kaltim.tribunnews.com Open in urlscan Pro
13.224.189.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kaltim.tribunnews.com/
Effective URL:
https://kaltim.tribunnews.com/
Submission: On September 18 via api (September 18th 2022, 7:37:35 pm UTC) from US — Scanned from DE

Summary HTTP 322 Redirects Links 111 Behaviour Indicators

Summary

This website contacted 67 IPs in 10 countries across 39 domains to perform 322 HTTP transactions. The main IP is 13.224.189.93, located in United States and belongs to AMAZON-02, US. The main domain is kaltim.tribunnews.com. The Cisco Umbrella rank of the primary domain is 450265.
TLS certificate: Issued by Amazon on July 5th 2022. Valid for: a year.

This is the only time kaltim.tribunnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	13.224.189.93 13.224.189.93	16509 (AMAZON-02) (AMAZON-02)
15	13.225.78.74 13.225.78.74	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	13.225.78.80 13.225.78.80	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
29	13.225.78.11 13.225.78.11	16509 (AMAZON-02) (AMAZON-02)
1	18.66.15.39 18.66.15.39	16509 (AMAZON-02) (AMAZON-02)
5	13.224.189.126 13.224.189.126	16509 (AMAZON-02) (AMAZON-02)
15	13.224.189.54 13.224.189.54	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.99.68 13.32.99.68	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	18.155.153.29 18.155.153.29	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.16 13.225.78.16	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::200d	15169 (GOOGLE) (GOOGLE)
1	110.238.107.108 110.238.107.108	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.198.174.222 18.198.174.222	16509 (AMAZON-02) (AMAZON-02)
6	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6	185.86.137.32 185.86.137.32	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.64.190.77 185.64.190.77	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
4	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	185.89.211.83 185.89.211.83	29990 (ASN-APPNEX) (ASN-APPNEX)
5	185.86.139.58 185.86.139.58	201081 (SMARTADSE...) (SMARTADSERVER)
5	185.89.211.26 185.89.211.26	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.171.128.128 163.171.128.128	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
3 6	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4 45	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
5	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
3	114.119.175.30 114.119.175.30	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
21	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	185.59.208.153 185.59.208.153	43541 (VSHOSTING) (VSHOSTING)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
2	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
322	67

2 13.224.189.93 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-93.fra2.r.cloudfront.net

kaltim.tribunnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.225.78.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-74.fra2.r.cloudfront.net

cdn-1.tstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

delivery.r2b2.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-80.fra2.r.cloudfront.net

cdn-3.tstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 13.225.78.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-11.fra2.r.cloudfront.net

cdn-2.tstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-39.vie50.r.cloudfront.net

t-1.tstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.189.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-126.fra2.r.cloudfront.net

t-2.tstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.224.189.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-54.fra2.r.cloudfront.net

t-3.tstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-68.fra60.r.cloudfront.net

asset.kompas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.155.153.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-153-29.ham50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-16.fra2.r.cloudfront.net

apis.kompas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 110.238.107.108 (Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-110-238-107-108.compute.hwclouds-dns.com

hb.jixie.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.174.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-174-222.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

kompascybermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)

prg8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.43 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.211.83 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

r2b2-emea.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.211.26 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

etarget-emea.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.128.128 (Germany)

ASN54994 (QUANTILNETWORKS, US)

scripts.jixie.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 114.119.175.30 (Singapore, Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-114-119-175-30.compute.hwclouds-dns.com

traid.jixie.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.208.153 (Czech Republic)

ASN43541 (VSHOSTING, CZ)
PTR: webgarden-track-lb-ha2.vshosting.cz

trackad.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

content.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	tstatic.net cdn-1.tstatic.net — Cisco Umbrella Rank: 79622 cdn-3.tstatic.net — Cisco Umbrella Rank: 101685 cdn-2.tstatic.net — Cisco Umbrella Rank: 27894 t-1.tstatic.net — Cisco Umbrella Rank: 124064 t-2.tstatic.net — Cisco Umbrella Rank: 105349 t-3.tstatic.net — Cisco Umbrella Rank: 164690	674 KB
62	googlesyndication.com 4 redirects 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	916 KB
24	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 static.doubleclick.net — Cisco Umbrella Rank: 340 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	890 KB
21	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7378 c.mgid.com — Cisco Umbrella Rank: 5166 cdn.mgid.com — Cisco Umbrella Rank: 10101 servicer.mgid.com — Cisco Umbrella Rank: 7579 s-img.mgid.com — Cisco Umbrella Rank: 4409 cm.mgid.com — Cisco Umbrella Rank: 1883	200 KB
18	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 761 gum.criteo.com — Cisco Umbrella Rank: 406 mug.criteo.com — Cisco Umbrella Rank: 2876	13 KB
17	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 77 ampcid.google.com — Cisco Umbrella Rank: 2077 region1.analytics.google.com — Cisco Umbrella Rank: 5636 adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	77 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	284 KB
11	smartadserver.com prg8.smartadserver.com — Cisco Umbrella Rank: 17931 prg.smartadserver.com — Cisco Umbrella Rank: 1396	5 KB
10	adnxs.com r2b2-emea.adnxs.com — Cisco Umbrella Rank: 45370 etarget-emea.adnxs.com — Cisco Umbrella Rank: 44770	46 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	4 KB
6	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 466	8 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	219 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6352 adservice.google.de — Cisco Umbrella Rank: 9081 ampcid.google.de — Cisco Umbrella Rank: 56545	2 KB
5	spotxchange.com search.spotxchange.com — Cisco Umbrella Rank: 485	6 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1122 id5-sync.com — Cisco Umbrella Rank: 463	28 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 673	88 KB
4	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433 ads.pubmatic.com — Cisco Umbrella Rank: 462 image8.pubmatic.com — Cisco Umbrella Rank: 607	134 KB
4	jixie.io hb.jixie.io — Cisco Umbrella Rank: 51044 traid.jixie.io — Cisco Umbrella Rank: 43820	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	222 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 691	78 KB
2	zeotap.com content.zeotap.com — Cisco Umbrella Rank: 11015	37 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1406	670 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 831	169 B
2	openx.net kompascybermedia-d.openx.net — Cisco Umbrella Rank: 58674 u.openx.net — Cisco Umbrella Rank: 650	513 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 543 eb2.3lift.com — Cisco Umbrella Rank: 407	651 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 153	2 KB
2	kompas.com asset.kompas.com — Cisco Umbrella Rank: 40739 apis.kompas.com — Cisco Umbrella Rank: 53735	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	89 KB
2	tribunnews.com 1 redirects kaltim.tribunnews.com — Cisco Umbrella Rank: 450265	38 KB
1	trackad.cz trackad.cz — Cisco Umbrella Rank: 111157	506 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 342	394 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	410 B
1	jixie.media scripts.jixie.media — Cisco Umbrella Rank: 39981	26 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 797	2 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1270	252 B
1	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18967	183 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 479	567 B
1	r2b2.io delivery.r2b2.io — Cisco Umbrella Rank: 49127	90 KB
322	39

	Domain	Requested by
45	tpc.googlesyndication.com	4 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com kaltim.tribunnews.com
29	cdn-2.tstatic.net	kaltim.tribunnews.com
15	t-3.tstatic.net	kaltim.tribunnews.com
15	cdn-1.tstatic.net	kaltim.tribunnews.com cdn-1.tstatic.net
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com kaltim.tribunnews.com www.googletagservices.com
11	fonts.gstatic.com	kaltim.tribunnews.com fonts.googleapis.com
10	static.doubleclick.net	8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
9	securepubads.g.doubleclick.net	kaltim.tribunnews.com securepubads.g.doubleclick.net
8	cdn.mgid.com	jsc.mgid.com
8	www.google.com	1 redirects kaltim.tribunnews.com tpc.googlesyndication.com 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
7	bidder.criteo.com	cdn-3.tstatic.net delivery.r2b2.io
6	fonts.googleapis.com	8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com client
6	gum.criteo.com	3 redirects kaltim.tribunnews.com
6	8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	prg8.smartadserver.com	cdn-3.tstatic.net
6	fastlane.rubiconproject.com	cdn-3.tstatic.net
6	www.gstatic.com	kaltim.tribunnews.com 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
5	www.googletagservices.com	8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
5	mug.criteo.com
5	etarget-emea.adnxs.com	delivery.r2b2.io
5	prg.smartadserver.com	delivery.r2b2.io
5	r2b2-emea.adnxs.com	delivery.r2b2.io
5	search.spotxchange.com	cdn-3.tstatic.net
5	t-2.tstatic.net	kaltim.tribunnews.com
4	cm.mgid.com	jsc.mgid.com
4	jsc.mgid.com	securepubads.g.doubleclick.net jsc.mgid.com
4	region1.analytics.google.com	www.googletagmanager.com
4	static.criteo.net	delivery.r2b2.io cdn-3.tstatic.net static.criteo.net
3	traid.jixie.io	scripts.jixie.media
3	www.google.de	kaltim.tribunnews.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	accounts.google.com	cdn-1.tstatic.net accounts.google.com
3	www.googletagmanager.com	kaltim.tribunnews.com www.googletagmanager.com
3	maxcdn.bootstrapcdn.com	kaltim.tribunnews.com maxcdn.bootstrapcdn.com
2	content.zeotap.com	ads.pubmatic.com
2	id5-sync.com	cdn.id5-sync.com
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com
2	cdn.id5-sync.com	jsc.mgid.com
2	ads.pubmatic.com	jsc.mgid.com
2	s-img.mgid.com	jsc.mgid.com
2	servicer.mgid.com	jsc.mgid.com
2	googleads.g.doubleclick.net	8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	targeting.unrulymedia.com	cdn-3.tstatic.net
2	sb.scorecardresearch.com	kaltim.tribunnews.com
2	connect.facebook.net	kaltim.tribunnews.com connect.facebook.net
2	kaltim.tribunnews.com	1 redirects
1	u.openx.net
1	eb2.3lift.com
1	image8.pubmatic.com
1	c.mgid.com	jsc.mgid.com
1	trackad.cz	delivery.r2b2.io
1	match.adsrvr.org	scripts.jixie.media
1	ampcid.google.de	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ampcid.google.com	www.google-analytics.com
1	www.facebook.com	kaltim.tribunnews.com
1	scripts.jixie.media	www.googletagmanager.com
1	unpkg.com	www.googletagmanager.com
1	hbopenbid.pubmatic.com	cdn-3.tstatic.net
1	kompascybermedia-d.openx.net	cdn-3.tstatic.net
1	tlx.3lift.com	cdn-3.tstatic.net
1	a.teads.tv	cdn-3.tstatic.net
1	prebid-asia.creativecdn.com	cdn-3.tstatic.net
1	htlb.casalemedia.com	cdn-3.tstatic.net
1	hb.jixie.io	cdn-3.tstatic.net
1	apis.kompas.com	cdn-1.tstatic.net
1	asset.kompas.com	kaltim.tribunnews.com
1	t-1.tstatic.net	kaltim.tribunnews.com
1	cdn-3.tstatic.net	kaltim.tribunnews.com
1	delivery.r2b2.io	kaltim.tribunnews.com
322	72

This site contains links to these domains. Also see Links.

Domain
www.tribunnews.com
www.tribunnewswiki.com
style.tribunnews.com
travel.tribunnews.com
wow.tribunnews.com
newsmaker.tribunnews.com
video.tribunnews.com
www.tribunjualbeli.com
health.tribunnews.com
trends.tribunnews.com
jakarta.tribunnews.com
wartakota.tribunnews.com
bekasi.tribunnews.com
banten.tribunnews.com
tangerang.tribunnews.com
depok.tribunnews.com
jabar.tribunnews.com
bogor.tribunnews.com
cirebon.tribunnews.com
jateng.tribunnews.com
solo.tribunnews.com
banyumas.tribunnews.com
pantura.tribunnews.com
jogja.tribunnews.com
jatim.tribunnews.com
surabaya.tribunnews.com
suryamalang.tribunnews.com
mataraman.tribunnews.com
madura.tribunnews.com
bali.tribunnews.com
aceh.tribunnews.com
prohaba.tribunnews.com
sultra.tribunnews.com
medan.tribunnews.com
palembang.tribunnews.com
bangka.tribunnews.com
batam.tribunnews.com
belitung.tribunnews.com
babel.tribunnews.com
padang.tribunnews.com
bengkulu.tribunnews.com
pekanbaru.tribunnews.com
jambi.tribunnews.com
sumsel.tribunnews.com
lampung.tribunnews.com
kupang.tribunnews.com
flores.tribunnews.com
banjarmasin.tribunnews.com
kalteng.tribunnews.com
kaltara.tribunnews.com
manado.tribunnews.com
gorontalo.tribunnews.com
sulbar.tribunnews.com
pontianak.tribunnews.com
palu.tribunnews.com
makassar.tribunnews.com
lombok.tribunnews.com
ternate.tribunnews.com
ambon.tribunnews.com
papua.tribunnews.com
papuabarat.tribunnews.com
www.tribunnetwork.com
www.gramedia.com
ebooks.gramedia.com
www.youtube.com
www.facebook.com
instagram.com
twitter.com
news.google.com
account.tribunnews.com
tribunkaltimwiki.tribunnews.com
tribunkaltimtravel.tribunnews.com
shopping.tribunnews.com
www.kgmedia.id

Subject Issuer	Validity	Valid
tribunnews.com Amazon	`2022-07-05` - `2023-08-03`	a year	crt.sh
tstatic.net Amazon	`2022-07-05` - `2023-08-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
1838731126.rsc.cdn77.org R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-28` - `2022-09-26`	3 months	crt.sh
kompas.com Amazon	`2022-04-03` - `2023-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.jixie.io Sectigo RSA Organization Validation Secure Server CA	`2022-04-30` - `2023-05-31`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-29`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.jixie.media Sectigo RSA Organization Validation Secure Server CA	`2022-08-28` - `2023-09-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.trackad.cz AlpiroSSL ECC DV CA	`2022-05-30` - `2023-06-29`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://kaltim.tribunnews.com/
Frame ID: FF0F780C9E82A5B0C2C90ED82DEC038B
Requests: 170 HTTP requests in this frame

Frame: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 134992C545798DED9862257501E6215E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kaltim.tribunnews.com
Frame ID: CEA7F87A8CA50EEB72E95CE9621A6903
Requests: 2 HTTP requests in this frame

Frame: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B27FFA8DC4A3831258A5DC942B7CAF94
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7C63C99D269AB8EAA9653D10B078B1E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 23EB66A7E334570A7BBE6721EEF2F60E
Requests: 2 HTTP requests in this frame

Frame: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 594E02260DC0C158104DBE319769B91C
Requests: 19 HTTP requests in this frame

Frame: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2C334F75FA69AEAA9988E3F35B058178
Requests: 19 HTTP requests in this frame

Frame: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F90399236F12E3431096C6DF5B99CDC7
Requests: 7 HTTP requests in this frame

Frame: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DA6F04CF4D008E29A4BCCDF1DE90ECE1
Requests: 18 HTTP requests in this frame

Frame: https://jsc.mgid.com/t/r/tribunnews.com.1210784.js
Frame ID: C558EF5661B6E981D92FB5E736F41798
Requests: 21 HTTP requests in this frame

Frame: https://jsc.mgid.com/t/r/tribunnews.com.1181811.js
Frame ID: CAA3E776C0145201C9DEEFF7622105BD
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/index.html
Frame ID: C2A0A8E3AB0378C3F6739BFCF8181FFE
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5CF1C44C7AF16110D6F0CB8CFC5A0645
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1663529849888823613397
Frame ID: 664F8274775FD163BE18D32A306CC48F
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1663529849988292975842
Frame ID: C27A4242362835025E218E5639FB617A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Frame ID: 589F36B147408441CA12B4432FCD77AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Frame ID: 4F1AE02FE45405DE3F8A96072DF447A2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Frame ID: 4D1EAEC7B9C090CD017F1FE6AFB0F924
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Frame ID: 05997CEF1173690712814E2FFD9C9484
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tribunkaltim.co - Berita Terkini Kalimantan

Page URL History Show full URLs

http://kaltim.tribunnews.com/ HTTP 301
https://kaltim.tribunnews.com/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

322
Requests

96 %
HTTPS

48 %
IPv6

39
Domains

72
Subdomains

67
IPs

10
Countries

4204 kB
Transfer

8556 kB
Size

35
Cookies

111 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tribunnews.com/
Title: Network

