j657iw6FJKyiyL38g3v_nsQvisD0XNpk6QjPN4vFGEMRX84OtWSUWu5kN8pd-BfcwMWU7UP9mrvjQSMOh7l1NgQqn-hpBwk-gzO840XtpHRaMSnI1boCrpauupvqej9DGB9YbnqAFeex3OAloXGJB-QlYQ4Cy8CezrJ-R8bGeS4gaCLzIrPh2HHaCdaXNlw1dpsFnBUVNGT4aeeNDlsscKzs0YBLg91IhFiHoG_TB0Nl8F6RG0uqSTXNmUNhjlGiioQpVe7jfzX1Ep0jBz0BoItNKauKG4SxtlOpHsYmP3Kt6raoeuhpLQsRmocDg6hC7-qpk-2SYhFjgUrntHsJ92_Ci11S_TWmvtPf5U2MTCngVBY5MJbZ4SbGEtBSjg2TaqHUF1CEwOrTmQbkQZ-nigZePglBXqHX8_NALO97MldR2eESmOGjVpGJa2oYTi-23SVc3DCoW8vy9w_zS37ogkcvB7luQnMlibAfIIuS-BGVVcFfrGBZGatYFksYFIi1NaGJVqkfgNGavPt1Debrb4Iu3JUvkhQwGIBlvpaK-aFihu3r9DU9POInXkmG8PKwS4I6RIl2jY1oOI6jUapwVDHpL562MBhYxJVNKZclNlHiTOF7cKdaJR5uqW3DbFX3_JNq_KlUXetSX0D0Lzjw1IGyvrJtCkERqXfpI3t_IdpVGgnpFgNoJCJGw2Lu00SXBozfl6U9PjKZRTK6iMSj8h6EPTysmPllbuii4kUNixnR_JJJPLQnJCHtP6_CW64ZbOoVjK0mgNJ_6kaJqqlpPSTpt5Nk3ezV-I8vr528EoJglNthmyQ_B6UAhzbU9Uhm6fZm6ZWE_jm2cz2ZYqwkuD__wiXS8_8BZ9FyNkcbFhMBbA_4KPPWGla7Zetvu3dzmz-uMpbGsFx7mWr5lE5pcLfXh8XWhyEvwJpfX_OV0IfSA7pnWCHb17-0l4k03fX65G4ZIrPrydDCOY7Qo4FiKwvKY7fM-U_gW4I0xuhR7-Hp0yU8XUNO-_TjSxfJOW647wqHYJoAflIICj_--JNNQQF7M-OrYkr0z-GZOe-oAzrp&sai=AMfl-YRGWEyUvtJn-PCNM0WhwYfjIOv0ykMGV2AtVbUck_RAo8q9YjgxEoIhzV2jXO8WGb8S6pgOOtm6aEmp3Rq4wzpIxv2UCS1aglgrgKpgzOiIHVfUJD88a5rK33lf9F9RLPj-uY70gENbY5f6py7uiPbxgmC04CWhl_30nVdZOnH8DyijFQUdRhB9_6mBZ_ziq2xe5GdoP-rch1Vvm_DSS46vqMa0DzmUSscDJ3V2tOuYyyZyQrdKKUCr_C6M5qU4P1MmJtDWKUCRsfb4K14LJARot-hHSMz1YRxC3Pfnfw2gDYT15OnsZFGbpExMntm4SzOKdi6DSYzyRlrGNwUWWR258FmecB_nEp9WxvENGd-x7Omb9t9DGz1oR7I37XmnThqCsQIkng0xYBeTGi6asNue0b1LqSk2PkoFCfe5i3WrbJVpeeDZCltyEl1Z88khGCcL7a9Jl6-gr4-RNk3SAFdVnAprSj6N8K0eNtRogg7tZO5PjVnPt-_qMhPchiebhh8Khf0l7oU&sig=Cg0ArKJSzHuV4ithCPmIEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly90dWkuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=639&vt=11&dtpt=336&dett=3&cstd=301&cisv=r20240117.90697&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 73A7 236 KB
63 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9856 236 KB
63 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1902495261604645428/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1902495261604645428/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 13:11:03 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 91CB 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 11:05:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 24A4 0
20 B 192ms
192ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B2eteZSOpZZ6NN9L63wPa0RgAAAAAOAHgBAI&bg=!KyilKGfNAAZVxkGXdcY7ADQBe5WfOJhshP_imL41QrqWM88xmIQRrkFDup4rBwpZtdjpLSagV64kOraSih36AmRchj61AgAAAO1SAAAAA2gBBwoANP1pWAym30QU7vjBmzhl2YgFOR-rClZl-BGxvXquySVsriQkh41E4W7KQAMseNOmT3ES3EWZAv0RKMiFqaxW2Zs88kXzDysp3-uzgwVG8GZkicjwJ_RGJl7rruzui1R8ZY8aBA_GSbC8aFgrUgQrGVFKKvK7Qr4wXkBHoznKIRiaF4DmaoOWtEM0RSOv5RLjj6cr0PnVQYQn7EYy-Jtm84Ob4TCU8QDGg5Cag81vj2f1NVtE6x6DVSl83_YWVm0HGCbv0CkFIKWrEnOSeSVBUcf0x7c02F5RP_Lw3Cpoz24NiuLQXN_F1kHquPApxdJJvyMR6RWLy-S88OyBJs5YJQ9tV6l4kz9bjkMd0Bl40VgKmkftcgaM2xmxxRqBxoUpRF9THzYwYfJq0OljNTw0OAmpx2MD_wPx22L6TWfDTOpINCo4A_6TQNzd8Z4ohkFMMypZPW-qVyjMRvRcf9S7dVLPJbtP0L-Ys2PCSZe2tOMLU4LMu5S8-ZG9eLToP7jMyzq9qra1Mq4ojh98mvelVgJB-xqZZOWA19itd78ReBGyCikMoBIrBeRZAgQWar5lhQ8m8wVWFj5ltOIaaVbc-7s3hQWSn2wxd3Pt-kglFPMeWlnRPsCnruFMbamqkLXQzZvDfNQR2Hl5_0hAGRP7NUUkn3a-MhDStgiU33-Sw-TzbJgKPN-Dqpit3AsiJSeKEiD63sHencAckxU5AOy85jee3jhoFKNpwE5L5Tq0Yq1-4qASxyH7HqkXqfMfOzKhXrEvzn316MCqjN2BRJQqGHOiD9mCOZvIsHc_fI-RdmcHWiiGqCZXwz-XbO7Zu7H6YILrGgVUGqg5r7mD0o2OeDACbn-3zksydVD7cp106WCvB5hVXkalCDJCGyUcvDIgook8QMrMdoluGamyvC8z0oTbvFWQdN5RZf0zURoB8rMVGYO_LH3XdMuMIa8qNkj6VNUxlaJsj8pDxwZ2nTYfCxX6F1LTlqtxW0jMCpujUyAVPX16LH4kaetX3kEapKrOOJQ_L2HP5Imddqv-9lBzX_z9tyMYObJSjPi-CeQ--zoYDOe3jPLj8gcjut3ZLtaY2AQejMc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 18D8 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 11:05:03 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
372 B 46ms
46ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.viva.co.id%2F&domain=www.viva.co.id&cw=1&pbt=1&lsw=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 181000
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
317 B 63ms
55ms XHR
application/json 63.32.195.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.195.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-195-36.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache
x-server: 10.45.23.205
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
422 B 170ms
55ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: bcf148e265fcdd722ed7dab98bf0a2343fd60b90842ef67e3af170b9de4c1774

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.viva.co.id
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sat, 17 Feb 2024 13:11:03 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
182 B 212ms
93ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=157005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157005/907/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:03 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2462 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 11:05:03 GMT