Search URL Search Domain Scan URL

URL: https://www.tribunnewswiki.com/
Title: TribunnewsWiki.com

Search URL Search Domain Scan URL

URL: https://style.tribunnews.com/
Title: TribunStyle.com

Search URL Search Domain Scan URL

URL: https://travel.tribunnews.com/
Title: TribunTravel.com

Search URL Search Domain Scan URL

URL: https://wow.tribunnews.com/
Title: TribunWow.com

Search URL Search Domain Scan URL

URL: https://newsmaker.tribunnews.com/
Title: TribunNewsmaker.com

Search URL Search Domain Scan URL

URL: https://video.tribunnews.com/
Title: Tribun-Video.com

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/
Title: TribunJualBeli.com

Search URL Search Domain Scan URL

URL: https://health.tribunnews.com/
Title: TribunHealth.com

Search URL Search Domain Scan URL

URL: https://trends.tribunnews.com/
Title: TribunTrends.com

Search URL Search Domain Scan URL

URL: https://jakarta.tribunnews.com/
Title: TribunJakarta.com

Search URL Search Domain Scan URL

URL: https://wartakota.tribunnews.com/
Title: WartaKotalive.com

Search URL Search Domain Scan URL

URL: https://bekasi.tribunnews.com/
Title: TribunBekasi.com

Search URL Search Domain Scan URL

URL: https://banten.tribunnews.com/
Title: TribunBanten.com

Search URL Search Domain Scan URL

URL: https://tangerang.tribunnews.com/
Title: TribunTangerang.com

Search URL Search Domain Scan URL

URL: https://depok.tribunnews.com/
Title: TribunnewsDepok.com

Search URL Search Domain Scan URL

URL: https://jabar.tribunnews.com/
Title: TribunJabar.id

Search URL Search Domain Scan URL

URL: https://bogor.tribunnews.com/
Title: TribunnewsBogor.com

Search URL Search Domain Scan URL

URL: https://cirebon.tribunnews.com/
Title: TribunCirebon.com

Search URL Search Domain Scan URL

URL: https://jateng.tribunnews.com/
Title: TribunJateng.com

Search URL Search Domain Scan URL

URL: https://solo.tribunnews.com/
Title: TribunSolo.com

Search URL Search Domain Scan URL

URL: https://banyumas.tribunnews.com/
Title: TribunBanyumas.com

Search URL Search Domain Scan URL

URL: https://pantura.tribunnews.com/
Title: Tribun-Pantura.com

Search URL Search Domain Scan URL

URL: https://jogja.tribunnews.com/
Title: TribunJogja.com

Search URL Search Domain Scan URL

URL: https://jatim.tribunnews.com/
Title: TribunJatim.com

Search URL Search Domain Scan URL

URL: https://surabaya.tribunnews.com/
Title: Surya.co.id

Search URL Search Domain Scan URL

URL: https://suryamalang.tribunnews.com/
Title: SuryaMalang.com

Search URL Search Domain Scan URL

URL: https://mataraman.tribunnews.com/
Title: TribunMataraman.com

Search URL Search Domain Scan URL

URL: https://madura.tribunnews.com/
Title: TribunMadura.com

Search URL Search Domain Scan URL

URL: https://bali.tribunnews.com/
Title: Tribun-Bali.com

Search URL Search Domain Scan URL

URL: https://aceh.tribunnews.com/
Title: SerambiNews.com

Search URL Search Domain Scan URL

URL: https://prohaba.tribunnews.com/
Title: Prohaba.co

Search URL Search Domain Scan URL

URL: https://sultra.tribunnews.com/
Title: TribunnewsSultra.com

Search URL Search Domain Scan URL

URL: https://medan.tribunnews.com/
Title: Tribun-Medan.com

Search URL Search Domain Scan URL

URL: https://palembang.tribunnews.com/
Title: Sripoku.com

Search URL Search Domain Scan URL

URL: https://bangka.tribunnews.com/
Title: BangkaPos.com

Search URL Search Domain Scan URL

URL: https://batam.tribunnews.com/
Title: TribunBatam.id

Search URL Search Domain Scan URL

URL: https://belitung.tribunnews.com/
Title: PosBelitung.co

Search URL Search Domain Scan URL

URL: https://babel.tribunnews.com/
Title: BabelNews.id

Search URL Search Domain Scan URL

URL: https://padang.tribunnews.com/
Title: TribunPadang.com

Search URL Search Domain Scan URL

URL: https://bengkulu.tribunnews.com/
Title: TribunBengkulu.com

Search URL Search Domain Scan URL

URL: https://pekanbaru.tribunnews.com/
Title: TribunPekanbaru.com

Search URL Search Domain Scan URL

URL: https://jambi.tribunnews.com/
Title: TribunJambi.com

Search URL Search Domain Scan URL

URL: https://sumsel.tribunnews.com/
Title: TribunSumsel.com

Search URL Search Domain Scan URL

URL: https://lampung.tribunnews.com/
Title: TribunLampung.co.id

Search URL Search Domain Scan URL

URL: https://kupang.tribunnews.com/
Title: Pos-Kupang.com

Search URL Search Domain Scan URL

URL: https://flores.tribunnews.com/
Title: TribunFlores.com

Search URL Search Domain Scan URL

URL: https://banjarmasin.tribunnews.com/
Title: BanjarmasinPost.co.id

Search URL Search Domain Scan URL

URL: https://kalteng.tribunnews.com/
Title: TribunKalteng.com

Search URL Search Domain Scan URL

URL: https://kaltara.tribunnews.com/
Title: TribunKaltara.com

Search URL Search Domain Scan URL

URL: https://manado.tribunnews.com/
Title: TribunManado.co.id

Search URL Search Domain Scan URL

URL: https://gorontalo.tribunnews.com/
Title: TribunGorontalo.com

Search URL Search Domain Scan URL

URL: https://sulbar.tribunnews.com/
Title: Tribun-Sulbar.com

Search URL Search Domain Scan URL

URL: https://pontianak.tribunnews.com/
Title: TribunPontianak.co.id

Search URL Search Domain Scan URL

URL: https://palu.tribunnews.com/
Title: TribunPalu.com

Search URL Search Domain Scan URL

URL: https://makassar.tribunnews.com/
Title: Tribun-Timur.com

Search URL Search Domain Scan URL

URL: https://lombok.tribunnews.com/
Title: TribunLombok.com

Search URL Search Domain Scan URL

URL: https://ternate.tribunnews.com/
Title: TribunTernate.com

Search URL Search Domain Scan URL

URL: https://ambon.tribunnews.com/
Title: TribunAmbon.com

Search URL Search Domain Scan URL

URL: https://papua.tribunnews.com/
Title: Tribun-Papua.com

Search URL Search Domain Scan URL

URL: https://papuabarat.tribunnews.com/
Title: TribunPapuaBarat.com

Search URL Search Domain Scan URL

URL: https://www.tribunnetwork.com/career/
Title: Karir

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/epaper
Title: Tribun Epaper

Search URL Search Domain Scan URL

URL: https://www.gramedia.com/
Title: Gramedia.com

Search URL Search Domain Scan URL

URL: https://ebooks.gramedia.com/
Title: Gramedia Digital

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr8WCDMH5PpPq6uUxHg5A7w?sub_confirmation=1
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Tribunkaltimcoid/120758761279486
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/tribunkaltim/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/tribunkaltim
Title: Twitter

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMLCLjgswpOegAw?hl=id&gl=ID&ceid=ID%3Aid
Title: Google News

Search URL Search Domain Scan URL

URL: https://account.tribunnews.com/home?navsource=aHR0cHM6Ly9rYWx0aW0udHJpYnVubmV3cy5jb20v
Title: Profile

Search URL Search Domain Scan URL

URL: https://account.tribunnews.com/login/dHJpYnVubmV3cw==/aHR0cHM6Ly9rYWx0aW0udHJpYnVubmV3cy5jb20v
Title: Login

Search URL Search Domain Scan URL

URL: https://account.tribunnews.com/register/dHJpYnVubmV3cw==/aHR0cHM6Ly9rYWx0aW0udHJpYnVubmV3cy5jb20v
Title: Mendaftar

Search URL Search Domain Scan URL

URL: https://tribunkaltimwiki.tribunnews.com/
Title: TribunKaltimWiki.com

Search URL Search Domain Scan URL

URL: https://tribunkaltimtravel.tribunnews.com/
Title: TribunKaltimTravel.com

Search URL Search Domain Scan URL

URL: https://video.tribunnews.com/view/453155/mah-bongkar-awal-perkenalan-dengan-hacker-bjorka-baru-kenal-langsung-diberi-imbalan-100-dolar

Search URL Search Domain Scan URL

URL: https://video.tribunnews.com/view/453128/heboh-permohonan-nikah-beda-agama-dikabulkan-pn-jaksel-kemendagri-sebut-hanya-mencatatkan

Search URL Search Domain Scan URL

URL: https://shopping.tribunnews.com/2022/09/17/5-rekomendasi-parfum-rambut-anti-bau-wangi-seharian?utm_source=kaltim&utm_medium=widget&referral=shopping

Search URL Search Domain Scan URL

URL: https://shopping.tribunnews.com/2022/09/17/cocok-untuk-komputasi-harian-5-laptop-ini-dibanderol-dengan-harga-rp-5-jutaan?utm_source=kaltim&utm_medium=widget&referral=shopping

Search URL Search Domain Scan URL

URL: https://shopping.tribunnews.com/2022/09/17/tips-sederhana-bikin-rambutmu-wangi-seharian-yuk-coba?utm_source=kaltim&utm_medium=widget&referral=shopping

Search URL Search Domain Scan URL

URL: https://shopping.tribunnews.com/2022/09/17/hindari-5-kesalahan-ini-jika-ingin-pakaian-tetap-awet-termasuk-penggunaan-pemutih-berlebih?utm_source=kaltim&utm_medium=widget&referral=shopping

Search URL Search Domain Scan URL

URL: https://shopping.tribunnews.com/2022/09/17/5-rekomendasi-spin-mop-terbaik-bersihkan-lantai-lebih-efisien-waktu-dan-tenaga?utm_source=kaltim&utm_medium=widget&referral=shopping

Search URL Search Domain Scan URL

URL: https://shopping.tribunnews.com/?utm_source=kaltim&utm_medium=widget&referral=shopping
Title: ›

Search URL Search Domain Scan URL

URL: https://video.tribunnews.com/view/453106/beri-jawaban-sambil-senyum-akhirnya-terungkap-keberadaan-bjorka-madiun-seusai-hilang-misterius

Search URL Search Domain Scan URL

URL: https://video.tribunnews.com/view/453171/ridwan-kamil-sentil-hacker-bjorka-akui-warganya-resah-ada-yang-datanya-dicatut-parpol-untuk-daftar

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-tengah/2524794/promo-gudang-strategis-siap-pakai-di-sragen
Title: PROMO GUDANG STRATEGIS SIAP PAKAI DI SRAGEN

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-tengah
Title: Jawa Tengah

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-timur/2524777/3-unit-kavling-lokasi-strategis-malang-kota
Title: 3 UNIT KAVLING LOKASI STRATEGIS MALANG KOTA

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-timur
Title: Jawa Timur

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-barat/2524876/hp-apple-iphone-12-64gb-mint-green-bekas-ibox-fullset-icloud-aman-normal-bekasi
Title: HP Apple iPhone 12 64GB Mint Green Bekas iBox Fullset iCloud Aman Normal - Bekasi

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-barat
Title: Jawa Barat

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-barat/2524917/tanah-kavling-kebun-murah-view-gunung-suasana-pedesaan-sejuk-di-bogor
Title: Tanah Kavling Kebun Murah View Gunung Suasana Pedesaan Sejuk di Bogor

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-barat/2524911/rumah-2-lantai-siap-huni-kota-harapan-indah-bekasi
Title: Rumah 2 Lantai Siap Huni Kota Harapan Indah Bekasi

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/dki-jakarta/2524905/di-sewakan-studio-full-furnish-mewah-apartemen-green-bay-pluit
Title: Di Sewakan Studio Full Furnish Mewah Apartemen Green Bay Pluit

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/dki-jakarta
Title: DKI Jakarta

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-barat/2524900/miliki-hunian-nyaman-aman-strategis-cluster-sukahati-village-di-cibinongbogor
Title: MILIKI HUNIAN NYAMAN AMAN STRATEGIS CLUSTER SUKAHATI VILLAGE DI CIBINONG,BOGOR

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/dki-jakarta/2511703/dijual-tanahrumah-tua-harga-nego-jakarta-pusat
Title: Dijual Tanah/Rumah Tua Harga Nego - Jakarta Pusat

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-barat/2524858/perumahan-di-cibinong-cluster-sriwijaya-tanpa-dp-cukup-5-jt-allin
Title: Perumahan Di Cibinong Cluster Sriwijaya Tanpa Dp Cukup 5 Jt allin

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-barat/2524856/damallia-cantik-cluster-baru-di-keradenan-cibinong-tanpa-dp-cukup-5jt
Title: Damallia Cantik Cluster Baru Di Keradenan Cibinong Tanpa Dp Cukup 5jt

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-barat/2524846/cluster-baru-di-cibinong-damallia-cantik-dekat-stasiun-bojonggede
Title: Cluster Baru Di Cibinong Damallia Cantik Dekat Stasiun Bojonggede

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-timur/2524820/rumah-murah-malang-dekat-kota-400-jutaan-siap-huni
Title: Rumah Murah Malang Dekat Kota 400 Jutaan Siap Huni

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/di-yogyakarta/2524813/rumah-murah-200jt-all-in-di-gunung-kidul
Title: RUMAH MURAH 200JT ALL IN DI GUNUNG KIDUL

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/di-yogyakarta
Title: DI Yogyakarta

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-timur/2524806/kost-di-malang-siap-huni-bangunan-konsep-3-lantai
Title: Kost Di Malang Siap Huni Bangunan Konsep 3 Lantai

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/jawa-tengah/2524795/rumah-dekat-alun-alun-kebumen-pemda-kebumen-trio-mall-rita-pasaraya-rs-permata-medika
Title: Rumah Dekat Alun-Alun Kebumen, PEMDA Kebumen, Trio Mall, RITA Pasaraya, RS Permata Medika

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/pasang-iklan/
Title: Pasang Iklan

Search URL Search Domain Scan URL

URL: https://www.kgmedia.id/
Title: KG Media

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/about/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/help/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/pedoman/
Title: Pedoman Media Siber

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kaltim.tribunnews.com/ HTTP 301
https://kaltim.tribunnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 161

https://gum.criteo.com/sid/json?origin=publishertag&domain=tribunnews.com&sn=ChromeSyncframe&so=0&topUrl=kaltim.tribunnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=pCXde3xxOUpYaUswSWFBdE9uclNnQXZPQlNlTU5ONThxd05EcUZEb3ZzYXBlbVhGMnpxMnU2bU0zQWFLZXFVSUppUVNkaEZKczRsZDdWZHNQWTR6bDAvNWlSb00vWDVsQmk5K0VwbkJzdStHbFlOQjE5THo4VERxNkljVVZnZHUwSkR6TXZ6MXZCWjFaT2dmcmtsNGx5WWFCZFhER2FwQVhQMHpBbGJYS0lhS2N2MWJMM3VyekVvSUdKMUQxUER6RlRDdElvS1BtcmFMb1gvbzBncTlnTjd6YzM0RUVsaXRjYU40SXJVdU5FK24rMWtJYXFqVnZYOHZLSUcwa0lkNnVZOVRlYy9CMEt1YXdWMnZUQjY3VmlWYlZaUT09fA&cppv=2

Request Chain 179

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 194

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 210

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 236

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 253

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 293

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkaltim.tribunnews.com%2F&domain=kaltim.tribunnews.com&bundle=a2qgul85YUFGekhYaklTNm1TOUoxcEdSR1l3alJWZVhOQWVjQk1OamRiZGthdDdQZFVKVzRSUGolMkZiWXZoUWdnd0JtbzdrVG12c0JxUUpWZHRWc2dZcFhXb3FkQXlEaExZY1o2cXowdmxVYzRuc0Q5eUFBbyUyQjB2NW5Wejk4Z1ZxU25JMXZzam9BVFNWV2h1OGptY3U5S1JyY0ZRJTNEJTNE&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=OX2sD3xMVlZnRE1vajEzYjZ3RzRxMXdrNzRDZDdHNVltNmQrNkozTWVLUVhyWFpUUFJYY0tNQW9lVkVkL3RKZXJNM09EMDViQnVoQlNseFplRndTT1VRb2xYM0kzVVRmQWFJZmNRUS9CMWtLT1p4d21hQVRzYlRLbEJjR0I3VWl0bGFyRk80dHJVb2pGcFJIdW9HbUExS1pOUlRQbWlMNnRVRU9zSXB5aW1oa2FhUDRBNzlPZklVT0dkSU1ya1dFVDVIUnpVaml4N1V5L1Z4dndPbExJMnhPSldxVUFVT002MnY2aUFjOVdSTTlhLzdtdFBTRm5RYmRHZHovblVYT2RzV2Zhck5Vemp0UTBWbVA5c1Y1dHgrZmJzNFpKVk5pTlMxMVI4NEdqaGt3VnVMbz18&cppv=2