GET
H3 200 CTA_FX.png
s0.2mdn.net/creatives/assets/4736540/ Frame 90C6 519 B
545 B 42ms
41ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4736540/CTA_FX.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e8e59c22f784ae124e2e4ea700d0361f147c5e67417abb1f845f49082190111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 12:59:18 GMT
x-content-type-options: nosniff
age: 705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 519
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 12:50:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 13:14:18 GMT

GET
H3 200 sky_bold.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 90C6 28 KB
28 KB 46ms
46ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcda08a8d45d378df4fdeafd2529f3c7521d3e9c3a4b12daf2fe2c919940e57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:03:54 GMT
x-content-type-options: nosniff
age: 429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28672
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 13:18:54 GMT

GET
H3 200 sky_regular.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 90C6 33 KB
33 KB 42ms
42ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:04:00 GMT
x-content-type-options: nosniff
age: 423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33980
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 13:19:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 130ms
43ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.viva.co.id%2F&domain=www.viva.co.id&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.viva.co.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.viva.co.id
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 18 Jan 2024 13:11:03 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 256250
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 90C6 8 KB
6 KB 78ms
78ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14ec7c71951f6d8de2570ab1d0ac0d1f7000b3171140327201aef7c3779e4c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5835
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8A88 0
0 75ms
74ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuY9GmUY4w058UpzM6ccNcT6XjpPXWiTR12011liNf4BicCdpfpkOQq8rlpQHG-VkQpDfsFyWLP8zlGWPw3eI7Dl-bjKyY-qg3L8MwF-3UU4PjIifc8BKe4XrLZKaCRpcCV0v-aOO0nNEDDWuHr0GlzU22eOo2ZXzKokzFt2Cl_KGgd31W9Q6mw4QIvDlv4kBaZEg6ZI0BJ7Zom--1I8HuzvwfG_BcTRlmc5mA06-aBES82R-83T4RoS18FXpDMEUjq9aGxqnou87HdGdouOA8qqub2NWkaOIsoUrF_Pg9eHefn7qrnYJD0NuaLdJv35xCn3KU6QvsIc2qew8vW4VY-PauObRZVs0TAvRo20pfXJmE8M-F9yBTGbS9Us_p14BYSiy68wHoBy_e0qhuZpdUu3jaXN8HMrDFQcz2fiv2-eOlx4a9Zx_7kX8-M2v75P0mgea-HVGu7k1QoPwxFWah2X60FUnGMqB5--TYxWGpLRsCohMt48kkNOq0Baq6wlmvT9l9g-urzouwC2xeXUMLh8QZ991cQxOiOBYMF-8unRUOniwLQux8GPpjoyB7XTMSFDlAJoAdWplTYrjImQLeSMvNftgTy3tc83-C_iyBZ13Mxlzvp_Xsq2tkaHYwgVftFKd1UHZ-D_KnIK4wAiwWNKdJFoInzIBtSZz5Cg51z6jJQVLzwtE8Rf5c7bWSgHhu5hv2kxIhiwiypKjEakHRXDLZA3Zzy7H370CUQaBN0sUY1JTHeJfL5aAX37qSCkduRXh_6orCyjQW0VKz8xxlm0UKEBLXzbxUpv-kddJlEgGoby0q7_DWbRKjYkwMiBP_fNEVi0WNS0z2TLBv8qXwobKkOGD85Pydr3cWSdXEr1qLEzYwCouRHKnphPP8a_4OJjw_Ky5sA2je1EA2XXYdLjDWuz2a8yur0ZobveRmKRhIuEJBH6HpsI7_Ob8lZAql3TXXWqQGCmBVNnjjRTTpOlT_X_xYWNt3LNyvec5kDNiXVP0kCMebpOLC5FxC_oAmXX9hfMlp7rX3-TlSdkBV2wdq9evld65r0dHNsk5URS070IrTkmYZQKsVdoLzHV1wpSzNe7maHB8Ai4oLJbnzodXSN9AO09hDEQYco7W9yS210QwvFs-9Bgg62gYdYyiF96tYIXEBq9QCnSscIAXVuZ_5Xv6SIFyQSIJFMGc2qDAjkymdO1on3S1G-h-5QkteqVh2WClVNYUVta7Fa536JAe6E5LYqsRgPf270i-g_9iQwAD_GMwPJbZ2iMNx-_uZqpuv9Uaxy1b-YvLSKg1bNAb_tF2rf_lafB2YZ3X0SL9M1zzZKoHv3vw10J0hRw-Rr5V9WUrHyA3lR9mG9y59WLXgpE3eNylIATUGn2w&sai=AMfl-YQvC9Gn58FaEkbMQUt8CoerOgMTBSBmu4yLJRG-egCMkwYC2Rf2wLZv-XF8zhMXa8eyMVjwjKRPxEezB-Gio28JHu0ITuxv8Z7BJTUWhEyTfpHmcVVxiNbSVH53bzdfktUBZKNKnLJHmSz6GPGYRcCwGeYIdZKJIkXwFFjVBCKklJd6TriwVVFt9bekSeilJPOU7NuhwuvOoYCA-wqriPdAoKzxj5DaOt3xCkLG9BiKO9XAUM3NOWo200cAZIr4zinyIx0rCVTF2bhP-uxiUZCKSjDWVPlAA_gsl4YYSw&sig=Cg0ArKJSzGB30brYwpT7EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=423&vt=11&dtpt=224&dett=3&cstd=198&cisv=r20240117.42042&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 DCO_Residential_Super_Mario_Bros_970x250.jpg_1695816401953_DCO_Residential_Super_Mario_Bros_970x250.jpg
s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/ Frame 90C6 169 KB
169 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/DCO_Residential_Super_Mario_Bros_970x250.jpg_1695816401953_DCO_Residential_Super_Mario_Bros_970x250.jpg

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15938491f1fd5bce5be56ee941bf2ddd4e9d7806a08a0b151eeee27ac2b518ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=DdJW5bwfhZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:19:42 GMT
x-content-type-options: nosniff
age: 125481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173455
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 12:07:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 02:19:42 GMT

GET
H3 200 blank.png_1672924800548_blank.png
s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/ Frame 90C6 95 B
124 B 50ms
48ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/blank.png_1672924800548_blank.png