Request Chain 297

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkaltim.tribunnews.com%2F&domain=kaltim.tribunnews.com&bundle=a2qgul85YUFGekhYaklTNm1TOUoxcEdSR1l3alJWZVhOQWVjQk1OamRiZGthdDdQZFVKVzRSUGolMkZiWXZoUWdnd0JtbzdrVG12c0JxUUpWZHRWc2dZcFhXb3FkQXlEaExZY1o2cXowdmxVYzRuc0Q5eUFBbyUyQjB2NW5Wejk4Z1ZxU25JMXZzam9BVFNWV2h1OGptY3U5S1JyY0ZRJTNEJTNE&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=DMM_b3xoOFlzczFFSzdHNzVJL3lXc1Y2RU1YcTNXVVJZODBBUWVDS2JaakJwcTJYb2dmWXRMS3JMdU5zOElTYzc3V3JMbU9CemNlelZuL2p6NG5DSkRtTmpUTmFkbFFBcXpBRDhBSW5tcklzd0VjNk5WaFBWbG5UTnQzN1hhRUFtYnBxMEtyRjlkbkVGVC8wTi9kaERLNllYSkpBOXB1N0YzQ3pnRXAvQlhNcXdBSmZnN1F2MXNkMy9RMklMZWE3czFxV2tiZmFwS1ltSVVmcWIzYkhPTVdZaEREMWZGQ2NvVXlJZDV3WWk2eHB2VWkrdDFnOUxSK0lhdlBnUWQ4STJNM2NhejNsYVhOM29FRHpSM3Y1ZURYdXdkallyYkVPblA3RnlETEs5NlBLMlFvND18&cppv=2

322 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kaltim.tribunnews.com/
Redirect Chain

http://kaltim.tribunnews.com/
https://kaltim.tribunnews.com/

233 KB
37 KB

64ms
23ms

Document
text/html

13.224.189.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-93.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

972da80e295d7259617f8b5729d9929b2c3871551ef7ac27ebf492116b0a9c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65800
cache-control: no-transform
content-encoding: gzip
content-length: 37490
content-type: text/html; charset=UTF-8
date: Sun, 18 Sep 2022 01:20:45 GMT
server: Apache
vary: Accept-Encoding,User-Agent
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-id: pRjE4w0rZdybH1wuWd2g6f-r2ffFkwg_HcfsFvblQdkDAp0JStXDNg==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-we-need-to-talk: Thank You
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Sun, 18 Sep 2022 19:37:26 GMT
Location: https://kaltim.tribunnews.com/
Server: CloudFront
Via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 87eglmgx-YoiTnbCDqfP0hD7Tld7UVfrENLz_mZeBkjj-8zcWfV7-w==
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Redirect from cloudfront

GET
H2 200 style_daerah_web_20211015.css
cdn-1.tstatic.net/css/theme21/ 52 KB
13 KB 86ms
22ms Stylesheet
text/css 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/css/theme21/style_daerah_web_20211015.css
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba060e050ddbf1949a31f1a83e21113f6b28ce54dc3c2b8ab2f2e054da264078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: ckgSl0zm_mOzeCeeHxGqJA7pn49fwh0T
content-encoding: gzip
etag: W/"223666b5db992916533756e32ee56c6e"
age: 760656
x-amz-meta-sha256: ba060e050ddbf1949a31f1a83e21113f6b28ce54dc3c2b8ab2f2e054da264078
x-cache: Hit from cloudfront
last-modified: Fri, 15 Oct 2021 03:26:16 GMT
server: AmazonS3
date: Sat, 10 Sep 2022 00:19:57 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Q4K1d2nXbC9e3Q3Jnnb8vlwJ-sy-7DvzcGMLMVZea1lD0hjWmwxTcQ==
x-amz-meta-s3b-last-modified: 20211015T032149Z

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 96ms
47ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 12503927
cdn-cachedat: 2021-04-27 02:55:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 20ef76385c78a44fceb260bdcc05eda0
cf-ray: 74cc89470e37cc62-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 jquery-1.8.3.min.js Show response
cdn-1.tstatic.net/js/jquery/ 91 KB
33 KB 100ms
36ms Script
application/javascript 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/jquery/jquery-1.8.3.min.js
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 11:46:03 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2015 04:27:56 GMT
server: AmazonS3
age: 1842684
etag: W/"e1288116312e4728f98923c79b034b67"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: VJ7e3NrdlhpJSCicVTYih02Cs2Sbz4Fh7v6BlsQPDdhBjCbTudtFrg==
expires: Tue, 24 Mar 2015 16:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 339ms
35ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82a67dae51abad2836db7ff977cc143dec0e7ff3c263ba76188195677862a5f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27863
x-xss-protection: 0
server: sffe
etag: "1338 / 50 of 1000 / last-modified: 1663366039"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 18 Sep 2022 19:37:27 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 85ms
18ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
Origin: https://kaltim.tribunnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 03:01:29 GMT
x-content-type-options: nosniff
age: 405357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8892
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 14 Sep 2023 03:01:29 GMT

GET
H2 200 jquery.fancybox_2.min.css
cdn-1.tstatic.net/js/fancybox2.1.3/ 4 KB
2 KB 105ms
42ms Stylesheet
text/css 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/fancybox2.1.3/jquery.fancybox_2.min.css
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 01:48:59 GMT
content-encoding: gzip
age: 841708
x-amz-meta-sha256: ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a
x-cache: Hit from cloudfront
last-modified: Wed, 10 Jun 2020 05:52:59 GMT
server: AmazonS3
etag: W/"9dba4b0617628815180b9c368b6bf56e"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: text/css
x-amz-cf-id: n1vCUq6WFpdSnqlWoTNIAk5Mp4_lp9phB8Zh2CHZSQg-oFEglbwkAA==
x-amz-meta-s3b-last-modified: 20200610T055203Z

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
6 KB 96ms
47ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 617, 617
age: 12860666
cdn-cachedat: 2021-04-23 00:57:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6fd55a5acd176e269a69edc3257a66da
cf-ray: 74cc89470e39cc62-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 tribun.1.8-20190807.js Show response
cdn-1.tstatic.net/js/tribun/ 8 KB
3 KB 51ms
42ms Script
application/x-javascript 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/tribun/tribun.1.8-20190807.js
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92d6b966c3b2fb58c469e35de5c5cdf8cdaa30ea9bb7a3e15e1b86765f892452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 08 Jul 2019 09:22:04 GMT
date: Sun, 28 Aug 2022 19:52:25 GMT
content-encoding: gzip
last-modified: Mon, 08 Jul 2019 09:23:15 GMT
server: AmazonS3
age: 1813502
etag: W/"be91403c70880ee1b6e1f2ee7540a674"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: application/x-javascript
x-amz-cf-id: 2UeSKrioLNXDOXxwJq0Ldkixa854ZcPLB6H_DOV0MGeYI6VF6p54CA==

GET
H2 200 jquery.bxslider.mini.js Show response
cdn-1.tstatic.net/js/bxslider/ 19 KB
5 KB 45ms
37ms Script
application/javascript 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/bxslider/jquery.bxslider.mini.js
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 130368e1880972a560164d6a42407eb853179a8eb98aa11b3ec7605296dfe775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 01:47:04 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2015 04:27:51 GMT
server: AmazonS3
age: 2483423
etag: W/"d7163e041d3b536a19694784ad2ec6da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: KhiPXWU_-Fogd7jdafEqNLbXrMDpOV8Yw4RJOTt_Qy-9Zrte0DuNMw==
expires: Tue, 24 Mar 2015 16:00:00 GMT

GET
H2 200 jquery.fancybox.pack.js Show response
cdn-1.tstatic.net/js/fancybox2.1.3/ 22 KB
9 KB 50ms
41ms Script
application/javascript 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/fancybox2.1.3/jquery.fancybox.pack.js
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ff9d4ae2b3407b031e3359007ff4d7ac9e0b342f25ce44c77d3cb7f14f65043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 01:59:37 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2015 04:27:55 GMT
server: AmazonS3
age: 2396270
etag: W/"38b8a249b8b955e0c789a490847d9cc5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: X1QD-OoypCzl0vQt5zU0NFJLOOsX7u9G4ipsGds3rj3AWgFKfkbYVQ==
expires: Tue, 24 Mar 2015 16:00:00 GMT

GET
H2 200 tribunnews.com_desktop Show response
delivery.r2b2.io/hb/kompasGramedia/ 309 KB
90 KB 233ms
104ms Script
text/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f6409f41205c674fae4e28a1db03e6d48df3b9f78928b6a62906959850f21655

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: gzip
x-77-nzt-ray: k0XeJWeOUxA
x-77-cache: MISS
x-cache: EXPIRED
x-age: 8878
content-length: 91853
x-77-nzt: Abk73BA05BCbriIAAA
x-accel-expires: @1663533447
adt-powered-by: slim
server: CDN77-Turbo
etag: 6e9ace7d96e1978ea48cfbdd6d65a9ec
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=1800
accept-ranges: bytes

GET
H2 200 prebid6.29.1-19082022.js Show response
cdn-3.tstatic.net/ads/prebid/ 333 KB
101 KB 94ms
26ms Script
application/x-javascript 13.225.78.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f35bb4bcaf2396e85660c9e3d973f2096814c4953cabf71cd308611ed932d8af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Fri, 19 Aug 2022 04:20:37 GMT
date: Thu, 25 Aug 2022 04:00:16 GMT
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 04:21:39 GMT
server: AmazonS3
age: 2129832
etag: W/"23986ded528aca6846a7a14814957cff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: PW-m1X9YtltYpto4kxSKbF3WmHAdro7UJ4y7o9OX6oWDMc9_cHJPaw==

GET
H2 200 glightbox.min.css
cdn-1.tstatic.net/css/glightbox/ 13 KB
3 KB 83ms
20ms Stylesheet
text/css 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/css/glightbox/glightbox.min.css
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 09:04:37 GMT
content-encoding: gzip
age: 1852370
x-amz-meta-cache-control: max-age=2592000, public
x-amz-meta-sha256: 17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
x-cache: Hit from cloudfront
last-modified: Fri, 08 May 2020 08:14:16 GMT
server: AmazonS3
etag: W/"7443f26fb8ef9bb0368d931f2b1f1cb5"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: text/css
x-amz-cf-id: Gsxu5I3FyYPRfGodjoX0KMZyo1ZGT8OTUpq1SNeBxK5guU4UZJOgSA==
x-amz-meta-s3b-last-modified: 20200331T194635Z

GET
H2 200 glightbox.min.js Show response
cdn-1.tstatic.net/css/glightbox/ 40 KB
12 KB 82ms
19ms Script
application/javascript 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/css/glightbox/glightbox.min.js
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 11:50:07 GMT
content-encoding: gzip
age: 632840
x-amz-meta-cache-control: max-age=2592000, public
x-amz-meta-sha256: 3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
x-cache: Hit from cloudfront
last-modified: Fri, 08 May 2020 08:14:31 GMT
server: AmazonS3
etag: W/"c8e60c852f16b93503708e1b27423274"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: cowEAuWjMHrTiNaKYaQhJL4LCCMa2q91ozIqa5ZcxChKoRToXqRB5g==
x-amz-meta-s3b-last-modified: 20200331T184655Z

GET
H2 200 sdk.js Show response
connect.facebook.net/id_ID/ 3 KB
2 KB 124ms
28ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/id_ID/sdk.js

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

02adbac2565f8480082711bd2c6fe1a1c4b18ee79f1af7807c1f43fd7d154963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kaltim.tribunnews.com/
Origin: https://kaltim.tribunnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: isfhEmsGU5UeI31dmELXAQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: GaWf3+JKRnvO8kR5xD4w0cwBJf+84PXezA5b0gQvbiAU1yl9yums1DewH2UlpbdKpIBcq9P1z4L2IBNe0nn88g==
x-fb-trip-id: 720026100
x-fb-content-md5: e9dfdd344ba7dc1b8c5fcf7d347edb35
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Sep 2022 19:37:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "90ea7a616c02e0c6ebc60fe19920aa5e"
timing-allow-origin: *
expires: Sun, 18 Sep 2022 19:53:03 GMT

GET
H2 200 tribunkaltim.svg
cdn-1.tstatic.net/img/logo/daerah/svg3/ 6 KB
3 KB 52ms
44ms Image
image/svg+xml 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1.tstatic.net/img/logo/daerah/svg3/tribunkaltim.svg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e0d3550b3d55984b039a7e45983a8a6e47cf560b185a77c489bb66e1fe24cae5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9d5d12a54433b1d85e081a062fb600ce"
last-modified: Thu, 22 Feb 2018 09:01:50 GMT
server: AmazonS3
age: 2475878
x-amz-meta-cb-modifiedtime: Thu, 22 Feb 2018 08:54:16 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
date: Sun, 21 Aug 2022 03:52:49 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: NPqq01QMBDkD1Ef6l2F9loZq3nhjL2jlpNCN1quuMcJ05dnPdguFnA==

GET
H2 200 Logo_T_blue.svg
cdn-1.tstatic.net/img/logo/tribun/svg/ 2 KB
2 KB 44ms
36ms Image
image/svg+xml 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1.tstatic.net/img/logo/tribun/svg/Logo_T_blue.svg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Fri, 24 Jul 2015 09:49:00 GMT
date: Sat, 10 Sep 2022 06:48:23 GMT
content-encoding: gzip
last-modified: Sat, 15 Aug 2015 14:25:23 GMT
server: AmazonS3
age: 737344
etag: W/"2881375fb0f9e7fc4d0a2f42434696e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: ze8za19hYMBgM76-Q-dUOQrhVZ73yTdVmVX5PUztuvd38ARHzbO-jg==

GET
H2 200 q321424213213.jpg
cdn-2.tstatic.net/kaltim/foto/bank/images2/ 58 KB
58 KB 88ms
26ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/images2/q321424213213.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6654ba54b8c9ef959768420dcb208c9a4ffa1acf396378701e24dd6fe3320f62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 23:36:07 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 22:38:14 GMT
server: AmazonS3
age: 72080
etag: "c9a1988d2044ff91972f7e72f0114a2f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 58936
x-amz-cf-id: yGI_ZRsYXSbOnNS3kFkCrvrfmhAiASIv7uihtwXbtVBAmHIj8ehdMw==

GET
H2 200 bjorka-mah-korem.jpg
cdn-2.tstatic.net/kaltim/foto/bank/images2/ 62 KB
63 KB 141ms
79ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/images2/bjorka-mah-korem.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b518d39acf51fc8c1dc75d758eea2417ece08ee08a21a0acfa350f789da66525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 00:06:22 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 21:43:13 GMT
server: AmazonS3
age: 70265
etag: "4152d7b09c34210251b28371d756487e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 63838
x-amz-cf-id: 02em7r5vAi_zN4TqPA4nvTW3zzkS6oJvzK8hU4Bk6GK1-VbaqV2opQ==

GET
H2 200 Striker-Red-Bull-Salzburg-Noah-Okafor-Penye.jpg
cdn-2.tstatic.net/kaltim/foto/bank/images2/ 48 KB
48 KB 128ms
67ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/images2/Striker-Red-Bull-Salzburg-Noah-Okafor-Penye.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c90a6d38f4475d1ca22b57ad8ea01ef77204a755a6ac2ad7d7aacecd3fbde5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 01:06:43 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 07:34:32 GMT
server: AmazonS3
age: 66644
etag: "7a7af61c44e1e28501612efc9cf416fb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 48664
x-amz-cf-id: y0qldZnVI_4MoWGHdDbwxZI2mSc1qYVTwVzjEOo9U_bMe4OoY174MQ==

GET
H2 200 SSSTikTok-29822.jpg
cdn-2.tstatic.net/kaltim/foto/bank/images2/ 28 KB
28 KB 138ms
76ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/images2/SSSTikTok-29822.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdcd60e61a6e9ce53b77eee8ae99c758241a71cd5320799bb8c58948e8da1ebf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 01:06:44 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Mon, 29 Aug 2022 09:29:46 GMT
server: AmazonS3
age: 66644
etag: "8bdefc03d8d8fa98469935c1b48096c8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 28548
x-amz-cf-id: c_lscNuNtmBhc_WfFQzv4SdkewTw6kQLTgeT8MJ7mKSAFxabQ31_gw==

GET
H2 200 elsaal.jpg
cdn-2.tstatic.net/kaltim/foto/bank/images2/ 61 KB
61 KB 92ms
55ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/images2/elsaal.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93ac1b418cf868e42d4f34c599f4b20920a362a1c69b692da6865d0ab8b9a929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:42:34 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 03:44:32 GMT
server: AmazonS3
age: 100494
etag: "b15f3356221d418ce426d0fb69bcc598"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 62446
x-amz-cf-id: GFQnLA5yVaWAO5bojE3M0vKzSdjNiw93b6l0mKRvNZJBkGEoW04nAw==

GET
H2 200 q321424213213.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 5 KB
6 KB 100ms
65ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/q321424213213.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b863f7dbb61c2061033870ba4e51f44fd2f991eedd36d14641d79dd516dc045

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 22:40:46 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 22:38:15 GMT
server: AmazonS3
age: 75402
etag: "9f51d18ee562568fd2feedca8b286214"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 5413
x-amz-cf-id: iP3r8ntu54BVDiAR4yW1YJ6tkXFI3kH8KVdh0822Dn_fbdkj-Ez_FA==

GET
H2 200 bjorka-mah-korem.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 5 KB
5 KB 89ms
52ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/bjorka-mah-korem.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4003c566483649c108a5eb3ecd4c5a099f98960558f722d71ef6e63267ab09fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 22:01:08 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 21:43:13 GMT
server: AmazonS3
age: 77780
etag: "a9f1009d6baaed218091dd207977a22f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 4938
x-amz-cf-id: XjP4UzFR8sgkw6TqY1EeDoyv8nz-KigQ33zqrII1E--E2WDd72YuXg==

GET
H2 200 Striker-Red-Bull-Salzburg-Noah-Okafor-Penye.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 5 KB
5 KB 61ms
25ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/Striker-Red-Bull-Salzburg-Noah-Okafor-Penye.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6384deb08fc0c80e93d6fac9278d48ab0fa10f4f42f8bab1c7186501a9cdce07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 21:38:42 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 07:34:33 GMT
server: AmazonS3
age: 79126
etag: "d15e338c172341c9a35f996234212eeb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 4814
x-amz-cf-id: wUSvat5FAZ3iwNhTs-VR26ICvhFcYTv5cuPtH8wg5TlzZ3MM2-W1Vg==

GET
H2 200 SSSTikTok-29822.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 4 KB
4 KB 61ms
48ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/SSSTikTok-29822.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55002a52fc7d6c252606b173042aed16f4b426884d02d009179d71576dbf2102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 21:38:42 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Mon, 29 Aug 2022 09:29:46 GMT
server: AmazonS3
age: 79126
etag: "40ef983e5b8095e7359e503aa31fe1da"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3773
x-amz-cf-id: sT8l6yD9lD70yUk8gQGFtO59pGoDkvnhzm__fBCoVfAYd8VVwTk-fw==

GET
H2 200 elsaal.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 6 KB
6 KB 57ms
44ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/elsaal.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3fee8a4fe55d15d7ad5da0426d76a39ba93325ee5d32eee8ee7ef1f4176321b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 04:04:20 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 03:44:33 GMT
server: AmazonS3
age: 142387
etag: "2e620d89b5b0248a1a8d3fe6f041b1cf"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 5726
x-amz-cf-id: OtAgNbz35V0iaW72S0lixZ6jl4DSwrrq5f711N3Mldrt83UPSTtLMA==

GET
H2 200 Malam-ini-jadwal-Liga-Italia-menyajikan-big-match-seperti-AC-Milan-vs-Napoli.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 6 KB
6 KB 89ms
53ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/Malam-ini-jadwal-Liga-Italia-menyajikan-big-match-seperti-AC-Milan-vs-Napoli.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46e97ec58a6964473ec254346a5cf2939d79fb9b9b0e7bc26ca2d0b5a59c0269

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 01:14:53 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sun, 18 Sep 2022 00:47:16 GMT
server: AmazonS3
age: 66154
etag: "eb8ad53bf05ac4a2260b8b7f28d8119e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 5745
x-amz-cf-id: v1FbWVobZKGJ20dWqRXRsS8W_8MGfwGoIWh_mf-git-iulO2X5nu_Q==

GET
H2 200 BSU-2022-tahap-2.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 4 KB
5 KB 58ms
22ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/BSU-2022-tahap-2.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53f1ab408e8e90ee62653e656bb9cea7f0f83fe469a6068abfa783974c909054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 11:29:22 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 11:24:22 GMT
server: AmazonS3
age: 115686
etag: "3ad57b9ec531b5ceedcf4e8b236436ec"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 4363
x-amz-cf-id: f1SjbPd6ydV_jpeWc3gdLIJynIODiEvQG-nCZJ_XfS6GqWSP-GoVeA==

GET
H2 200 MGMP-PPU.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 5 KB
6 KB 60ms
48ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/MGMP-PPU.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee131ca1e0dce1d4cd711e0795927de6371f89f763f5970d049faf5cae3dc575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 01:05:22 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sun, 18 Sep 2022 01:03:05 GMT
server: AmazonS3
age: 66726
etag: "6bab6fe447ec277fe25ec02037ec0315"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 5392
x-amz-cf-id: DY2FJ3gzNICEgap5lldOVojIXP5-aFOkC_PfluKnlPFknFuKAWCL-g==

GET
H2 200 peningkatan-ruas-jalan.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 4 KB
5 KB 62ms
50ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/peningkatan-ruas-jalan.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c982198f8a5f32c511e5676a7d4ca191558f0fd9019ae931d6806e8a31c73516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 12:08:03 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Wed, 07 Jul 2021 04:22:07 GMT
server: AmazonS3
age: 113365
etag: "73fcb01edb84746c22611eaae5a4d866"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 4574
x-amz-cf-id: _8CCN2Vn1RCLGJzK7DyxjDlKxk2-YtUIsaHec-1p8wKkhvUy6Idakg==

GET
H2 200 cuaca-berau-6.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 4 KB
5 KB 84ms
72ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/cuaca-berau-6.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1fb859e5ce4f09aa09a1b2110fe07d121336fa155dcd932941a0f69d82b8a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 00:50:13 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sun, 18 Sep 2022 00:47:37 GMT
server: AmazonS3
age: 67635
etag: "2a0117a413e1ab027781bccc27ab0bb9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 4271
x-amz-cf-id: Hk2TMHOWXLfJs0b6m05mZQdIAIeIPDTv2xDw0BMqfxprbU3sIXxckA==

GET
H2 200 bmkg-cuaca-kukar-kaltim.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 4 KB
4 KB 64ms
52ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/bmkg-cuaca-kukar-kaltim.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15c5a76de91f6a34def9a89fdc30a1ee8b31edb4ffd77e871f2fed32763cf98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:02:08 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 23:40:54 GMT
server: AmazonS3
age: 322520
etag: "2303a665196fa38367d6e0fb92ddac33"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3606
x-amz-cf-id: Hw7Q3m334gpujlzjQB4CY_yjPNpp56m7fMZsE7tYIubHazsz97BHAQ==

GET
H2 200 cuaca-cerah-berawan-di-jalan-mulawarman.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 5 KB
6 KB 63ms
51ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/cuaca-cerah-berawan-di-jalan-mulawarman.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae2e12f245ed0c5e1589229f7211e5f2d15827a0ab94d591c2b1b031ef8ee823

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:14:10 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Tue, 14 Jun 2022 03:41:33 GMT
server: AmazonS3
age: 206598
etag: "79d3e4c9ed272050b0d8ea9321f7e08e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 5406
x-amz-cf-id: 5LDsUOD92La7GoXWHIqJk-RgfcYTAqlp6Eq_zk6aXmVOTOSOoQ6wMA==

GET
H2 200 menggunakan-atap-daun-Nipah-yang-ada-di-Desa-Sungai-Tuak.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 5 KB
5 KB 68ms
56ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/menggunakan-atap-daun-Nipah-yang-ada-di-Desa-Sungai-Tuak.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afb1d9b25d185c339f2f6142468a52998d7df2889ef3b10d3b2acb70100aa954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 00:37:38 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Fri, 12 Aug 2022 09:42:00 GMT
server: AmazonS3
age: 68390
etag: "c839921b52a23ffd087bca744457401d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 4882
x-amz-cf-id: 3RfE8jq6t1aWXnRmTxS9CNiOn5w8-pImj7BsBlCKa1ywn1s-D0-Olg==

GET
H2 200 tribunshopping.svg
t-1.tstatic.net/img/logo/tribun/svg/ 12 KB
5 KB 139ms
36ms Image
image/svg+xml 18.66.15.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-1.tstatic.net/img/logo/tribun/svg/tribunshopping.svg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-39.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99dd300f70b33cff7246c8e19268061eefb84cab54398ed804ff215f8db32c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 18:57:11 GMT
content-encoding: gzip
age: 1903217
x-amz-meta-sha256: 99dd300f70b33cff7246c8e19268061eefb84cab54398ed804ff215f8db32c77
x-cache: Hit from cloudfront
last-modified: Mon, 12 Apr 2021 05:37:16 GMT
server: AmazonS3
etag: W/"449ce3df281678ce0bd54d92009c5e8a"
vary: Accept-Encoding
x-amz-version-id: KWsm2Pnz2B_tmAlNi.BGzmhH1OmkB_pG
via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: VIE50-P1
content-type: image/svg+xml
x-amz-cf-id: cq-sFuPhi0zoiR4FvCQBZYOS0gmI7wWbwCr-x41-hGfyyNLkX4lO3w==
x-amz-meta-s3b-last-modified: 20210405T052030Z

GET
H2 200 hair-tonic-hakb.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 4 KB
4 KB 92ms
23ms Image
image/jpeg 13.224.189.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/hair-tonic-hakb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d95977385bc631a30cea376353c9ff5d8320ec0130acee795814c279834f205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:12:05 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 11:49:40 GMT
server: AmazonS3
age: 109523
etag: "f1576274450a39b6ddec6056ec1dc7b9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3864
x-amz-cf-id: EtCRP3GFTJJanHb1RoDPKYt__Dr8QBE7DSU-eGbmkhYz0ujSrhHH2g==

GET
H2 200 laptop-mahasiswa.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 4 KB
4 KB 94ms
25ms Image
image/jpeg 13.224.189.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/laptop-mahasiswa.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df085e044de42a27804eec784cc3637be253e486dfc827bbdfd471dc2923674f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:12:05 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jan 2022 04:30:24 GMT
server: AmazonS3
age: 109523
etag: "9f65bd4edd9bf15ed921ffcb4085adda"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3670
x-amz-cf-id: 8-ZaWo5CFA2NmLuc23D8ULNw9U83K6WoG5W05TLx3vbmtEMd6HfaxA==

GET
H2 200 ilustrasi-perempuan-menunjukkan-rambutnya.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 6 KB
6 KB 95ms
26ms Image
image/jpeg 13.224.189.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/ilustrasi-perempuan-menunjukkan-rambutnya.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d31fd29105c9c2c5baee26f422fc018eb4c9f2ee7115ed7fc67d8fd6eb753048

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:12:13 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 11:05:55 GMT
server: AmazonS3
age: 109515
etag: "bdcd0b89a12fa5133421a33d415dd344"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 5723
x-amz-cf-id: 7_sV7OSdyfSHbcdonosnjfpBnfGcS8DNN9Is5xYNEE0kuaS7DsZ_Zg==

GET
H2 200 ilustrasi-membersihkan-pakaian-berwarna-putih-dengan-mesin-cuci.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 4 KB
4 KB 37ms
25ms Image
image/jpeg 13.224.189.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/ilustrasi-membersihkan-pakaian-berwarna-putih-dengan-mesin-cuci.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64634b2945088730da96a212276e30f3ff50aa165d7d473431fedc8d17c6fbcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:12:13 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Wed, 18 May 2022 01:41:07 GMT
server: AmazonS3
age: 109515
etag: "173c08313954e65282dcb7420451895c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4139
x-amz-cf-id: wcFjcIt1dKwSwIUzN4gYqze0zY-iGNb6V5w7tnISpnOz1FLecbtujw==

GET
H2 200 ilustrasi-penggunaan-super-mop-untuk-membersihkan-lantai-secara-lebih-praktis-dan-mudah.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 5 KB
5 KB 36ms
24ms Image
image/jpeg 13.224.189.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/ilustrasi-penggunaan-super-mop-untuk-membersihkan-lantai-secara-lebih-praktis-dan-mudah.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8cbb3c74cb9e068b68a22a3cf83ae9f20ab6f85b5ef2bd5e5da687eba5dced10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:12:06 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 03:41:49 GMT
server: AmazonS3
age: 109522
etag: "c0de88db4898b3ef39de2c92f5f94cea"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4703
x-amz-cf-id: 3TYEYyI83Gh1CSN2HPmmxpNDEfC6FwrUJPWywGwbkGDIqaXDrMFhhQ==

GET
H2 200 dsjdsdsdmlsdmlsdmsjdoosjd.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 4 KB
5 KB 62ms
50ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/dsjdsdsdmlsdmlsdmsjdoosjd.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5ac13b5b603c682d3dc197179de4fd5efd2528f77059e3a5448bd4e6982f239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 10:33:49 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Wed, 31 Aug 2022 02:18:36 GMT
server: AmazonS3
age: 119019
etag: "9c540f48b79cac96280723c430ae2920"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 4440
x-amz-cf-id: zNzJFMPzl-B-5KoETZ1m88_Hp70SOzz7O3Z1td-sfZ45O5uyL8zFEA==

GET
H2 200 Ferdy-Sambo-dan-Kamaruddin-Simanjuntak.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 5 KB
6 KB 77ms
66ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/Ferdy-Sambo-dan-Kamaruddin-Simanjuntak.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38f3e299be74536064d1520ddf967b2a556fc6c536cce9a5a3dc46d2bc8554e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 12:31:39 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 12:19:44 GMT
server: AmazonS3
age: 111949
etag: "adec93ee0feb7c8605b011ea75e8eb75"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 5532
x-amz-cf-id: R1TFxaNLrwTcHvlxTH-bnNO9esJowG9UdOXeRLbtBL3NAlxUW9M7IA==

GET
H2 200 pelantikan-pengurus-baznas-dan-dewan-pengurus-di-aula-kantor.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 6 KB
6 KB 72ms
61ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/pelantikan-pengurus-baznas-dan-dewan-pengurus-di-aula-kantor.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 383577a19566f5dbcbe746e7f5397a5b45e9d68bb603812651b217cd97844bdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 12:46:07 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 12:29:54 GMT
server: AmazonS3
age: 111081
etag: "4c4962083642b63b3a6f655b85c48f0a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 6135
x-amz-cf-id: AEnWbKniOceciXolwFFJ8CPAg6bW8fcil3mjp7zr4uJooRlxcDWrSA==

GET
H2 200 ikn-nusantara-hutan-semua-asyik.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 5 KB
6 KB 68ms
56ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ikn-nusantara-hutan-semua-asyik.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67c294aa3ad690c92b1fd16b65b0830071393fef20eacce9c7664f656ced145c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:20:17 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 11:06:34 GMT
server: AmazonS3
age: 109031
etag: "7440c7b8988a65610cfc53c2abb93aa7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 5463
x-amz-cf-id: vPJqm3HBRgxOZcRHJcrRAarEHU0_KMN8P_isCs4Q2hKCPw9pxguNdg==

GET
H2 200 menu-menu-baru-di-blend-wine-and-co-yang-menghiasi-bulan-september-ceria.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 4 KB
5 KB 73ms
67ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/menu-menu-baru-di-blend-wine-and-co-yang-menghiasi-bulan-september-ceria.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15887578870885161c59b65914860e82cc7441248efc627f3c8344b9f54db65f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:16:33 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 12:57:50 GMT
server: AmazonS3
age: 109255
etag: "a851d1e48f315deedf69d66b0035fce5"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 4301
x-amz-cf-id: I9-gHldiqHk9PjMNwidieAuCfxqnj5Cv1BCV_N6HA6LHkDIxh-Zviw==

GET
H2 200 Tangkapan-layar-Instagram-legenda-Timnas-Brasil-Cafu.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 4 KB
4 KB 59ms
53ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/Tangkapan-layar-Instagram-legenda-Timnas-Brasil-Cafu.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b266f5c6a3325583d3295451669e61751617f842a1b0362ad5c0edaa726a2b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:26:54 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 13:16:12 GMT
server: AmazonS3
age: 108634
etag: "2e2843741ba5b15bb97eb793d295071d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3888
x-amz-cf-id: irDjvkHNq2YH7JXk7cxg1CVae-81P5e2bNPnskOnCQjY2FDvlvW5IA==