Requested by

Host: 0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
URL: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=DdJW5bwfhZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:03:51 GMT
x-content-type-options: nosniff
age: 162432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 13:20:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 16:03:51 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DDA5 0
0 76ms
74ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8FpTMY2OrruIsr0QlbJ99LPKldC9dVf42cIqyWWvZuaFPnD3st-q_wRArPjrSKDakvcVTAig7gXqsWNYbvv3eqJLGk1zUJfJ5CwCrrd1gOxCmGDmB_r5cQ7W_EPYjtTBuCo4gdO3NYKtIQQSEXIXgHKH-7UGxBDFEkCzinS3Nj9RCoK-sjV4V_Dz9x3hbSKBdZiBZiZQLkqXXm846A7rE9QGlmxQLOpJZQPlljyw_UMmkrEEbPvEBmhngo9cS5FA8ZaGxgJP2cI9nZ3EFe545Z0siBMv96gy13vv1JLuZJp41ncTkW1UZQ5hfO6IKbWbEBounPGCMV1cSZSfQ2Yrf5IUAzoyu8J13I42ZeYEhN9trKEw4z6RWSWMO4XwarBsyIpgHfENH_bcP0-SiPrUrYVqRI7PL8DfpZ9b-TLwZnChaWHUYaXsJ1QElgiEGy-buDSbT9wJkjr9ZLEitocQ1o7J_ws9m3sXurmBeOdVmxWHjwi2eUOGbV4iSU7zzGdnPwQ5Xun8XoQnCmSnZQNZnIhIGp-bEHDYFV0cSsdl5aA6-lRw_42YMzq4SakENe3bOmXB4rXzG6PMPX96Awq0K1Vp4VSU_nqOKWK9qaABQOqkPQdKxHPleDnMLyeOwH9T1UBrAg-M9VoCLSaBkM4wPKB60s46636WeHPw-iRCg3PNksqSB2b_xNZusU_d1uNDjdHfDsRmebdsSodz8tHTlmXj9dZFCDBtrhh1O1NOa635inI-w795N734V1ch9G3fqpaVYbR0diYDEOjZfEmINIfyWsOGZsHOjwagzvYEOgLvY8_cjWVW3aW2izQdzWhuEa40dxNOWiejhBZo7P_wXUB1GOgCnU3RP1KHRwEllPV6k5MR9bLY_FChwmSc-IJ0GqPsmvUGrGqQ8rfkX0HdOIPA1tbGuvZepgB-CnNWZmHI8HhrzSTtYHcYrluxYrllwwXp49oFEZUrNM1X0BXNLcesyZJ-OjL_ct7291iQ6qDwP0BlSGWB5Sh4yrjHlZkMqu59JGqknsU2Kzatjam4TOYpI50658H1ie0LU3X5JSL1CEOyABCd4olK4RFuzwpZR9b9fLorYzSHPO6zvb2icS3u0KEz2xTfvESkxAUcRSMx2Xz4jf-aYQEg14nkBrp2HfyZORG2fEk2gZqMH081FCIo74snwpEKGK9SXrK1ElyzPe1RP9UUt0AVlRNHQRRreE6dY8XTuUQka4AB7VhzDasMfPwddctAB_hz0AAqBd00SscivzBTx5tHzsCYy8ll83OgqhIsbx5uubBKpDKAysRnl32ZSWUa8SZZmZJUaUNyZ7sRwuffT-SpPPooVdieN0Z56QHaLNCJWerFi-fPQa6Kas00QNgKW6A&sai=AMfl-YS2xGFEt0ICa2UuOuhDpolFmnZbUOzK0XfaZ-sGi2bP3WcBuboKWUDKSDgp6Llbbt3vDA3a-YdjF3VOOhsc9dZclHyV_CCDJsx1QkQZTUbUhKBhOofoBZOwPhZisYumHMfVxBabKSSkAyJtQZRxFmJofK29r24vN6f2usWtc97HcFAb2sSAguFuCCVNsntHygss42QqxBiQJaQLB8L1St-p6IcpRQPtqmDaf5cs0yr8g7XQGv9I22mkpCMdo87M-F5UlNCMLoOMPMCh8HbMgAoSe6tEYjgo62k6WjVwuA&sig=Cg0ArKJSzCMQlkRdBCkbEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=513&vt=11&dtpt=294&dett=3&cstd=213&cisv=r20240117.58827&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 90C6 27 KB
27 KB 43ms
40ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 12:57:10 GMT
x-content-type-options: nosniff
age: 833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 13:12:10 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C30 0
0 75ms
75ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3Yg1CtcMd9fRrcdoYWYuHjFR396B0R6MlTgXlWDKDEx0iGIgviFNWVMZkhqHcYmR-X--rHzhLFZwcGsgMAofpk2hlWMiAs3zCvNpElYrg7SX1umodexO9Z52fjwnTqDQWzomRJNhmHXFO_7FZx9AuGbU2dT--bG_dZM6NzOLeA-ziwrs19UMsIfMbDV3Pch6yLBfxMdyneDz6od2TLoIpJ4zDLO7HQcfSPP3Fe4EQrK8zgNn9s10GDBIsCfkukfUczZT1kgmHvQwfw45paEUx0r1Xc-NzutEgdmHKXpwfrmy2Zu7-UzvDIHFQp0yEnYzssaQkpsrDo_AG5PHbgsad2gXT_MLYuXyfkdyUuXw_kfBWr81PMN369NW5fWmmm5Nc8JE0NWTgIACA3kFmnUtoay673nfhntnwTItTSznW0_0ii91QJty5sZQPb1rkd356SQgCc6HvQObaxTQDZvu5mlvelPEY7YMT_BAxvX_BohUZ3JMreJBx_5glR6YteV46aBh-5TGubDljEZbTu2Gu-xA5G35kOG2debp5KlI8vmAMCyofRgSjq2UPbLJQ5-IGnWSSFEW0kpVxRx-WCewksqOYHGqHn89zfuFYdtoXCeha2aA7MGO5n0CDBF36AwD29rCFs8irDhCiD35t537KGHuIDLTrRkp0AnjAj7v4Z_X4jt9HLzzMpzsq2761HfG6wGY3mYDFDHfWQrBg-a4Mu0_mwUqBS5ifz18tHqLXu6YcadzNDuI5kVSPEokbml8Dgr4feopbblUmzi9ejIbFTQLkPHuxpexWi7tEaZF1ih5ecIA3hxLXSAD-PsdYH9Vx9Lb1VNzOf4Zzah66qQM-Um7gRUhsebaBKxMIrUdIPmb_Qu4QdXLgVicLduYT1AQ7HD6kdP18oKxTS2ammFiPZTZqA7pso7PJkwFjtq9mcSsyIBpi3k9JaQKZzfdiKybs5xjv8yhLPtrNqxRNto9xOmMUdwGobO8qjdkH4MYWwb6YAh_RH7wDU86ifwywaoHZIHAWvAKyJZJrFC3JGB2GW2RTIZpzHkIh_fhsMx0M9Ub9ahAgB52wUsdl6mhqW8VxAngoNiD9UTpMYFPHKmp-xGuPAmR2EDwuifFljaOVG84GwfibnpaAgVvtjUJcw5-9Yv0Cfq8jXgQgbFPU_Ydz2kIDKZxU8YAbor820LSd16RJA8QJ2-aiWJ6kIsHmxDI4eeoOHWw8kmxFQ2FvWOSNN55pEgqGL5WrW8uQEN3ouqLSMUlnomqddhWXcsjU0eGynyzIpTMjvv_Ep7mqF47Mig9EYHy4Gt0HBHLsiQJSGwLttqqrwI1hyTkQ9wP1QG76-59ORd6Iu3p8TG-NZPYHgpCp8Tw98AQTf5bqvg&sai=AMfl-YRc1CBozSXqbgOpResJe_sMlaT4JDkULDKjd6KHgUdF8VHIRog7jnwpSlNKIegSPpF9S4fK5f4DbRPrEk53riHcKYI_swcVZNhyLSEWDolH2dD0OousOa6XVbRrknFsK02x2P4knkzqGcQejLGAYiMatcMzMd2B36tNJmmHcsxgh6UbqhZUmIVpPrWdA5ze2_QFEKGtGBGLUpKql38WUf17oHUm7WaH5ZE2tl_fkH0LQM9E8WioqQiPFY_hOXwn5uS53Z-NfzS-J3uI3_ivz2c1klg_aMpWxRdqdhz4-A&sig=Cg0ArKJSzNKLWazJNboMEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=402&vt=11&dtpt=229&dett=3&cstd=172&cisv=r20240117.97641&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.viva.co.id
URL: https://www.viva.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 90C6 17 KB
6 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 13:11:04 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91CB 0
20 B 196ms
195ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BSP4rZyOpZeLVFMq99u8PrZuW6AYAAAAAOAHgBAI&bg=!X1ylXBPNAAa8BdJLnAU7ADQBe5WfOMs0i7_osjyH_x61UieVCUqNNQKK5z0DjCVnKuJpQ0uC3-zYhXx2qqZVEXkO5GqCAgAAAKRSAAAAAWgBB5kDRed288d1uapZcSbCmOAKZwo0tvXkW-EeSBN3ssWkaKLO0HNOmuWsj2dt3CSQexzICGJX0DJaWGxyrih99FnS1nxsfObJVk5wUVp6iNeF4W9pRXUkldxZ4UfOjsWiw_uPr4dgFlHUiPYNsY9-xcnI1esahzb5E2KEUUVV1ztTUxg2hCZxHvphtdyCrd16EueM73-39QaSKPBdSnn-VPuI1PAsFhGWS_m5p59A9-gxLT0K-blD1GpdpkA1CPbMW3pdCHC7xBHzS8558aRQEsIongac5E4gyOPtP97if1S1SPn8_NL-dtr119auH53rr4Y0LSMDM94HCy8L-rLKnnSmhFyGER2YMBL-VyeeEXZG7pYqjgYMha9Dgojt3pTzqCiYkW1fwyBU-IKBoSbQkAbqY-hLXcKu3KkHvw-jV04WNorDZfG6XufH18Osz6pis4qsuMKR9jfNy0XwgDW8JwoFnAzGUzI8Eny2q996MF5GTyr1zPLFpur4DsAQNMayLbk62KxfRoiTQta6fWi5vW3unIUkQC8vJp1_8_2lbiaPzyk8XsBQFeQORgyf3H307ixSz_q0bpq0VOn1CU6tlMp2WyNZQ8GqOnFhKN48IeLl2Sua0gROCTxyadu6CfSHHC8JSl-R8sMCfQLHYHt5aTEO1Em-5ZvtYQ1geAQ-KpSwXydz7qhm3ub4KiLQTv9lqNWnVxMCVwPJjL81pIkXTE0N98aqbLqdItvp0E6kyrq9oerNJ2vXedhG2p6ZLUF_263jVyfTCVm4M_HkQvaWu96ye7LyWM54-BTUdmZKgriJFjSbB2rbnxb54_cxBjjxGqq42pk1WqJBQOSVKW2VyVlYL6CedS6Rq8T5OnlgGi7rSTqd6x_zpres5PkXMHqxom8-UrWJ2A1kAkTuCTKuQyJR7qu7S0NfJ3XRsNhf6wD6DJJcAXZ8M5D4Hz1lM0LkF76IopWnfWca3_fsAgxh-FJJIBXEUnuD9ug7-rHvYLQ5jjWTFcP0N7xh7YARg8QCCFfJbR9Z-K6Rha6PFowrZEErUyesVktBj3-ZPA7Gv_cOn8ifdqxsd2wfiWrta2ET0wELcHAuSDlUdut1ZlNSS_X2wGpFTCfmJw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame C7DC 39 KB
15 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 11:05:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18D8 0
20 B 195ms
195ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B96ogZyOpZZXgFZ7K9u8PwYWJ-AMAAAAAOAHgBAI&bg=!l5SllNvNAAa8BdJLnAU7ADQBe5WfONo9xKglMyzGIe_OaTD5gFuok2HrY5FPla0EuLA55ZtfP4hbxtq2milSaL0kVW1vAgAAAMtSAAAAAmgBB5kC_42m7bUFJ7YISV7guZ2pHljJdiGj2REvgL8fxbimsfc-BhAv_hxuaPXhb4W7gqUi5lk2eLdzUFoy4ezmc_72oGN0dXlLRN9C5xbtDV9JTfO9MpFrsHB9TH-K2LrhSi4FOqkgoy8wdeQVvTRYqCECyDLxZjF37Kcqi0WAA2Udg_gUqDaiUK58-B28vlZGtW9M99Gd52h-Y-rfPH2SEzhSVv5Jy1vy0PiqAafG4yuTs_WS1Jz3E3VwSDttR0j0NvQuEXbdux7T94md8NZjaG0oEhJyM4NeMwJMWl-bt2oUWkL2fV-afT91cGmG84PYaNWpiRGnDa3eCoN0GquSNEvhS8QCgAB_jCYkoXA2vPsvi0KClNzBilwyai2lQ3ZQFcR2nocgZBJKe2EMaLumVdIKuwgyboORMVdoubYz-zGqvBnJ5M3nGklcptXOmfFgI179PCaCfND9-nxqKsDVOXpGfZ5ZaAhrVoH7OwURPdQ68wnYs3Fe5bRsC3tu-ianM5_vixhiWAHSYalJD28UVaHlGtoJIrG5qwK3OER8ESYNwB6txWvPwK0i4JsVn4fXSfs_VJ1y-WF6wxS6sc1TkHY2ZW8N1KZbfkyoizFKlB1ehloBLQvilqLwbccHoyHxa7ZSC2u5mErRGjauIgYBmGmh884y59H34ohjMJMsugyu7JltCi4hm_5gonIY5nH_RUbhmCTuO0RphYbrBnl12u7__7NaNBoO0wMYrkNfjVoWfql-NCidab7gUMA4yyXV5mh5XQZ_VdXtRbFgzn8X-iXi3KeCJttfFhgCGA9UR5EHvzwwpkcPSAsHqbSKpz80jQLqJb9UOwsLt2zIIJVC-pfF0YzqoUCmNiUqQYEb1o9l2hY_8OwWnWU7F-WvdIvanVkfloveIoowOu5qWGfW7oRaPKhdShw8aKhzU9oQdfIhZqiL6W-8McYSyAMipPz2RzHRwV975lmRlY83-19aYcA8E2lc_Hd3PwlnOM8CeJlPfxv1cCO_2X0B5wNceCdyP30G