GET
H2 200 Pemain-Manchester-City-Erling-Haaland-saat-bermain-lawan-Wolves.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 7 KB
7 KB 71ms
66ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/Pemain-Manchester-City-Erling-Haaland-saat-bermain-lawan-Wolves.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2df1880bc41b0c87529cf24d0bfa774060d2e17417225f4409b55e2313510523

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:55:33 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 13:51:47 GMT
server: AmazonS3
age: 106915
etag: "c5b62ca323e0a41f384a2f56d6821071"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 6709
x-amz-cf-id: dKKEy--DfVCAaU7CkWcUhsKTapCQG6RIrXengiJu4wWiyggPJLP60g==

GET
H2 200 Sadio-Mane-kiri-dan-Memphis.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 5 KB
6 KB 72ms
67ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/Sadio-Mane-kiri-dan-Memphis.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c07a0e37be58ccd4de161d91d9a6df7bd01fd33bb54bb2e0a955aa110ced1ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 14:10:50 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 11:17:49 GMT
server: AmazonS3
age: 105998
etag: "b862264ed2545087d50d64620d23eef5"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 5577
x-amz-cf-id: WwNC9yM22i8BuPdP86ZYIzLMAjcjYEpAMlJ5M9CJICEIvoV9kGuvcg==

GET
H2 200 blend-and-co-yang-memberikan-nuansa-eigthies-dan-nineties.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 5 KB
5 KB 72ms
67ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/blend-and-co-yang-memberikan-nuansa-eigthies-dan-nineties.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc9bbecd1cc466f1be644c38e4266ca527725edd458ab694cb7cee828068b165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 14:10:50 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 13:56:57 GMT
server: AmazonS3
age: 105998
etag: "f174a377a2fa36393dc8d2059dcf6cd8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 5122
x-amz-cf-id: -rs2Y7CYezgHPFBKOw8K6NtePi-e4Csax348YoqH0CXNwpzr2Q8OBw==

GET
H2 200 HASIL-PERTANDINGAN-TIMNAS-fix.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 5 KB
5 KB 65ms
59ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/HASIL-PERTANDINGAN-TIMNAS-fix.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e19d9e8b4c764883c7d1b25e23688ac032e2e14a5d84c35c1eb57f99eefcf7eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 15:36:35 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Wed, 14 Sep 2022 15:30:25 GMT
server: AmazonS3
age: 360053
etag: "f94ed43c00b354c6df491a6954d36d67"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 4671
x-amz-cf-id: idDNCTY7OhprJdkq6D_83sFvzzgxVWf5GHTPQ1_74iZyHcxTX62xcQ==

GET
H2 200 statistik-ac-milan-vs-napoli-jelang-kick-off-liga-italia-serie-a.jpg
cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/ 5 KB
5 KB 62ms
57ms Image
image/jpeg 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/kaltim/foto/bank/thumbnails2/statistik-ac-milan-vs-napoli-jelang-kick-off-liga-italia-serie-a.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ffa2edba5720f8300b1d8ef9c293be13c2aa056ee6330fa0721ac4bddb1e753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 14:24:20 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 26 Jan 2019 16:09:41 GMT
server: AmazonS3
age: 105188
etag: "567c80917083d3e49964cbefabd26213"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 4825
x-amz-cf-id: 0dM5MyD16H9Ev44di9xL3OZy5DGEe02APuftRUz3iaV9SyGZ1oBqwQ==

GET
H2 200 tjb_small.png
cdn-1.tstatic.net/img/logo/tribuniklan/ 6 KB
6 KB 47ms
43ms Image
image/png 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1.tstatic.net/img/logo/tribuniklan/tjb_small.png
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f9ecb8e1c41aeeb8983591498e78e82342ca1fd4be35250764c5494f4ccd05a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 12:11:23 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified: Wed, 25 Mar 2015 04:27:47 GMT
server: AmazonS3
age: 977164
etag: "d3e661155656ba666f8431241e75089c"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
content-length: 6045
x-amz-cf-id: tiXf-FazURsDXaTvKAW_nRc4g6ZpWiEs7OKFANYeSBVyLvsVVv1sZw==
expires: Tue, 24 Mar 2015 16:00:00 GMT

GET
H2 200 1-1122061586-Tanah-Kavling-Kebun-Murah-View-Gunung-Suasana-Pedesaan-Sejuk-di-Bogor-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524917/ 4 KB
5 KB 96ms
25ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524917/1-1122061586-Tanah-Kavling-Kebun-Murah-View-Gunung-Suasana-Pedesaan-Sejuk-di-Bogor-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a9d5f68de8410ebce6191901bd458f8a1d5dd63aa3f955a469938a1e87f0702

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:56:48 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 10:10:31 GMT
server: AmazonS3
age: 106840
etag: "cb0e2b7707b46d978c2f9efefab9f212"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4496
x-amz-cf-id: Bq1ChRO7zPlkT-s_4QJibH8_t2F3DKnqXrLwZUqZtWYoGS5wgvKzow==

GET
H2 200 1-978329555-Rumah-2-Lantai-Siap-Huni-Kota-Harapan-Indah-Bekasi-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524911/ 4 KB
4 KB 93ms
22ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524911/1-978329555-Rumah-2-Lantai-Siap-Huni-Kota-Harapan-Indah-Bekasi-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 198df9e86e8cad251be95483e0a9df4e44f3a2611dff9a915c05555cada60ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:56:48 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 09:57:35 GMT
server: AmazonS3
age: 106839
etag: "d4099066ca74784a15dfa62456bc8e06"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4040
x-amz-cf-id: lWesp_v81zZAY4d4BqCMkmgZ5gceNgZf4jEZLW2Td6kmScP3erZOow==

GET
H2 200 1-1010928820-Di-Sewakan-Studio-Full-Furnish-Mewah-Apartemen-Green-Bay-Pluit-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524905/ 2 KB
3 KB 94ms
23ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524905/1-1010928820-Di-Sewakan-Studio-Full-Furnish-Mewah-Apartemen-Green-Bay-Pluit-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b007ce23cb6dbf29de8d52ad10201a436df6e2a03a897ce93214d12c04afdbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:56:48 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 09:33:52 GMT
server: AmazonS3
age: 106839
etag: "4417d986642db7d72860d24f3ff6e31b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2551
x-amz-cf-id: zB0RRMawvqr8Toa8ZOyXr7RWZzZzlHqyioJatkAzLoI0AMiTEkgm2w==

GET
H2 200 1-1134433899-MILIKI-HUNIAN-NYAMAN-AMAN-STRATEGIS-CLUSTER-SUKAHATI-VILLAGE-DI-CIBINONG-BOGOR-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524900/ 3 KB
3 KB 92ms
21ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524900/1-1134433899-MILIKI-HUNIAN-NYAMAN-AMAN-STRATEGIS-CLUSTER-SUKAHATI-VILLAGE-DI-CIBINONG-BOGOR-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1b00ecf1ef0b40fcee55e191ca763afd08b18fa8273489bb3944f9f85dd4053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:56:48 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 09:27:59 GMT
server: AmazonS3
age: 106839
etag: "04669f35ea1b1de4ce5910f9972aeaee"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3034
x-amz-cf-id: _8lyiv3epL3JLJ6Ew3gvXu7G8663mrYj9EoUeDiU9_SW6jQSJMZ2_A==

GET
H2 200 1-1961841759-Dijual-Tanah-Rumah-Tua--Harga-Nego-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/8/2511703/ 3 KB
3 KB 96ms
24ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/8/2511703/1-1961841759-Dijual-Tanah-Rumah-Tua--Harga-Nego-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 419a8186694aabd2e88864a50f905f2931be5650bba099233e2d8a22db4d3821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 12:39:00 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Mon, 29 Aug 2022 17:10:07 GMT
server: AmazonS3
age: 111508
etag: "bfe1be76e0311b224e9d359da8896566"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3126
x-amz-cf-id: CXTUyNsTvr5rZj4S7h55IGX3rClEbT0eoyCS_lXnrHTkVeuwkB-n4Q==

GET
H2 200 1-783878391-Perumahan-Di-Cibinong-Cluster-Sriwijaya-Tanpa-Dp-Cukup-5-Jt-allin-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524858/ 4 KB
4 KB 95ms
24ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524858/1-783878391-Perumahan-Di-Cibinong-Cluster-Sriwijaya-Tanpa-Dp-Cukup-5-Jt-allin-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 241be19d8e0ae944f2ebdb957b900591a7325ddd785bcfa7b5aaf9424f8795a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:51:21 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 07:47:29 GMT
server: AmazonS3
age: 125167
etag: "5aaf596c41aba6e558c3af358150ec97"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4197
x-amz-cf-id: cZ8EAIx6KAuRs3h0YStEnUoVSsFTQwmmUrIw3k-VVJuIzKIpeWiO9g==

GET
H2 200 1-1190203184-Damallia-Cantik-Cluster-Baru-Di-Keradenan-Cibinong-Tanpa-Dp-Cukup-5jt-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524856/ 4 KB
4 KB 25ms
23ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524856/1-1190203184-Damallia-Cantik-Cluster-Baru-Di-Keradenan-Cibinong-Tanpa-Dp-Cukup-5jt-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55f5ae06829df25012203d5b37ee87270e890362249f6363e9e78f58fb061514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:51:10 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 07:42:06 GMT
server: AmazonS3
age: 125177
etag: "ca6453ada096fc21a66e2818dd6b83fb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4230
x-amz-cf-id: mSMu1n92KUuaF3aU3LJs3EToquGXwbbeX8-JGagyguEcyP6p388guw==

GET
H2 200 1-542747573-Cluster-Baru-Di-Cibinong-Damallia-Cantik-Dekat-Stasiun-Bojonggede-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524846/ 4 KB
4 KB 26ms
23ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524846/1-542747573-Cluster-Baru-Di-Cibinong-Damallia-Cantik-Dekat-Stasiun-Bojonggede-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e796af78da7f0f24b1c52bc34705b921ccf2cd1053e1c6acb90d6ea66f4801fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:51:18 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 07:34:29 GMT
server: AmazonS3
age: 125170
etag: "dc2a661a24864464db7611b1aee483fe"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3782
x-amz-cf-id: ltyw8I285jFQcQu08lH16nNqvDAKIu2l1qmc7rxrdjCay2-3cWIQhA==

GET
H2 200 1-2021331955-Rumah-Murah-Malang-Dekat-Kota-400-Jutaan-Siap-Huni-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524820/ 3 KB
3 KB 26ms
24ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524820/1-2021331955-Rumah-Murah-Malang-Dekat-Kota-400-Jutaan-Siap-Huni-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b8c82bd4219aa07a3fca2fa5d97b4cc1039143449e7dc0db07094579a0d6c60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:53:39 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 06:54:59 GMT
server: AmazonS3
age: 125029
etag: "acdd7edbd680bb9b47971d93b3a0d25d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3108
x-amz-cf-id: OQOrpo-8cqBH7WT2pcJFW-IZQlSPTqvfQh-c9VjJOP_fSPSVYZ6prQ==

GET
H2 200 1-1693905041-RUMAH-MURAH-200JT-ALL-IN-DI-GUNUNG-KIDUL-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524813/ 3 KB
3 KB 28ms
25ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524813/1-1693905041-RUMAH-MURAH-200JT-ALL-IN-DI-GUNUNG-KIDUL-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6262a39f9b6883f5fbdca38b3f1123a3f675f4feaeed1bf6714f3550d267d418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:53:38 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 06:41:43 GMT
server: AmazonS3
age: 125030
etag: "dcdceb7c25f98324307306b8783d82f0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3196
x-amz-cf-id: AGWlWQRzFSXLgs2kUgelfHrNaRNvXAPgvs8SbQVF-SUJULLKrleARg==

GET
H2 200 1-892681199-Kost-Di-Malang-Siap-Huni-Bangunan-Konsep-3-Lantai-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524806/ 3 KB
4 KB 48ms
46ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524806/1-892681199-Kost-Di-Malang-Siap-Huni-Bangunan-Konsep-3-Lantai-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76d9c2fdee8376eceb9629df80d6b303e7dd3104c0bbadd88758a2d54ed44f32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:22:25 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 06:24:47 GMT
server: AmazonS3
age: 126902
etag: "a45ddaa942884a4bbe0e2ce04b8c3207"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3505
x-amz-cf-id: EmkSD3SD5WI3Ism28A6Q87kMg6SilWGffnc9kgBOxPpQCaYW6mm3bw==

GET
H2 200 1-1781564552-Rumah-Dekat-Alun-Alun-Kebumen--PEMDA-Kebumen--Trio-Mall--RITA-Pasaraya--RS-Permata-Medika-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524795/ 4 KB
4 KB 61ms
59ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524795/1-1781564552-Rumah-Dekat-Alun-Alun-Kebumen--PEMDA-Kebumen--Trio-Mall--RITA-Pasaraya--RS-Permata-Medika-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cff914ce0c1b1248695a1c2491769b261060365de1d1430c6330fae04b5511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:22:26 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 06:10:14 GMT
server: AmazonS3
age: 126902
etag: "b69eb3118430e12c14dcb4f01268a450"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3632
x-amz-cf-id: 0jJahF0Vo6iwW9ER2RI_tHCJzvwzXYdM5CmfwtKX5fYymqJAYIJb1g==

GET
H2 200 1-697540613-PROMO-GUDANG-STRATEGIS-SIAP-PAKAI-DI-SRAGEN-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524794/ 3 KB
4 KB 28ms
26ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524794/1-697540613-PROMO-GUDANG-STRATEGIS-SIAP-PAKAI-DI-SRAGEN-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04f15f76f85b582d60f6de2e23030fec9ff9a7cdd12d483873ca85f305bce0b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:22:26 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 06:09:22 GMT
server: AmazonS3
age: 126902
etag: "5d0e3268b7ce14b5e9c86420d48c77da"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3428
x-amz-cf-id: 3vXbJ8acRSq7XuQaAFq8sqS6eYP2vKA_iM0agkeLtuLd8YwinxA11g==

GET
H2 200 1-1761008380-3-UNIT-KAVLING-LOKASI-STRATEGIS-MALANG-KOTA-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524777/ 3 KB
4 KB 28ms
26ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524777/1-1761008380-3-UNIT-KAVLING-LOKASI-STRATEGIS-MALANG-KOTA-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a77ac31ca5ed1965ca84753e35e413d54585898e45a228102bd7273db2287eca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:23:07 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 04:48:44 GMT
server: AmazonS3
age: 126861
etag: "3a96017f47a06c64103093c6444e1776"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3583
x-amz-cf-id: cpchgWwoqAvNgSIkhFD7-nTEGek21-sitpW77VWi187qLaTguJkL-A==

GET
H2 200 1-968507028-HP-Apple-iPhone-12-64GB-Mint-Green-Bekas-iBox-Fullset-iCloud-Aman-Normal---Bekasi-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/9/2524876/ 2 KB
2 KB 29ms
27ms Image
image/jpeg 13.224.189.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-3.tstatic.net/jualbeli/img/2022/9/2524876/1-968507028-HP-Apple-iPhone-12-64GB-Mint-Green-Bekas-iBox-Fullset-iCloud-Aman-Normal---Bekasi-thumb.jpg
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 365168b741b2c13608f5a89a7dd6081f7006079f53292c91725290a331d992f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:22:26 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 08:14:30 GMT
server: AmazonS3
age: 126902
etag: "e2dff227987805b0719789efb84c54b3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2108
x-amz-cf-id: VBbfJ1wuCIxz8__fq2LpOrwl35K1jH0W-lfep02jWPLhFOz4eaQwkg==

GET
H2 200 lozad.min.js Show response
cdn-1.tstatic.net/js/ 2 KB
1 KB 18ms
18ms Script
application/x-javascript 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/lozad.min.js
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Fri, 31 May 2019 01:49:18 GMT
date: Sun, 26 Jun 2022 19:53:09 GMT
content-encoding: gzip
last-modified: Fri, 31 May 2019 01:51:20 GMT
server: AmazonS3
age: 7256658
etag: W/"34b722949a97a9f6734cd66d940531ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
content-type: application/x-javascript
x-amz-cf-id: nzVBRlFJHLhXF8GsZAOySUG_nqxiT1lJ4_7S_EJ5L7z-N4qzPe7ecw==

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.5.6/ 34 KB
12 KB 83ms
18ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.6/firebase-app.js

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 19:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12419
x-xss-protection: 0
last-modified: Thu, 25 Oct 2018 20:51:40 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Sep 2023 19:13:43 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.5.6/ 35 KB
10 KB 81ms
16ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.6/firebase-messaging.js

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 21:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10096
x-xss-protection: 0
last-modified: Thu, 25 Oct 2018 20:51:40 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 21:51:58 GMT

GET
H2 200 kgnotif_tribun.js Show response
cdn-1.tstatic.net/js/ 2 KB
2 KB 45ms
45ms Script
application/javascript 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/kgnotif_tribun.js
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df4f9c3d7d11a4ba21b585bfdaff006aa925b32c3ec626969a38a5036a5aa03e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 01:08:37 GMT
content-encoding: gzip
age: 1621730
x-amz-meta-sha256: df4f9c3d7d11a4ba21b585bfdaff006aa925b32c3ec626969a38a5036a5aa03e
x-cache: Hit from cloudfront
last-modified: Tue, 09 Nov 2021 09:46:35 GMT
server: AmazonS3
etag: W/"923baa9abb9b96a2804d3114a8ba3016"
vary: Accept-Encoding
x-amz-version-id: o90oKk95.kQcQjo2jl5g8uZJQM55rPPc
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: 6fFru0CBAhK5npFF02pOYvFHjzyKePeFbB09Qww0tqFsfT_6OhZK-Q==
x-amz-meta-s3b-last-modified: 20211108T081414Z

GET
H2 200 sso_g_signin.min-1.0.js Show response
cdn-1.tstatic.net/js/kgmedia/tribunnews/ 3 KB
2 KB 43ms
43ms Script
application/javascript 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.0.js
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbba45cb3355a22c9ddd6893732795b6746e460fc1ac52e77b5268ec9d685f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 01:35:48 GMT
content-encoding: gzip
age: 64898
x-amz-meta-sha256: dbba45cb3355a22c9ddd6893732795b6746e460fc1ac52e77b5268ec9d685f5f
x-cache: Hit from cloudfront
last-modified: Thu, 14 Jan 2021 04:57:50 GMT
server: AmazonS3
etag: W/"9d3e5dbdb245a14e5139aca792974052"
vary: Accept-Encoding
x-amz-version-id: iwnBU7Ip0vrtHzsOMmfNlAhCmESC_5lX
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: F4zUl9m10_K3JeJVDwut6Vj7aE38CcouP2oxcJMdbDCmNTZEWcf1Uw==
x-amz-meta-s3b-last-modified: 20210113T054706Z

GET
H2 200 extender.min.js Show response
asset.kompas.com/data/2021/sso/js/ 661 B
1 KB 124ms
27ms Script
application/javascript 13.32.99.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.kompas.com/data/2021/sso/js/extender.min.js
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-68.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 52985ca00e82ec689eb22669c02e596325f62481e98c5434d7732905052d2565

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: 0mvkkEWouFpQIPEYk7vCTfZLZxSzMbi9
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
etag: "92cef38cd69a0b2c446470ac1fda2fcb"
age: 1383183
x-amz-meta-sha256: 52985ca00e82ec689eb22669c02e596325f62481e98c5434d7732905052d2565
x-cache: Hit from cloudfront
content-length: 661
last-modified: Thu, 07 Apr 2022 21:46:56 GMT
server: nginx
date: Fri, 02 Sep 2022 19:25:35 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sat, 02 Sep 2023 19:24:24 GMT
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
x-amz-cf-id: xb8Whq3VJrzoFLOOrPWuW0VEoI69T-Mlh6om22tXSTupWNk83xUQ4g==
x-amz-meta-s3b-last-modified: 20220407T214546Z

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 235 KB
74 KB 78ms
25ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c490ff89b5b38fdc9b2267c1a9b284d8ef118363015f8d17417d248d54457b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74837
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Sep 2022 19:37:27 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 97ms
50ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://kaltim.tribunnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 864, 617
access-control-allow-origin: *
cdn-proxyver: 1.0
cdn-cachedat: 2022-02-23 12:46:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66624
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "db812d8a70a4e88e888744c1c9a27e89"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 538dd6b86a71d262254eb4c00245e506
accept-ranges: bytes
cf-ray: 74cc8947df8001f8-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 121ms
39ms Script
application/javascript 18.155.153.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.153.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-153-29.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 03:04:35 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 59573
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 dbd64dbf2e06de1908b4c325512a96a6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: fYUB6gJoXmKbqGGUFKVORt9mePPBnbFK4bJRFDsxIiQAQ2FLKtyhlQ==

GET
H2 200 user Show response
apis.kompas.com/api/activity/ 88 B
1 KB 746ms
662ms XHR
application/json 13.225.78.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.kompas.com/api/activity/user

Requested by

Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/js/jquery/jquery-1.8.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-16.fra2.r.cloudfront.net

Software

nginx / PHP/7.3.28

Resource Hash

c8b905f4a68c1dbebd870c8641505a0e129da5a41a1e153c02ed2a1b1cc2ae02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-powered-by: PHP/7.3.28
x-cache: Miss from cloudfront
mail-subject: Join_via_header
we-hiring: jobs@kompas.com
content-length: 88
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, X-Requested-With
x-amz-cf-id: yjUHHt8FC5jHTaRBEc-WdGXzMy09XYEXwDPOTw0ZfIuiZli8GrvN5w==
expires: -1

GET
H2 200 client Show response
accounts.google.com/gsi/ 186 KB
74 KB 154ms
109ms Script
application/javascript 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

461f906fbdd651ac3cc6e3c4424304be60da05bd573659d5bc855724137ebcb2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-xRcrCQdrZs11BUjoc5GlaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-xRcrCQdrZs11BUjoc5GlaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 18 Sep 2022 19:37:27 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/id_ID/ 318 KB
87 KB 68ms
31ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/id_ID/sdk.js?hash=b3f653e43cb53732bfa90c9537a605d1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/id_ID/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60ad8599d9e6c046512ed3f3cee4ac766f58fdf786dbd8bafe0bea83b47b4f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kaltim.tribunnews.com/
Origin: https://kaltim.tribunnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Ic6QNvpb2Id6+pPRhg4VHw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88732
x-fb-rlafr: 0
x-fb-debug: xLheLN61UPdfvCpk0MxiisLUOy0dMKIO1VYsSAyut4+6qOR8KPHskIvcUBW3uJxt1GhdtMvFG7+7qWaMoCDDYg==
x-fb-content-md5: 1980b078bedd0c632ad912cbb1bd2ffd
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Sep 2022 19:37:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "83058ac4d1b971bd22419d2adcab3e25"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 18 Sep 2023 19:33:33 GMT

POST
H/1.1 200
OK hbpost Show response
hb.jixie.io/v2/ 62 B
902 B 575ms
187ms XHR
application/json 110.238.107.108
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.jixie.io/v2/hbpost
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 110.238.107.108 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-110-238-107-108.compute.hwclouds-dns.com
Software: elb / Express
Resource Hash: d9eb4cd87068a9bd2272cd2ab33dc036438bb93a179caa4ba4f84dd520bbc764

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:37:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: elb
X-Powered-By: Express
ETag: 53f0a340-3789-11ed-8ef4-cdf7d901e35c
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: -1

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
567 B 390ms
327ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=450352&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2282dc37531f7f87%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fkaltim.tribunnews.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fkaltim.tribunnews.com%2F%22%2C%22domain%22%3A%22kaltim.tribunnews.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22tribunnews.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A8%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A8%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fkaltim.tribunnews.com%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229c1f98573b21f9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22120f43a9a7d4026%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2213642c165fb6047%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22150494ba2ba4f5e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2216dd745f5914076%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22181811924b5d0b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%221x1%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x100%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2220f2ef10eb968bb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%221x1%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%222328d5921d8e24e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%221x1%22%7D%7D%2C%7B%22w%22%3A640%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22640x100%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38c652f2c4344262c9b4e66d19c6e6fc039d93e2aebc69374383e5d64acdc14a

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwA2rmOluqj4b5pRDn5s4VZNK8abpD2jgD83Ntz0KOUsl2Y9OyV9gz4SDi9PXN%2FljgxwinzyqHkv6AivVKgrOLusX7zS7iGI8SygUpkByBbI5PpXIp%2BDcEqkcIsQlkoYOqK89epU"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74cc89496b6dbb7f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
319 B 382ms
57ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.1&cb=53925609998

Requested by

Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Sep 2022 19:37:26 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kaltim.tribunnews.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 204
No Content 280686 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 291ms
69ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/280686?src_sys=prebid
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Sun, 18 Sep 2022 19:37:27 GMT
X-SpotX-Timing-Transform: 0.000383
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.001241
X-spotx-Exception-0-RESULT: failure
X-SpotX-Timing-Page-Require: 0.000482
X-spotx-Exception-0-ID: MARKET_HALTED
Connection: keep-alive
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie: 0.000004
X-SpotX-Timing-Page: 0.009744
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000418
X-fe: 120
Last-Modified: Sun, 18 Sep 2022 19:37:27 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004875
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
X-SpotX-Timing-Page-Misc: 0.002293
X-SpotX-Timing-Page-Exception: 0.000027
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000021
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.004875
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 282137 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 289ms
67ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/282137?src_sys=prebid
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Sun, 18 Sep 2022 19:37:27 GMT
X-SpotX-Timing-Transform: 0.000314
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.001173
X-spotx-Exception-0-RESULT: failure
X-SpotX-Timing-Page-Require: 0.000323
X-spotx-Exception-0-ID: MARKET_HALTED
Connection: keep-alive
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie: 0.000006
X-SpotX-Timing-Page: 0.008360
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000292
X-fe: 110
Last-Modified: Sun, 18 Sep 2022 19:37:27 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.002863
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
X-SpotX-Timing-Page-Misc: 0.003362
X-SpotX-Timing-Page-Exception: 0.000018
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.002863
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 301966 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 358ms
67ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/301966?src_sys=prebid
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Sun, 18 Sep 2022 19:37:27 GMT
X-SpotX-Timing-Transform: 0.001150
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.001029
X-spotx-Exception-0-RESULT: failure
X-SpotX-Timing-Page-Require: 0.000427
X-spotx-Exception-0-ID: MARKET_HALTED
Connection: keep-alive
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.008344
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000382
X-fe: 074
Last-Modified: Sun, 18 Sep 2022 19:37:27 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003382
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
X-SpotX-Timing-Page-Misc: 0.001937
X-SpotX-Timing-Page-Exception: 0.000021
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.003382
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 301967 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 355ms
64ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/301967?src_sys=prebid
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Sun, 18 Sep 2022 19:37:27 GMT
X-SpotX-Timing-Transform: 0.000320
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.000880
X-spotx-Exception-0-RESULT: failure
X-SpotX-Timing-Page-Require: 0.000368
X-spotx-Exception-0-ID: MARKET_HALTED
Connection: keep-alive
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.006585
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000298
X-fe: 112
Last-Modified: Sun, 18 Sep 2022 19:37:27 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003020
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
X-SpotX-Timing-Page-Misc: 0.001668
X-SpotX-Timing-Page-Exception: 0.000018
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.003020
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 282227 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 421ms
66ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/282227?src_sys=prebid
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Sun, 18 Sep 2022 19:37:27 GMT
X-SpotX-Timing-Transform: 0.000378
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.001089
X-spotx-Exception-0-RESULT: failure
X-SpotX-Timing-Page-Require: 0.000421
X-spotx-Exception-0-ID: MARKET_HALTED
Connection: keep-alive
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.006885
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000384
X-fe: 028
Last-Modified: Sun, 18 Sep 2022 19:37:27 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.002551
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
X-SpotX-Timing-Page-Misc: 0.002013
X-SpotX-Timing-Page-Exception: 0.000021
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000025
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.002551
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
183 B 607ms
177ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kaltim.tribunnews.com
date: Sun, 18 Sep 2022 19:37:27 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
252 B 370ms
226ms XHR
application/json 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 18 Sep 2022 19:37:27 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
511 B 475ms
184ms XHR
application/json 18.198.174.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2Fkaltim.tribunnews.com%2F&tmax=2000

Requested by

Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.174.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-174-222.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 413 B
1 KB 247ms
124ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484472&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.domain=kaltim.tribunnews.com&tg_i.pbadslot=div-Top-Leaderboard&tk_flint=pbjs_lite_v6.29.1&x_source.tid=59afd4c4-95c9-4889-b0c1-fb71be049acb&l_pb_bid_id=82f12cc0b6dedf4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.499402927450302
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 21bb8b2da922e092ee9dfa8d45dd6cfdcfc06835b73f451ea13feef7610c43d2

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:37:27 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 413
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 394 B
1 KB 284ms
161ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484474&size_id=9&rf=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.domain=kaltim.tribunnews.com&tg_i.pbadslot=div-Left-WideSkyscraper&tk_flint=pbjs_lite_v6.29.1&x_source.tid=0c35584d-6a87-4488-a8b0-ee86a4b32455&l_pb_bid_id=839de595b2eb58&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5019540141003827
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 91e75f7df7d4fa2cb335f9a060bbceba73d9f5a5eb0e76ab8527643dd599eda7

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:37:27 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 394
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 419 B
1 KB 365ms
241ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484476&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.domain=kaltim.tribunnews.com&tg_i.pbadslot=div-Right-MediumRectangle-1&tk_flint=pbjs_lite_v6.29.1&x_source.tid=d0248c00-9aa4-458a-b9eb-788ed70c61e5&l_pb_bid_id=84bb57c3af3d41d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6826001787090734
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cae952b605a3b239f6ab94c67bcd094e8f434646a081eaa64ae8cc60268ab839

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:37:27 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 419
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 399 B
1 KB 203ms
77ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484478&size_id=15&rf=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.domain=kaltim.tribunnews.com&tg_i.pbadslot=div-Right-MediumRectangle-2&tk_flint=pbjs_lite_v6.29.1&x_source.tid=7dd96781-5dc2-4967-84ee-f79dfc643923&l_pb_bid_id=8598ee6b7cb85c2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9140386319497007
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 76ffba0a5751814890d71696659fd7b588342b9151f3b4fac00c762528fecbc9

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:37:27 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 399
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 419 B
1 KB 366ms
241ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484480&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.domain=kaltim.tribunnews.com&tg_i.pbadslot=div-Right-MediumRectangle-3&tk_flint=pbjs_lite_v6.29.1&x_source.tid=94bc3933-4331-4788-909d-15fd6945d504&l_pb_bid_id=8653adf0e028939&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.84277863078928
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 801215c1f70f00898d9372b8a4e501a37f22267b228c4857500bb5c4d9739e19

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:37:27 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 419
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 419 B
1 KB 397ms
227ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484482&size_id=15&alt_size_ids=19%2C221&rf=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fkaltim.tribunnews.com%2F&tg_i.domain=kaltim.tribunnews.com&tg_i.pbadslot=div-Inside-MediumRectangle&tk_flint=pbjs_lite_v6.29.1&x_source.tid=ecadf23a-1307-428e-9083-f386e0ebcb21&l_pb_bid_id=870efe2d8b7ba74&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6907902429402852
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e22bfda3176ee35c7259eaeb7b8786b8bdf24b7731cdd517213ee8e384c0e0e1

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:37:27 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 419
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
318 B 378ms
65ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.1&cb=36171200664

Requested by

Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Sep 2022 19:37:26 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kaltim.tribunnews.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H2 200 arj Show response
kompascybermedia-d.openx.net/w/1.0/ 73 B
382 B 156ms
29ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://kompascybermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkaltim.tribunnews.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=59afd4c4-95c9-4889-b0c1-fb71be049acb%2C0c35584d-6a87-4488-a8b0-ee86a4b32455%2Cd0248c00-9aa4-458a-b9eb-788ed70c61e5%2C7dd96781-5dc2-4967-84ee-f79dfc643923%2C94bc3933-4331-4788-909d-15fd6945d504%2Cecadf23a-1307-428e-9083-f386e0ebcb21%2C7a3f354a-fc0d-4455-a9b0-4e6f9540ad0b%2Cbe4015f5-1d37-4913-b61e-48deccfa3168&nocache=1663529847199&ttduuid=&aus=728x90%2C970x90%2C970x250%7C160x600%7C300x600%2C300x250%7C300x250%7C300x600%2C300x250%7C300x250%2C300x100%2C1x1%7C320x100%2C320x50%2C1x1%7C640x100%2C468x60%2C320x100%2C1x1&divids=div-Top-Leaderboard%2Cdiv-Left-WideSkyscraper%2Cdiv-Right-MediumRectangle-1%2Cdiv-Right-MediumRectangle-2%2Cdiv-Right-MediumRectangle-3%2Cdiv-Inside-MediumRectangle%2Cdiv-BelowArticles%2Cdiv-BelowImages&aucs=div-Top-Leaderboard%2Cdiv-Left-WideSkyscraper%2Cdiv-Right-MediumRectangle-1%2Cdiv-Right-MediumRectangle-2%2Cdiv-Right-MediumRectangle-3%2Cdiv-Inside-MediumRectangle%2Cdiv-BelowArticles%2Cdiv-BelowImages&auid=540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 7f3582eb2102f7bd956fc3ca67929e11bb7fed2cf0f846fc169f1ce6915d6282