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2462 0
20 B 199ms
199ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BkaQ7ZyOpZaXhD7W-9u8PytObmAQAAAAAOAHgBAI&bg=!2tml2ZbNAAa8BdJLnAU7ADQBe5WfOPU1EYlzRcq3eXOzXhicTBLyhSZg9pdzGzQ65DBHzwSIV90wTY8qO_Rjg3Dk2rDyAgAAANNSAAAAAmgBB5kC-4CeRVpkJkEwW-OKuKePxknESvhjt9eItvYbrOFCdhETKe7kqGQaylL_ip39gwzt9Ba6NjG7ElgAnYZd1IPON_kk73r7jmWygAXqs2SuRiF-8gpXzUAKQ3eHjR7JfrEQMb6VAP_EuHhNSzgXRxWNH2QCOPbx2768olu60ojBCHCguoCFSuqBroNuo5BHBDh8C7PwMAbZrMCmMUPsvsEJJaifutc0sLp2j3jOcLsSiteam_IAImthgd2DZ6kTnJJTT7HkZyglTgozdVMrUrlzyZdorHaHbPUPCCqY_35D9zrRkOdOxV6tEvvmOWJTVpJ1ORzUp0Q6C0WwDJsO-E3IEShyFRTO3zJKgSPCL4c6CoMLB1T1-stJJehjdFyjq9YyzuOO9nqT2vc8kVTeCzKbGPKQy3Xn5jHNhog5mYkJtK_p7j8G3mza1PxykgkoAxiGaKeJICtEymHjwANBHLFlcI1hj_qEzFuRqMfBfBXIKYgIeyJfbX_3oLq5z2Mwr0y67FXy3OuJNc07MDCFJNcZVBIinumHFHE-fZVTVzvWuTqHYGi0TExOUBsnCp56exUrSZNnEXXHi1n2-xwdYRUMeF5GduDOrdRHB-KngQMmuS6ZidhLvWRxuROuCtuw-bN3TBchVP1YBolAFO3pEo1rgfgo0yIkgyZe83v9bcEOmtI1EKFXzG8NvMlKPhAWCZ4DGpjmdQuiH2_M-QmLyp5w2wTMuS8YZSuy9_NrobCuSbJq7-cKcrpci7SGIDoiytu6V8EFm0ESeabt7D-bFX51gMDzKdSEnIVYyPYJq1KuIMcIPGlj46xxTnzTpOm1fIHK-ZHX7QHjPocUH6PHXg7EHDR8fpDhsuK_iJKKGtaJv-dNVapxB4HxCgHRiSzYr3NBBURUQhLhlGZXEBOHhKRII2K3iLfK5OqtRZAyE2tGPZAx-VqxtpfkIJTHMNZAzmuqb0uKzzjpMdsbj2jTuep9Erc7YRuRFB2G9Y83P0GJzajXECXDep-z25oBYBU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CB0D 42 B
64 B 198ms
198ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfg2YbKahCx6UET0dnQPAI7Ik8E3yUdMbqcEe8bGWdBjU3NflFuxJ9Ky-nOgQ0n0UGtArP6fuyKl_cievxIPrC_5YBe4lpDLBLX3BZN2zNNeKrzQbA1zvb4RdHxx6YNzZ-3jINxManv-uNM8Edo_V_qzWM&sai=AMfl-YQtb2Y_Que4hzjee66JLuG-0EnJmNGQ6CRatf8AjYqDd9KYE4XNEDLtFcoTGrVr80tBYqNfZlm8PMu6tGitvMlUpWcDONA5mZ_Rf23OCgSkkEHEciMt9l3WDmfLzw22hRwWq1-1f0CZGD-FAGY5ZQ&sig=Cg0ArKJSzKlpqZZK52tLEAE&cid=CAQSTwAvHhf_a7IcebrF4IJBQoIg1P03j5ZmeLvqQ9cKfg8Xk-v3mrUyN9U1ql71dOXIT72J1aOxK1jDPh1ccP9uQ6rYzmAxx7cyhrnSY1iawYEYAQ&id=ampim&o=1300,59&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=405&tls=1406&g=100&h=100&tt=1406&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viva.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DDA5 42 B
64 B 193ms
192ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufPvBTJIFAx2iIWhYKBCE9rGM4APfNN91hBpLZZawQq1bdE2SoIMDW-NP-vFoLlPBY8Dq79DF6Tp_0BwiG-CHQirlqPJ2WkVXmv-Ajp_RHBDe_sC_4SNla6tcC2Jc8sEZFYUg_pq4KoUPWcdnjo9GnZ1uA&sai=AMfl-YSJN_7spMlBj4VM8UOLgZR7Shnpzs3vtwR7odrb9A0w7NTgqdmopUdvALqtcFdmRStKKBAXsjR7RkJdq1ly-hO_m0ffH4tHke63Xvjlz2DREPRvj59alA5z63HipM3qXoIiD_m4RKCoYjMlZjPJ4Q&sig=Cg0ArKJSzDVLrS7yjaUeEAE&cid=CAQSTwAvHhf_a7IcebrF4IJBQoIg1P03j5ZmeLvqQ9cKfg8Xk-v3mrUyN9U1ql71dOXIT72J1aOxK1jDPh1ccP9uQ6rYzmAxx7cyhrnSY1iawYEYAQ&id=lidar2&mcvt=1000&p=195,315,445,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=363344576&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705583462899&rpt=552&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C30 42 B
64 B 192ms
192ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZZCi7GF3VOXBjoq6re-d7fsKCZHUgKQbYPbPNDhR6W5TTucu2xTQhdrc7h7xCH6tkRNma8ZMvMkc2HpCypTD6Fy34XvCz4gBvpeC4dDynSY0e-NZw_CW6Z5mhUfIWQ4aoBmUDU_US5uIjMIPYRxCBbAO3&sai=AMfl-YThxrWa_4BoNLie4zgU45UHgQcX2-SLpijK11QSKE5ZuLdA029wP438gcU0C90Li0wQWh6qls_qF10gZno7w_NAtH0MvNok69iplqE05i3_CjatEbOQy2HqmgUjGCzYOGUcVYAtKr6a8Z1sDDH3UA&sig=Cg0ArKJSzLHYc3FOc6IbEAE&cid=CAQSTwAvHhf_a7IcebrF4IJBQoIg1P03j5ZmeLvqQ9cKfg8Xk-v3mrUyN9U1ql71dOXIT72J1aOxK1jDPh1ccP9uQ6rYzmAxx7cyhrnSY1iawYEYAQ&id=lidar2&mcvt=1000&p=59,140,659,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1683619082&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705583462984&rpt=601&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A88 42 B
64 B 192ms
192ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsZPmrqtagIYKGQA05g-6mWtwDDQOUzKKjoCkD4nothu2OkBEkAkhkcCTVTvJDx4oyEZmHk8N9wisRQAMvm63OG7FKFgizDyGhvej2B5acQ1fGelmeGzKNS7ZmKnag3GvhtZKkk5sVo4NVL3kDpG2L0W08&sai=AMfl-YRNA3pGyWauHP0mrQj9rcWlzRGFF1O6ez8tg1n7dNEGOV1ZLLCdYaPGbmr7y_KdqEKaDqZ7uhKXsCQ9oVdm5NHOjj9o7TGdC7KzniqAL9CbG8h8_fCUx2K4kkrZfofKwIf1PRKpRAk7LZ0yB3ibpg&sig=Cg0ArKJSzAJDmaH8-uZmEAE&cid=CAQSTwAvHhf_a7IcebrF4IJBQoIg1P03j5ZmeLvqQ9cKfg8Xk-v3mrUyN9U1ql71dOXIT72J1aOxK1jDPh1ccP9uQ6rYzmAxx7cyhrnSY1iawYEYAQ&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2297056952&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705583463033&rpt=538&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/7849941690979828464/ Frame 73A7 136 KB
27 KB 40ms
40ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7849941690979828464/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b814e9a40de58a4af2de3381c55ec5b3c42ccb762e9725ece05eb80dca18ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 02:31:43 GMT
date: Wed, 17 Jan 2024 02:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27546
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 13:23:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/1902495261604645428/ Frame 9856 142 KB
28 KB 40ms
39ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1902495261604645428/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1902495261604645428/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a17f52dfc098116bf464ca28f701fefab5c90c8724de4a06a17186293f81624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1902495261604645428/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 02:23:38 GMT
date: Wed, 17 Jan 2024 02:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28901
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 13:23:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
294 B 131ms
131ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.viva.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.viva.co.id
Date: Thu, 18 Jan 2024 13:11:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DDA5 0
20 B 187ms
186ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7395854125314&version=m202309260101&ct=76&x=1&cor=15290605411367850000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/1902495261604645428/ Frame 9856 9 KB
2 KB 102ms
102ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1902495261604645428/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1902495261604645428/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0813788b894b1b2d58d6d1d94ca8f1d328d4281541bce894569ecab0cf9931a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1902495261604645428/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 02:14:14 GMT
date: Wed, 17 Jan 2024 02:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125810
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2481
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 13:23:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/7849941690979828464/ Frame 73A7 9 KB
2 KB 75ms
75ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7849941690979828464/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0813788b894b1b2d58d6d1d94ca8f1d328d4281541bce894569ecab0cf9931a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 01:03:05 GMT
date: Wed, 17 Jan 2024 01:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130080
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2481
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 13:23:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index_atlas_P_1.png
s0.2mdn.net/sadbundle/7849941690979828464/images/ Frame 73A7 86 KB
86 KB 46ms
46ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7849941690979828464/images/index_atlas_P_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0a772f347241040863bd872f82e51cb34e72e026c9e7b9ce5e44f25d4622c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 02:30:59 GMT
date: Wed, 17 Jan 2024 02:30:59 GMT
x-content-type-options: nosniff
age: 124806
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88080
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 13:23:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index_atlas_P_1.png
s0.2mdn.net/sadbundle/1902495261604645428/images/ Frame 9856 77 KB
77 KB 53ms
53ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1902495261604645428/images/index_atlas_P_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3886a08dbd28de244c643992c3325d34d2a66f2bf86abde087f4e242adaf376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1902495261604645428/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 21:53:16 GMT
date: Tue, 16 Jan 2024 21:53:16 GMT
x-content-type-options: nosniff
age: 141469
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78483
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 13:23:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A88 0
20 B 188ms
188ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=103974954717&version=m202309260101&ct=76&x=1&cor=8977530660215219000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C30 0
20 B 187ms
187ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6514038712328&version=m202309260101&ct=76&x=1&cor=5978295940392062000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 13:11:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/7849941690979828464/images/ Frame 73A7 32 KB
32 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7849941690979828464/images/index_atlas_NP_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97713e13d18b1f8b70693b8c096df7355c17431eb8f303563f29b9122685d27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 23:18:36 GMT
date: Tue, 16 Jan 2024 23:18:36 GMT
x-content-type-options: nosniff
age: 136349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32702
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 13:23:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/1902495261604645428/images/ Frame 9856 30 KB
30 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1902495261604645428/images/index_atlas_NP_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89b129cbfda2b86e22ef89a8b74b675c8963ccf379519aebd13b49b83a72ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1902495261604645428/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 02:14:59 GMT
date: Wed, 17 Jan 2024 02:14:59 GMT
x-content-type-options: nosniff
age: 125766
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30685
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 13:23:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 18:29:35	Name: _li_ss Value: CggKBgiiARCAFw
.viva.co.id/	1970-01-20 17:47:49	Name: _gid Value: GA1.3.1177065732.1705583460
.viva.co.id/	1970-01-20 17:46:23	Name: _gat Value: 1
.viva.co.id/	1970-01-21 03:22:23	Name: _ga_E7BJJNJT3T Value: GS1.3.1705583460.1.0.1705583460.60.0.0
.go.rcvlink.com/	1970-01-21 03:22:23	Name: cache Value: uJjb7dzfsWb7
.viva.co.id/	1970-01-21 03:22:23	Name: _ga_YFFX5TN9EH Value: GS1.1.1705583460.1.0.1705583460.60.0.0
.izooto.com/	1970-01-21 03:22:23	Name: IZCID Value: 2ee81b6b-48ae-4476-9e09-822e7a15c41f
www.clarity.ms/	1970-01-21 02:31:59	Name: CLID Value: 37af51d9765044b5a6264a0e1f107e36.20240118.20250117
.viva.co.id/	1970-01-20 17:46:27	Name: AMP_TOKEN Value: %24NOT_FOUND
.viva.co.id/	1970-01-21 03:22:23	Name: _ga Value: GA1.3.592416648.1705583460
.viva.co.id/	1970-01-20 17:46:23	Name: _dc_gtm_UA-85211792-1 Value: 1
.viva.co.id/	1970-01-21 02:31:59	Name: _clck Value: 3oekia%7C2%7Cfii%7C0%7C1478
.viva.co.id/	1970-01-20 17:47:49	Name: _clsk Value: 1h09z7q%7C1705583461252%7C1%7C0%7Cx.clarity.ms%2Fcollect
www.viva.co.id/	1970-01-20 18:29:35	Name: _pbjs_userid_consent_data Value: 3524755945110770
.bing.com/	1970-01-21 03:07:59	Name: MUID Value: 189F6A7ED9F263E319187E74D85E62E7
.c.bing.com/	1970-01-20 17:56:28	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:07:59	Name: SRM_B Value: 189F6A7ED9F263E319187E74D85E62E7
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:07:59	Name: MUID Value: 189F6A7ED9F263E319187E74D85E62E7
.c.clarity.ms/	1970-01-20 17:56:28	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:46:24	Name: ANONCHK Value: 0
.viva.co.id/	1970-01-20 17:46:23	Name: lotame_domain_check Value: viva.co.id
.criteo.com/	1970-01-21 03:07:59	Name: uid Value: 4f752f40-11ee-4664-bf4a-bba4eddda517
.criteo.com/	1970-01-21 03:07:59	Name: receive-cookie-deprecation Value: 1
.openx.net/	1970-01-21 02:31:59	Name: i Value: 8611ffc3-26e5-45a3-bd8d-234c14b7204d\|1705583461
.viva.co.id/	1970-01-21 03:07:59	Name: cto_bundle Value: gejDbV8lMkI0cklMZ3JHbjc2T1VFajglMkIxU0NxWklEVXclMkIzczBpaTduRlN3SHdIUGZYcUdsdFFYSWklMkJzc05FZSUyRnBzZUpYT1VkYlhGeU00UUh0JTJCcHBFNiUyRkZBaVlHV3Bma043TU1FdUNZeTVWamY5dnI4RGFIeml5JTJGNnpiVllKTjB3aFQ0bmx6WXVnRm1PdVFKaXlwZmhCZWVKeVRRJTNEJTNE
.casalemedia.com/	1970-01-21 02:31:59	Name: CMID Value: ZakjZhCKSxXVFVI0l.NevgAA
.casalemedia.com/	1970-01-20 19:55:59	Name: CMPS Value: 3349
.casalemedia.com/	1970-01-20 19:55:59	Name: CMPRO Value: 3349
.quantserve.com/	1970-01-20 19:55:59	Name: d Value: ECYBDQH3KrjvsQA
.quantserve.com/	1970-01-21 03:16:37	Name: mc Value: 65a92366-6c666-64a63-85f4c
.adform.net/	1970-01-20 18:31:01	Name: C Value: 1
.turn.com/	1970-01-20 22:05:35	Name: uid Value: 3660946005994303575
.adform.net/	1970-01-20 19:12:47	Name: uid Value: 2053105214117429247
.doubleclick.net/	1970-01-21 03:07:59	Name: IDE Value: AHWqTUlwwqM4wWjFftzfSrccoKlSP48tjQccf9GeV0b7IwsgA-K4wUnKR5i7iK6SalI
.liadm.com/	1970-01-21 03:22:23	Name: lidid Value: d9ab92e2-c7b0-476c-b143-0a984fd65c82
.amazon-adsystem.com/	1970-01-20 23:56:28	Name: ad-id Value: A3GfRMANmE8TpO1i9Z8frwU
.amazon-adsystem.com/	1970-01-21 03:22:23	Name: ad-privacy Value: 0
.viva.co.id/	1970-01-21 03:07:59	Name: __gads Value: ID=da5da8da7307dc12:T=1705583461:RT=1705583461:S=ALNI_MYJUjgkZ9s8S5fdSCyfA-zUn3F5IA
.viva.co.id/	1970-01-21 03:07:59	Name: __gpi Value: UID=00000d43bc3cbc73:T=1705583461:RT=1705583461:S=ALNI_MbI5rNpjUk2bsFxx-_McIY1NBRPAg
.rezync.com/	1970-01-20 22:05:35	Name: zync-uuid Value: 1d16ff57-46f6-44a3-8ef4-be35338dae79:1705583463.1607707
.doubleclick.net/	1970-01-20 17:46:27	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:05:35	Name: APC Value: AfxxVi7peaCkCmlUgGVeDQX5DA1f30JK48fz9PvAQcWTAhoHfLKrtQ
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1srQ0MTU2MLQwNhTiM9Q1y882NY_ydkvyDioEADvOMeAlAAAA
.rfihub.com/	1970-01-21 03:07:59	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1srQ0MTU2MLQwNhTiM9Q1y882NY_ydkvyDioEADvOMeAlAAAA