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
563 B 445ms
250ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
563 B 270ms
75ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:26 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
563 B 269ms
75ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
563 B 266ms
74ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:26 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
563 B 282ms
81ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
563 B 301ms
87ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:26 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 500ms
229ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kaltim.tribunnews.com
date: Sun, 18 Sep 2022 19:37:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
169 B 67ms
21ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://kaltim.tribunnews.com
pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 111ms
21ms Preflight
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://kaltim.tribunnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://kaltim.tribunnews.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sun, 18 Sep 2022 19:37:27 GMT

GET
H2 200 bx_loader.gif
cdn-1.tstatic.net/css/theme21/images/ 8 KB
9 KB 22ms
22ms Image
image/gif 13.225.78.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1.tstatic.net/css/theme21/images/bx_loader.gif
Requested by: Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/css/theme21/style_daerah_web_20211015.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-1.tstatic.net/css/theme21/style_daerah_web_20211015.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 02:45:14 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
age: 2220734
x-amz-meta-sha256: 6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
x-cache: Hit from cloudfront
content-length: 8581
last-modified: Sat, 19 Jun 2021 21:55:45 GMT
server: AmazonS3
etag: "931bdb6b50816b03206c66921760b246"
x-amz-version-id: Hpwrz52PSL722wx25QIBrifPqiYmzn1T
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: xkM0VDl__kgr0LU8oWEakcsAL7pxahGDGDEmnrXAf041vlfz8Yvkxw==
x-amz-meta-s3b-last-modified: 20210619T215418Z

GET
H2 200 pubads_impl_2022091301.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
128 KB 318ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 10:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131297
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 08:35:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 18 Sep 2023 10:12:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 385 B
212 B 87ms
51ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kaltim.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49e9d9f4caa7c3107079272defb7962e8483ca2b51156daae653e7e5b257b372

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 187
x-xss-protection: 0
expires: Sun, 18 Sep 2022 19:37:27 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 36ms
36ms Image
text/plain 18.155.153.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=8077308&cs_it=b3&cv=3.8.0.210223&ns__t=1663529847322&ns_c=UTF-8&c7=https%3A%2F%2Fkaltim.tribunnews.com%2F&c8=Tribunkaltim.co%20-%20Berita%20Terkini%20Kalimantan&c9=
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.153.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-153-29.ham50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
via: 1.1 dbd64dbf2e06de1908b4c325512a96a6.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: unuir1xflP5AZCZs5ojXCYaO0pcSKsgaDWU2FjC_W-MQ36RhCAb_zQ==
x-cache: Miss from cloudfront

OPTIONS
H2 204 publishertag.standalone.js
static.criteo.net/js/ld/ Frame 0
0 289ms
32ms Preflight 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://kaltim.tribunnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=86400
date: Sun, 18 Sep 2022 19:37:27 GMT
expires: Mon, 19 Sep 2022 19:37:27 GMT
server: nginx
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.standalone.js Show response
static.criteo.net/js/ld/ 93 KB
31 KB 37ms
37ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.standalone.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0b4b8f88d48aa9f88f7e9f20fa7ea5069d71a054e5efbf840f597c6ca6897d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/javascript

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 11:36:03 GMT
server: nginx
etag: W/"631f19a3-17590"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 19 Sep 2022 19:37:27 GMT

POST
H/1.1 200
OK prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 16 KB
8 KB 262ms
140ms XHR
application/json 185.89.211.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.83 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b2bb6df815c99d2b25cf29e1c5ca9f2f1eea3b0bcd26b515c05a0a06286f43ac

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 18 Sep 2022 19:37:27 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d595abb0-b7f5-4244-923e-bab5b8bcbd72
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
343 B 225ms
36ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:26 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 234 B
487 B 222ms
59ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=51931155213

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

93286109f5ce9478f8a8bf24276b2c3723a242a91670de7f35ab2f466042899e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kaltim.tribunnews.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 212

POST
H/1.1 200
OK prebid Show response
etarget-emea.adnxs.com/ut/v3/ 156 B
851 B 173ms
23ms XHR
application/json 185.89.211.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://etarget-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.26 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9897487ef5452304e9321ab41aa74331f139c9daa8cd9d6dd3c3c1925c6c2189

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:37:27 GMT
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1cffa86a-5f8e-4333-b9df-438f1db55c96
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 156
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 16 KB
8 KB 251ms
133ms XHR
application/json 185.89.211.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.83 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c9fb0e8e99c760b6341cfdbe659ef5364d0e330b13953117ee3d01421c096b3c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 18 Sep 2022 19:37:27 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 901d98d4-3599-4baf-aede-9e6dd298f43b
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
343 B 493ms
308ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 232 B
485 B 218ms
59ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=73179930304

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad48566840975a57c4da93beb69a033885eecac1ca91a18a684aeef5f9bc2aa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 18 Sep 2022 19:37:26 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kaltim.tribunnews.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 210

POST
H/1.1 200
OK prebid Show response
etarget-emea.adnxs.com/ut/v3/ 17 KB
8 KB 294ms
148ms XHR
application/json 185.89.211.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://etarget-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.26 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5db06f72f368bbb55c5a0e5525824fa6a83df2f01b4b9649b5c3acf1d5bbc762

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 18 Sep 2022 19:37:27 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bbc2323d-27cc-4a04-8967-6a9024962e12
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 16 KB
8 KB 243ms
127ms XHR
application/json 185.89.211.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.83 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9f0e57748a6389312cc6af7fd498f6f221db5a42ff8839199f6714b7c3911c57

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 18 Sep 2022 19:37:27 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bc39051c-d17a-4e33-8b9d-d9909504ccb2
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
343 B 219ms
36ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:26 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 234 B
487 B 216ms
58ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=60578663528

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

810ce3044d21adc8e80171cef6304a257d06b25da7dcd5c10ebc4bdc614db2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kaltim.tribunnews.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 212

POST
H/1.1 200
OK prebid Show response
etarget-emea.adnxs.com/ut/v3/ 156 B
851 B 169ms
24ms XHR
application/json 185.89.211.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://etarget-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.26 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a079a9068cc2aff9c60327c8e45587cf4f7d7c8e40911eacd52202189f865ba6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:37:27 GMT
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f92e83b4-2e5a-450b-b261-375607912edf
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 156
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 156 B
851 B 143ms
29ms XHR
application/json 185.89.211.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.83 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8bcdb5a067d3b6ea4524d4b5e36d4157afce419a9428dfb776681aaecc470009

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:37:27 GMT
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 89fe0147-40b6-4c06-ba02-a3e6f016c443
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 156
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
343 B 218ms
37ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 234 B
487 B 215ms
60ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=2172227427

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b3dc641127c9001b13330d8bc1afc5da04a6dc3228ac540edb41dd4beae1c1c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kaltim.tribunnews.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 212

POST
H/1.1 200
OK prebid Show response
etarget-emea.adnxs.com/ut/v3/ 156 B
851 B 166ms
24ms XHR
application/json 185.89.211.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://etarget-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.26 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

371d1e77972fe88de6d98cf5bbdf57e6dd983d92d7413c2ab7f27b3b25693ebe

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:37:27 GMT
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9f1c4148-3d55-4a13-a6e8-c3f6b572cea7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 156
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 16 KB
8 KB 278ms
136ms XHR
application/json 185.89.211.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.83 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

eae25907207f1ac62bd4c4e5f2ceee3d78e9dcd12b2948cdd58414c9a1ae4ee3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 18 Sep 2022 19:37:27 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f1af6fc1-b799-4d5e-828c-0008941c1116
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
343 B 243ms
52ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:26 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 232 B
484 B 213ms
60ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=73703180332

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

19171493411351ba7dd2c2a9e424638dff16c8578443dbcb61ec1d799634a7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 18 Sep 2022 19:37:26 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kaltim.tribunnews.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 209

POST
H/1.1 200
OK prebid Show response
etarget-emea.adnxs.com/ut/v3/ 156 B
851 B 167ms
27ms XHR
application/json 185.89.211.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://etarget-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.26 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c3a795fc8758c9399923dc3e2c7630632755381439dec897c781aaba48dd69ce

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:37:27 GMT
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 02419702-9630-4cc2-975c-98343b50f252
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 156
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
16ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2127
date: Sun, 18 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 18 Sep 2022 21:02:00 GMT

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.1/dist/ 4 KB
2 KB 118ms
51ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.1/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12492823
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1061-Lg/hc9+R+8jAR7NYymzfENgFcZM"
fly-request-id: 01F48WGT78ARMG13FWZBRD2WYJ
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74cc894abcf40215-ZRH

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 62ms
25ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b07ed0f0fc0282ba2a0e4e74a8e29d38adff4b2710bee81c69b9c84d8ae1a583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77012
x-xss-protection: 0
expires: Sun, 18 Sep 2022 19:37:27 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 70ms
34ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50b0047af6f32bd2e1725d3c59ac96d0fa5be679ac36f165ff5cbf8a78f135c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74764
x-xss-protection: 0
expires: Sun, 18 Sep 2022 19:37:27 GMT

GET
H2 200 jxpublisher_3_1.min.js Show response
scripts.jixie.media/ 26 KB
26 KB 1236ms
21ms Script
application/javascript 163.171.128.128
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.128 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5dc685ed4935640fc69a56126575082ea8379cf3e588d9f1d7c1c6a1aff762ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:28 GMT
last-modified: Tue, 26 Jul 2022 03:20:58 GMT
server: AmazonS3
age: 2132052
etag: "bf81efb754e98c5d547786eb79360e62"
x-ws-request-id: 63277378_PSdgflkfFRA1zp79_2194-45748
x-amz-id-2: EIVqaQnh08yQVBtNW1mwO9xyIVyDVvRNxIoNIaMZRgGTnku2zV90JWYtDOP9dfgmUJs6y3jeYvE=
x-amz-version-id: aG2xyryM3T_tewlAPS7SOjwDyC.2MlqH
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 26290
accept-ranges: bytes
content-type: application/javascript
x-amz-request-id: V6TBC8D37P3W77ZZ
x-via: 1.1 hdx25:2 (Cdn Cache Server V2.0)[0 200 0], 1.1 PSdgflkfFRA1zp79:3 (Cdn Cache Server V2.0)[1 200 0]

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 105ms
28ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=114488588566911&ev=fb_page_view&dl=https%3A%2F%2Fkaltim.tribunnews.com%2F&rl=&if=false&ts=1663529847399&sw=1600&sh=1200&at=

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 18 Sep 2022 19:37:27 GMT

GET
H3 200 style
accounts.google.com/gsi/ 533 B
328 B 115ms
73ms Stylesheet
text/css 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-zbDT1j--eZjjPzqv3moCRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-zbDT1j--eZjjPzqv3moCRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 18 Sep 2022 19:37:27 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
536 B 634ms
24ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Sep 2022 19:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://kaltim.tribunnews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 68ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DFP7BBGFWN&gtm=2oe9e0&_p=209900040&_gaz=1&cid=676228237.1663529848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1663529847&sct=1&seg=0&dl=https%3A%2F%2Fkaltim.tribunnews.com%2F&dt=Tribunkaltim.co%20-%20Berita%20Terkini%20Kalimantan&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 118ms
30ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DFP7BBGFWN&cid=676228237.1663529848&gtm=2oe9e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 124ms
57ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DFP7BBGFWN&cid=676228237.1663529848&gtm=2oe9e0&aip=1&z=823586603

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
351 B 40ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FYJCTGV1LV&gtm=2oe9e0&_p=209900040&_gaz=1&cid=676228237.1663529848&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663529847&sct=1&seg=0&dl=https%3A%2F%2Fkaltim.tribunnews.com%2F&dt=Tribunkaltim.co%20-%20Berita%20Terkini%20Kalimantan&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
351 B 90ms
29ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FYJCTGV1LV&cid=676228237.1663529848&gtm=2oe9e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 95ms
57ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FYJCTGV1LV&cid=676228237.1663529848&gtm=2oe9e0&aip=1&z=9873631

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 110ms
27ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kaltim.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 86ms
26ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kaltim.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 521 KB
91 KB 888ms
887ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3222422483713283&correlator=728342271082854&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&iu_parts=31800665%2CTribunKaltim%2CHome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=160x600%2C728x90%7C970x90%7C970x250%2C300x600%7C300x250%2C300x250%2C300x600%7C300x250%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&adks=3804316819%2C4069701958%2C4106938682%2C3483082298%2C4106938680%2C710131021%2C710131022%2C686177462%2C686177449%2C1812077783&sfv=1-0-38&ists=31&fsapi=false&prev_scp=pos%3DLeftWideSkyscraper%26page%3Dhome%7Cpos%3DTopLeaderboard%26page%3Dhome%7Cpos%3DRightMediumRectangle-1%26page%3Dhome%7Cpos%3DRightMediumRectangle-2%26page%3Dhome%7Cpos%3DRightMediumRectangle-3%26page%3Dhome%7Cpos%3DNativeAds-Latest-1%26page%3Dhome%7Cpos%3DNativeAds-Latest-2%26page%3Dhome%7Cpos%3DNativeAds-Populer-1%26page%3Dhome%7Cpos%3DNativeAds-Populer-2%26page%3Dhome%7Cpos%3DPremiumTopframe%26page%3Dhome&eri=1&cust_params=safe_branding%3Dyes%26keyword_targetting1%3Dno%26keyword_targetting2%3Dno%26keyword_targetting3%3Dno%26keyword_targetting4%3Dno%26keyword_targetting5%3Dno%26contextual_targeting%3Dkaltim%252Ctribun%2520kaltim%252Cberita%2520kaltim%252Ckaltim%2520terkini%252Cberita%2520terkini&sc=1&cookie_enabled=1&abxe=1&dt=1663529847869&lmt=1663529847&dlt=1663529846822&idt=859&adxs=225%2C436%2C1075%2C1075%2C1075%2C-9%2C-9%2C1075%2C1075%2C-12245933&adys=498%2C150%2C498%2C3184%2C4147%2C-9%2C-9%2C1222%2C1327%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C-1%7C-1%7C3%7C4%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkaltim.tribunnews.com%2F&frm=20&vis=1&psz=160x600%7C970x250%7C300x600%7C300x600%7C300x600%7C0x-1%7C0x-1%7C300x105%7C300x105%7C0x0&msz=160x-1%7C728x90%7C300x250%7C300x-1%7C300x250%7C0x-1%7C0x-1%7C300x0%7C300x0%7C0x0&fws=128%2C132%2C640%2C640%2C640%2C2%2C2%2C128%2C128%2C128&ohw=0%2C728%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=676228237.1663529848&ga_sid=1663529848&ga_hid=209900040&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28da412115003b11b729dbdbf028f1d840e4217a1e40ef5a3228cde1978dba60

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNiEps2Ln_oCFUaFgwcdiDUO6Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/6574631222394224640/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNiEps2Ln_oCFUaFgwcdiDUO6Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/6574631222394224640/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
google-creative-id: -1,-1,-1,-1,-1,138361972125,138362601929,138366796737,138362660293,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92825
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,5778375738,5782653578,5806199487,5782655009,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Sun, 18 Sep 2022 19:37:28 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1349 6 KB
4 KB 237ms
23ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:37:28 GMT
expires: Mon, 18 Sep 2023 19:37:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
465 B 109ms
26ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Sep 2022 19:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://kaltim.tribunnews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 71ms
24ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=209900040&t=pageview&_s=1&dl=https%3A%2F%2Fkaltim.tribunnews.com%2F&ul=en-us&de=UTF-8&dt=Tribunkaltim.co%20-%20Berita%20Terkini%20Kalimantan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAQCAC~&jid=1542447168&gjid=1224375714&cid=676228237.1663529848&tid=UA-15224089-38&_gid=1313663856.1663529848&_r=1&gtm=2wg9e0NNJ5M3B&cd5=kaltim&cd10=homepage&cd20=676228237.1663529848&z=509375599

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 120ms
41ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15224089-38&cid=676228237.1663529848&jid=1542447168&gjid=1224375714&_gid=1313663856.1663529848&_u=YCDACEAABAQCAC~&z=1272692401

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 18 Sep 2022 19:37:28 GMT
content-type: text/plain
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 102ms
54ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15224089-38&cid=676228237.1663529848&jid=1542447168&_u=YCDACEAABAQCAC~&z=1582847674

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 94ms
56ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15224089-38&cid=676228237.1663529848&jid=1542447168&_u=YCDACEAABAQCAC~&z=1582847674

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 68ms
68ms XHR
application/json 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=657538641912-e5c2itnmne4v4ple558a79fi6kkb3iau.apps.googleusercontent.com&as=zlUjlVl3W1hzskcGEus7VQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1d5d78ebcf28982e081f9a8a246738b15070e37b396931694449371a3ed173a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-_vUAvC5jQXEPUEkl48U9kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-_vUAvC5jQXEPUEkl48U9kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CEA7 15 KB
6 KB 130ms
30ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kaltim.tribunnews.com

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kaltim.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:37:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 929642
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 121ms
65ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9a6c5f951aa79ae705a464e1ef4db6b38666aa06cd20ac56c06a9ca397d1219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11218
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 88ms
34ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:37:28 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame CEA7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=tribunnews.com&sn=ChromeSyncframe&so=0&topUrl=kaltim.tribunnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=pCXde3xxOUpYaUswSWFBdE9uclNnQXZPQlNlTU5ONThxd05EcUZEb3ZzYXBlbVhGMnpxMnU2bU0zQWFLZXFVSUppUVNkaEZKczRsZDdWZHNQWTR6bDAvNWlSb00vWDVsQmk5K0VwbkJzdStHbFlOQjE5THo4VERxNkljVV...