.rfihub.com/	1970-01-21 03:07:59	Name: eud Value: H4sIAAAAAAAA_1XIsQ2AMAwEwAmoModRrLf9gW0SJR6IkpJJKRHl3VWoUyPTKRYZYtYhbaXJWHCgzb54nMrq3mCBXaOSlXfZvjTY87e_zi0t3FoAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4MAccGg3cQKFpHJ3z0XbljNB8ZwU9wWpHpevEUDt1Xxeo0YUPHFbKqn8AZ3N7w86AAAA
.adnxs.com/	1970-01-20 19:55:59	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?(u_-sM!@wnfH8K6pQK`!5=E<L5?%K1j(xS'ieG.ohrwFa0i]v-dFhROBR$Ac0$?3_bpRzqF1`b_X4*-6KY
.adnxs.com/	1970-01-21 03:22:23	Name: XANDR_PANID Value: 7G-YiA6ZYEU_xX8vZUaBl93E3TuRObsaqPXythESEtI1Ot5GV6SG-Ny8QmX4ahgXra_1Et0xY1DX_3M8uh5HVGVTDGTe1lYakptsvfE5nNc.
.adnxs.com/	1970-01-20 19:55:59	Name: uuid2 Value: 1744055783085542657
live.rezync.com/	1970-01-20 22:05:35	Name: sd-session-id Value: .eJwNykkOwjAMAMC_-NyguLazfaYKxJEiaEBNuVD17_Q40hywfHRbc9e-Q9q3r07weLVLA9IBo_1WfUICQSKao8wxspDFQAjnBEPHaO--tHIdLOhqFW_YVWeYM5mglc1dSYhCyepjQm9FArGjGzrrvfVw_gGwtiWp.ZakjZw.y46Xi4CYLOXhV3dYZeHFu589PBM
www.viva.co.id/	1970-01-20 17:46:27	Name: _lr_retry_request Value: true
www.viva.co.id/	1970-01-20 18:29:35	Name: _lr_env_src_ats Value: false
.demdex.net/	1970-01-20 22:05:35	Name: demdex Value: 13562192480481634624277579031924405642
.skydeutschland.demdex.net/	1970-01-20 22:05:35	Name: skydeutschland Value: 13562192480481634624277579031924405642
m.exactag.com/	1970-01-20 19:55:59	Name: exactag_new_gk Value: 2f2136b504834035a8497979b3a37d52%7C18.03.2024%2013%3A11%3A03
m.exactag.com/	1970-01-20 22:05:35	Name: exactag_new_uk Value: 549728d130354546bb3482124df899d1%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 557210b57b7349d4b99ccb5c
www.viva.co.id/	1970-01-20 19:12:47	Name: pubmatic-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-01-18T13%3A11%3A03%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=1d16ff57-46f6-44a3-8ef4-be35338dae79%3A1705583463.1607707&_=1705583463.1625004 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://www.viva.co.id/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.viva.co.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a4b10514696043d7e9e68034f010fdf.safeframe.googlesyndication.com
a.teads.tv
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
api-rengine-stg.viva.id
api.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
c.bing.com
c.clarity.ms
c1.adform.net
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.indexww.com
cdn.izooto.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
cms.quantserve.com
data-rengine.viva.co.id
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
go.rcvlink.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
invstatic101.creativecdn.com
js-sec.indexww.com
live.rezync.com
m.exactag.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
prg-apac.smartadserver.com
region1.analytics.google.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
skydeutschland.demdex.net
sso.thevivanetworks.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
t.pubmatic.com
tags.crwdcntrl.net
thumb.viva.co.id
tlx.3lift.com
tpc.googlesyndication.com
ut.pubmatic.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.viva.co.id
x.clarity.ms
api.rlcdn.com
104.18.35.167
104.18.36.155
136.243.84.75
142.250.181.230
142.250.185.194
142.250.74.194
162.19.138.116
172.64.149.180
172.64.151.101
18.165.183.44
18.65.39.29
185.64.189.112
185.64.189.226
185.64.190.82
193.0.160.130
198.47.127.19
20.114.190.119
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
23.211.9.91
23.52.123.144
2600:9000:25a2:1a00:8:48e:53c0:93a1
2600:9000:25a2:7a00:a:e047:753:a221
2606:4700:10::6816:3658
2606:4700:10::6816:3758
2606:4700:10::ac43:266a
2606:4700:20::681a:7d6
2606:4700:3035::ac43:87f6
2606:4700::6810:5814
2606:4700::6812:d941
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:808::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a02:2638:3::3
2a02:2638:3::c
3.120.222.225
3.33.220.150
34.102.146.192
34.120.107.143
34.255.50.52
34.96.70.87
34.98.64.218
35.244.174.68
37.157.4.28
37.252.172.123
52.46.151.131
54.243.108.10
54.70.25.67
63.32.195.36
64.74.236.31
65.9.66.104
68.219.88.97
76.223.111.18
85.14.248.72
89.149.192.192
017a761e140476b31c509a04d75401f0d0fc16d99c1bc2ef03a78ab5519ccc44
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06c09cc4da7b409a54293acc0f244e36e2185906174802e37875351fcb7e7a42
07aeafc3abac717331327b8d0cf0ef4b0bf160ed31da23d7851cf2825aadbf74
0813788b894b1b2d58d6d1d94ca8f1d328d4281541bce894569ecab0cf9931a6
0a43bf49567c71acd7a53e1cdb82940710e70cdf17c7ab1ae8ceb9bdc36c1516
0b7e453f56b14780317e486bfe8714241b2b58cc97274a319ceaee663911b88d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0dd2c416c3dfcdc1f48962dfd1310e72467d51990916eaf20ef26297106b685f
0e8e59c22f784ae124e2e4ea700d0361f147c5e67417abb1f845f49082190111
10251e1644c453a1b0ae9c51412ed5534d1d6b0def1f1dbc7725d9c6f1cb3f0d
14ec7c71951f6d8de2570ab1d0ac0d1f7000b3171140327201aef7c3779e4c60
15938491f1fd5bce5be56ee941bf2ddd4e9d7806a08a0b151eeee27ac2b518ce
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1b54667f2604f8b93930d1f03f0779bf2e81fdace89dafe580c7bb80971841
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
1ec95068389e95fc9de5b8ede2365b4b0e0cc61b4834d69912104c038587128e
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20abd9f43eeecccbb5d000c63540bc4f4debd757fc8a75dc7223b7bd48ce82da
273e821545a2266807e6727a03409dbf5847d4ea9e9772c5a805b8a9c0a6d08c
288a22ffc91efc3d480223a6d01055f0a9cccd13edceeae7fb82ce9dee9d7896
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
2af13d01e84f02dbf639ade1e6fe16464763b30660aadb5d89525cd3066c8546
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f30bc28c4e1079ae2eeba42b81bf119c8e303b099285c6bf186e2737abe21c8
2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
3610ab58586e4ac937af60fe2e086cd4d6385568d85a4c94bdbe086df6a261fa
36668d983b328b2426643f5b15c2ed9337df7f4405cb37b9b690086183b3ccfe
3789b5498325cf8b466514ccb32b95560de6d135b93f794d77c8ae6009ee4535
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3dad8023dcbc60276ab316da676636411830f7d17444fcfe70714751d4f07060
3dd103ba888c627706f31656287652d5fceb9ef7a7099eec5a07aac2f7d397dd
40c5d3698edd60e72617ab3f17e0c5cf265067470c65a433f8cacd0fd4235d6d
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46072ff450e58861395db6f972ea897ef9e4869c2779aed03527b5b0f994bbb5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4798307508aa969c667bc00cdc86c744cabcf5f70e65ed9abb74957f2b5db577
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
53b902277d956cb287cc65da44046904f3e333c977f27dd2cc1ff9c5c41561ff
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5571264c01dbc05a743318b7e95eef7bfeb633ff095d015337ae8c696cc023b4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ab83f409797cac91d2c9460b08304e6d60672180280a6d8948d9252c641c25
5636fdafa03e708c0937947995f726a2276cfe90281b985f49759a23469e756d
5a17f52dfc098116bf464ca28f701fefab5c90c8724de4a06a17186293f81624
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
5b4f43f1029b548899e5620c37bc6f40753327379d5cafbcbcfa2ee7dba6658f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a82ed499909e2232b1bdc3807b4d81bb6497115338abc33d60472c8f0f7bfd
63098da30ac921f0513c578ec1418f869b57385cf038cdc527c8893f38d63370
642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620
679200d4f85b43c2bb416009d7af328f911bf6f55ec077baea8c2a5e7fb166bf
685779e0c39417fd2049e2981107f300b7ab07b523c38f014fceada2e3b35ce6
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b814e9a40de58a4af2de3381c55ec5b3c42ccb762e9725ece05eb80dca18ad2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bcf0a10ac5ae75320ce381d79a1fe6925ee987d5b4a2e0bbaeaf243e9740d38
6d87a54d9e853fc621a01f49b8e1d63b02ead71c059e09ce7d886976505c98a3
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
72fceb17bb92baacf248770a9bac801c61fc078966d821508e135cd991498399
73a69cf2a641205f7113f570db28ad9c33d2e517fa9a0f37cca7d8c46ad3e8c5
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7acd5322498400ef9bc0557db2d783b30f18c2463ae7944bff7ad017daab884b
7ed6481586185d0bc792d7a80390d717d4aa5774bfb85bb95ab09341773d9f93
82abce0fe71054b83fd78d28aeea185d5423e823a6a3c556daed054ffa8ec0d9
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84714fb67f035a8801213a5623d70a6b8ff162d57b8649f21711e40456594422
84b768087f57a7c18074c2fe4ccb13641b706ee99dc2eef4138971d903716354
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87198853dfb318d5d7a4b2ed5efd3f8badc62e4588a16445a38f3c3f0b6f6118
87f21656043bdb4376994e87569d02f4f1551511402c3358bc56723baaefb947
896ccae98814bba7253d0e3e328ccf3dc94a0e95e321a85b9b074af3b3157bfa
89d64f8363e9fe274098d3a8744fc70607e0482d5cb955b65a4753d04673bef4
8e2b5c2cf41c59fd0f560489a9c737146f718f65572f652d4662707f97678322
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8eb063dd5efc39b1b3492ea35f77a7fa157fbdbd8ef1dcbeb885d9349066f3c4
8f1c16b6a9b3bbd5c33f22e5fb32d892d233ba7631da317d35a245a6f70b4ceb
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
97713e13d18b1f8b70693b8c096df7355c17431eb8f303563f29b9122685d27a
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f9762cd613e0d36e9bb53f8c51d5e4c5393d3452e34e9dd532348fe3489475
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9db8c130da0cd35c484e842b0b3ca4931e2006a33d687950cd400dc39728ed41
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3886a08dbd28de244c643992c3325d34d2a66f2bf86abde087f4e242adaf376
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a571fbade65c67dd77285cae77101b1dc3b1ecc7b3e7fbb28ab356b6c1d69510
a5c236cde0220b8cc58845f8b5dd00dd5bbfc109e5a0ee623bb9fa00753c8ffc
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a89306d44791afa482b05eca81136304a9b63e0b2be0967b2cda0a3f64af5df0
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9b0999f439d6fc07e37171f45a1cef5a75c419dcfcc28321ec6f2ce12011b07
aaa800dd3592c5bfa842c7d3b6d1982a73b433f6614be6c0f1566c58e0cffd8e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad7a92f0cdae168ce1370e4942178468e0a40f71d52c4ae1d2302a45727c2473
ad7b24c06a8f429c6737b4f41e931b4852bcb2db481d916e2e03f6839521ca5a
ae5f2df856109a86820c1a9a5599f89ea22884b247fd8bcaa46a53e30c624fce
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b127a23ecc6f89444978df823ef1e9086efb39b89cdc4ef7f2814d93d6eed2b0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
b8d673259d0bfc678aacef4e63f8ea06ec4b8694faa22927ec51e4a79ee5976c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb788ca67295bb93a57fbfb68f266a82fd82e26c279c63abf28778180660baf8
bbc64e4fa32a2b559e7a575912c79a3963b8215825c433c9226f60b0642596dd
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc5e335fe3571dbab8bca01a367f3876191db95264692139b626c80bff6dc39d
bce36fdaf29294f2e97155cc22e21047fbdd2f322d5b89bdc96ffe28c523ca80
bcf148e265fcdd722ed7dab98bf0a2343fd60b90842ef67e3af170b9de4c1774
be651cb02ca20ab57e55f7fbe4f90fcd535e81161c1011f655ff6e0a87092b1c
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
bf8f8703af54c9622eb20ae65eef1d223676852252e5e08bdce5f5829d32d240
c0e5b5225d49e42790aac246a9e24efd59af61a4aa1aab8eb7eb68cea3215bd8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25e8070c9a9276daba003fee12e739d8f5f18738ea4d56f8be8df707389ad04
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
ca95a93493caca87372748da55838b6f35d46d02aaa80f1be7d0a828ad86b7ac
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
ce05aab1e4ce23e06a3e6820a73aee164c8aac8abd6424336090df4842ed3445
d0a772f347241040863bd872f82e51cb34e72e026c9e7b9ce5e44f25d4622c02
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d21641fdb7bf587eb08631b69bcced71285987d5bbb85ccf75a93673e6910779
d22dfcb302da250bee26bd83618246a14e3acfe60435f15d6b6b5376a2e5099f
d3a2057db3596d937fc4e3269b10ecb4c31e1c1f6dcc3970db55708411e1ae17
d50241eb01f1a558d4291b0a3b576a2904fe8f6add1599a4c9172ab8897c1033
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
d70ebb6738a43c35fc87da8b1aa0a2760a98bbf227e6635370944b30fc174666
d781bb8800ce7a95168ca8e02a9e9f7c18382aa832a8ba222ad82a73ffa73759
d89b129cbfda2b86e22ef89a8b74b675c8963ccf379519aebd13b49b83a72ef1
dcda08a8d45d378df4fdeafd2529f3c7521d3e9c3a4b12daf2fe2c919940e57b
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7f0e098372e5a4b42b8d878df4db509285b487f7ffa62251cce9c75ce2d571
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8b41f2f22126f6ce5573bf3c99247af9f8e8a0883cf3b91250ef0c61f39c009
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed9ad716a3ba72b80579ff05cd06b9e7fa11ecdb0df6ed7f3a57b52bb2fa81e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f05e51f708b643ae47a73901b6e2d91e1d95b7d2c4430f6ea233398772da69ae
f228ecb988442325ab311d34ac84c698bbb74edbf16be3a9a3aa2ebb3ff7dfd6
f236b26f99d646b96467519eb08ee88afc4e17decb93a60a106c8c68dcab891c
f3a141359db35ddc2ec37fa5290e16e08165e83005a14f0064b4bb075fd89b3a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5cf8138eca565ba0df697f21b9491a8e77dab62c4860a8b7ffc88fa10153f4f
f6cf6d5639ffcd747e54049ad4bdcca846425e4def6279d2f012c497b2bc2521
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f788f7f435cb386dab1f27c42e3ba38738f782b9c6dc35c474ad26626d2cc31c
f7e8f31d9b7bf5a67dd0ad68768afd7a745145553b3f43bb4dee06955f40ff6e
fb08d51471bfd789d128934d1fbaf547ee3593322ebc8aaf7f9c6dada9c3f5df
fb6097e7723e67d1c3cd42c32d06d167f299dc4533e7df509e61b59fd4f986ca
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
fbf0af2030686af9c2b66c8db72742c57530aae9b91b7ae8e3700a24e32578b0
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff393d6091ca6df956a189411d7f152ec4957f71b09ab2a0ae3d6089c7a5ce16
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

www.viva.co.id Open in urlscan Pro 2606:4700:10::6816:3658 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

327 Requests

89 %HTTPS

47 %IPv6

49 Domains

80 Subdomains

65 IPs

9 Countries

3855 kBTransfer

9940 kBSize

59 Cookies

68 Outgoing links

Page URL History

Redirected requests

327 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.viva.co.id Open in urlscan Pro
2606:4700:10::6816:3658 Public Scan

Screenshot
Live screenshot

Full Image

327
Requests

89 %
HTTPS

47 %
IPv6

49
Domains

80
Subdomains

65
IPs

9
Countries

3855 kB
Transfer

9940 kB
Size

59
Cookies

327 HTTP transactions
9 data transactions