419 B
644 B

100ms
29ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pCXde3xxOUpYaUswSWFBdE9uclNnQXZPQlNlTU5ONThxd05EcUZEb3ZzYXBlbVhGMnpxMnU2bU0zQWFLZXFVSUppUVNkaEZKczRsZDdWZHNQWTR6bDAvNWlSb00vWDVsQmk5K0VwbkJzdStHbFlOQjE5THo4VERxNkljVVZnZHUwSkR6TXZ6MXZCWjFaT2dmcmtsNGx5WWFCZFhER2FwQVhQMHpBbGJYS0lhS2N2MWJMM3VyekVvSUdKMUQxUER6RlRDdElvS1BtcmFMb1gvbzBncTlnTjd6YzM0RUVsaXRjYU40SXJVdU5FK24rMWtJYXFqVnZYOHZLSUcwa0lkNnVZOVRlYy9CMEt1YXdWMnZUQjY3VmlWYlZaUT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

81ac6fad406a9ffa5169e72cde52126727f1184be89ea8eadaf9e262a18d00aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:28 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2308654
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:28 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=pCXde3xxOUpYaUswSWFBdE9uclNnQXZPQlNlTU5ONThxd05EcUZEb3ZzYXBlbVhGMnpxMnU2bU0zQWFLZXFVSUppUVNkaEZKczRsZDdWZHNQWTR6bDAvNWlSb00vWDVsQmk5K0VwbkJzdStHbFlOQjE5THo4VERxNkljVVZnZHUwSkR6TXZ6MXZCWjFaT2dmcmtsNGx5WWFCZFhER2FwQVhQMHpBbGJYS0lhS2N2MWJMM3VyekVvSUdKMUQxUER6RlRDdElvS1BtcmFMb1gvbzBncTlnTjd6YzM0RUVsaXRjYU40SXJVdU5FK24rMWtJYXFqVnZYOHZLSUcwa0lkNnVZOVRlYy9CMEt1YXdWMnZUQjY3VmlWYlZaUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 425146
content-length: 0
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
394 B 149ms
41ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Requested by: Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 4628c67f3423516ff2c07df9883726fd9fced4d522a2f57ac99edb1c0cf0fef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:28 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Tue, 18 Oct 2022 19:37:28 GMT

GET
H3 200 container.html Show response
8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B27F 6 KB
3 KB 53ms
17ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:37:28 GMT
expires: Mon, 18 Sep 2023 19:37:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7C63 13 KB
5 KB 320ms
19ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 15:20:20 GMT
expires: Mon, 18 Sep 2023 15:20:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 23EB 783 B
535 B 65ms
28ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a70191471177476feac482fb93521555db7446a40ae1ead5c10532b8c885b03d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5VJ5oTemA23pi4_Qe3KpWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kaltim.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-5VJ5oTemA23pi4_Qe3KpWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:37:28 GMT
expires: Sun, 18 Sep 2022 19:37:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 594E 6 KB
3 KB 17ms
17ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:37:28 GMT
expires: Mon, 18 Sep 2023 19:37:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame B27F 3 KB
674 B 70ms
26ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:27:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 19:37:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 19:37:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame B27F 2 KB
983 B 325ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:34:25 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B27F 0
0 298ms
295ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CspQdd3MnY5XtO8aKjuwPiOu4yA7cxbaDac7AxbemDczHmqb9CBABIMrW4x9gleKQgqAHoAGwuqHXA8gBCakCQyYB0hDOsD7gAgCoAwHIA8sEqgTzAU_QU_R6WGyMIyAi5RTSlC8IL9hkwkit6MeejfeG77wy9_qytWcWI7hUFaru5wJlKE3Z8ZiOwrIrDLh5zxy1zFiIKFGhp8CKzeFjMM0RyoQTxltVHzdIGafYC27ZaA5VGe7PC4TAslZptkBuNVeVrfWbxnnJoAlQW_vxF8HsWz77eI9dqzJqWtHj4BzIo9JBv1Byaz3ziaFOhVENwYK7KnMoxJeAoMVvIK-AU6291AOM8ZiN-zTZP3jxkHbBKaLGdzmd0AbuxigeLaLhHSjLZbb46OezpHnBp6s-RaD7YRM98X5oX3d7rEL7AQfaUT3nCdTHNsAEkav95KID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_ZvWCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQla8F0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTc3ODQwMzQwNjEyNTMwMjAY0cMR&sigh=Xqbs8FcB9Wo&uach_m=[UACH]&template_id=494
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame B27F 23 KB
10 KB 319ms
17ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 648
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:26:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame B27F 3 KB
1 KB 324ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:29:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame B27F 17 KB
7 KB 321ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:28:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B27F 0
0 24ms
23ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaREEZsAja0ZCO3DSGYF0Y8Cy1nuL3Qha4jz9FR9k7h0jOshxHjTHPNi--PUZ2PtCyRB8rDtwIe8HZE6wqMUXtvmKyLGxA
Requested by: Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B27F 141 KB
44 KB 359ms
312ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:37:29 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame B27F 33 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 09:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 09:51:18 GMT

GET
H2 200 12387699964291798256_9146618617033836075.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame B27F 71 KB
71 KB 128ms
58ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/12387699964291798256_9146618617033836075.jpeg

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:24:28 GMT
x-content-type-options: nosniff
age: 209581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72725
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 07:37:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 09:24:28 GMT

GET
H2 200 16954631344432514325
tpc.googlesyndication.com/daca_images/simgad/ Frame B27F 18 KB
18 KB 321ms
19ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16954631344432514325

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cd2df345488171f36ff248868b19d2759d24b295f25c0968d3f5ce7370f01bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:22:04 GMT
x-content-type-options: nosniff
age: 440125
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18045
x-xss-protection: 0
last-modified: Mon, 26 Jun 2017 02:19:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Sep 2023 17:22:04 GMT

GET
H2 200 15563671825036441357_18151003346215512536.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame B27F 57 KB
58 KB 88ms
19ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/15563671825036441357_18151003346215512536.jpeg

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab3f73e1f863baae6f8d45ee57fd9f1738af5e4dd2c5bb0f6e1374a1479a5de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:23:39 GMT
x-content-type-options: nosniff
age: 206030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58691
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 07:32:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 10:23:39 GMT

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame B27F
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

857ms
764ms

Image
image/png

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:38:45 GMT
x-content-type-options: nosniff
age: 381524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 09:38:45 GMT

Redirect headers

date: Sun, 18 Sep 2022 08:06:39 GMT
x-content-type-options: nosniff
server: cafe
age: 41450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Oct 2022 08:06:39 GMT

GET
H/1.1 200
OK newidgen Show response
traid.jixie.io/api/ 115 B
830 B 820ms
191ms XHR
application/json 114.119.175.30
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://traid.jixie.io/api/newidgen
Requested by: Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 114.119.175.30 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-114-119-175-30.compute.hwclouds-dns.com
Software: elb / Express
Resource Hash: 7dab56df9b930fa4ee3a3644d056559cb2c4df808bf04b7935fdd6f100f6af96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:37:29 GMT
Content-Encoding: gzip
Server: elb
X-Powered-By: Express
ETag: W/"73-OWdO7mX2ibTRLE1vQhRhwySlblc"
Vary: Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 css
fonts.googleapis.com/ Frame 594E 3 KB
1 KB 36ms
26ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 17:51:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 19:37:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 19:37:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 594E 2 KB
936 B 317ms
17ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:34:25 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 594E 0
0 296ms
296ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cbkljd3MnY5btO8aKjuwPiOu4yA7cxbaDac7AxbemDczHmqb9CBABIMrW4x9gleKQgqAHoAGwuqHXA8gBCakCQyYB0hDOsD7gAgCoAwHIA8sEqgT2AU_QDVRjRbmCER1UR7nGP-okpqwlQ1bK3OwT0N8_L3eaMBiCndwELI8Mv1cqSXI76xFkIun8HIH48hPmxUkkkXBIcmiqPypS5nA8Vrk8NZhtkmZ5orJPpnDHDpDScI7Dga4pO847Hq-8gUIWAlBjP8Y_cnfE1mMqpXkbqKhjs-lNX28Jg0G6YZV_amLqGcK5jLXrPH1BIaRrZLHZ1PkLOSBpsLd1NXMycGCS4fHs9Tk5FUkJt7z8IvHbsWXpv8oikNRNUScq6AwhvtH8nl3nlts8MyDEUgCU-O-Up85ubRjAFeuOzurndN8gNEL3bwF0p1d0kM2JvcAEkav95KID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_ZvWCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQva4L0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTc3ODQwMzQwNjEyNTMwMjAY0cMR&sigh=mb_hodtXSzA&uach_m=[UACH]&template_id=494
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 594E 23 KB
9 KB 318ms
17ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 648
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:26:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 594E 3 KB
1 KB 323ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:29:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 594E 17 KB
7 KB 321ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:28:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 594E 0
0 25ms
24ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLufX2-ycituFw-BHewPEl30MrxGdTG645icTyJbzh2F9OJ4FrEDWpE0TNUJ_WihtIDwqYOWFOjN5vIMIt-24D1_nh5g
Requested by: Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 594E 141 KB
44 KB 348ms
334ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:37:29 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 594E 33 KB
13 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 09:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 09:51:18 GMT

GET
H2 200 12387699964291798256_9146618617033836075.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 594E 71 KB
71 KB 133ms
78ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/12387699964291798256_9146618617033836075.jpeg

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:24:28 GMT
x-content-type-options: nosniff
age: 209581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72725
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 07:37:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 09:24:28 GMT

GET
H2 200 6660946515341460238_10574010480844803651.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 594E 63 KB
64 KB 97ms
42ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/6660946515341460238_10574010480844803651.jpeg

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97dc277e40f22dd4f072a0d94b5738e0ae8439fc33cd66b8c931068579283102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:43:36 GMT
x-content-type-options: nosniff
age: 208433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64979
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 07:37:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 09:43:36 GMT

GET
H2 200 16954631344432514325
tpc.googlesyndication.com/daca_images/simgad/ Frame 594E 18 KB
18 KB 321ms
20ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16954631344432514325

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cd2df345488171f36ff248868b19d2759d24b295f25c0968d3f5ce7370f01bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:22:04 GMT
x-content-type-options: nosniff
age: 440125
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18045
x-xss-protection: 0
last-modified: Mon, 26 Jun 2017 02:19:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Sep 2023 17:22:04 GMT

GET
H2 200 15563671825036441357_18151003346215512536.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 594E 57 KB
57 KB 101ms
46ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/15563671825036441357_18151003346215512536.jpeg

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab3f73e1f863baae6f8d45ee57fd9f1738af5e4dd2c5bb0f6e1374a1479a5de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:23:39 GMT
x-content-type-options: nosniff
age: 206030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58691
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 07:32:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 10:23:39 GMT

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 594E
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

717ms
648ms

Image
image/png

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:38:45 GMT
x-content-type-options: nosniff
age: 381524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 09:38:45 GMT

Redirect headers

date: Sun, 18 Sep 2022 08:06:39 GMT
x-content-type-options: nosniff
server: cafe
age: 41450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Oct 2022 08:06:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 23EB 0
0 88ms
54ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091301&jk=3222422483713283&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 container.html Show response
8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2C33 6 KB
3 KB 16ms
16ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:37:28 GMT
expires: Mon, 18 Sep 2023 19:37:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 2C33 3 KB
601 B 75ms
33ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:05:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 19:37:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 19:37:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 2C33 2 KB
902 B 1767ms
1470ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:34:25 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2C33 0
0 292ms
290ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cv31Cd3MnY5ftO8aKjuwPiOu4yA7cxbaDac7AxbemDczHmqb9CBABIMrW4x9gleKQgqAHoAGwuqHXA8gBCakCQyYB0hDOsD7gAgCoAwHIA8sEqgT2AU_QNE0KSa_m_Fdzwa2pjzoOUYL_FCTtdXu6Q4HgIVkeHdRtA5ISHWHHlLeNn9KKDsul5SuXqsZjnM00OH7hSZIWoHiWpgc4rbcYUU6-aDgNWGNmmAR35NpYnLBhr1hg_WnSsCy60YdYZkzsdoN7H1DVJDJnNIdU0Mgf12CEXaetTUCLDJfeA4O31aKN4aTm_b6cEb9fhEOb1s0QK0kFcOFEaxE2O-IJ5zLDYqCgW2xIPacRd144s-Y47umIsJRdo3Gygb2osvYT28mE-13tKUIwBHWcya-uBlhXeG85IpuGXc8_6gXdOt_xcNwrhf8QHKMPxamWyMAEkav95KID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_ZvWCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQlI0H0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTc3ODQwMzQwNjEyNTMwMjAY0cMR&sigh=i-d2Kqt8_qI&uach_m=[UACH]&template_id=494
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 2C33 23 KB
9 KB 541ms
247ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:37:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 2C33 3 KB
1 KB 1765ms
1472ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:29:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 2C33 17 KB
7 KB 762ms
470ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:14:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2C33 0
0 25ms
24ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrpXBgrrbzCXKjvuPQTVNmawNAopCOMqepJolL17ZvZLnZT4WeBWadlHPwTP7wCuMCQZ2DeQ7N4urav9ECHddMH3CyMg
Requested by: Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C33 141 KB
44 KB 241ms
238ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:37:29 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 2C33 33 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 09:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 09:51:18 GMT

GET
H3 200 12387699964291798256_9146618617033836075.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 2C33 71 KB
71 KB 70ms
31ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/12387699964291798256_9146618617033836075.jpeg

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:24:28 GMT
x-content-type-options: nosniff
age: 209581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72725
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 07:37:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 09:24:28 GMT

GET
H3 200 6660946515341460238_10574010480844803651.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 2C33 63 KB
63 KB 58ms
19ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/6660946515341460238_10574010480844803651.jpeg

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97dc277e40f22dd4f072a0d94b5738e0ae8439fc33cd66b8c931068579283102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:43:36 GMT
x-content-type-options: nosniff
age: 208433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64979
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 07:37:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 09:43:36 GMT

GET
H3 200 16954631344432514325
tpc.googlesyndication.com/daca_images/simgad/ Frame 2C33 18 KB
18 KB 1084ms
793ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16954631344432514325

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cd2df345488171f36ff248868b19d2759d24b295f25c0968d3f5ce7370f01bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:22:04 GMT
x-content-type-options: nosniff
age: 440125
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18045
x-xss-protection: 0
last-modified: Mon, 26 Jun 2017 02:19:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Sep 2023 17:22:04 GMT

GET
H3 200 15563671825036441357_18151003346215512536.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 2C33 57 KB
57 KB 61ms
23ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/15563671825036441357_18151003346215512536.jpeg

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab3f73e1f863baae6f8d45ee57fd9f1738af5e4dd2c5bb0f6e1374a1479a5de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:23:39 GMT
x-content-type-options: nosniff
age: 206030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58691
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 07:32:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 10:23:39 GMT

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 2C33
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

297ms
296ms

Image
image/png

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:38:45 GMT
x-content-type-options: nosniff
age: 381525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 09:38:45 GMT

Redirect headers

date: Sun, 18 Sep 2022 08:06:39 GMT
x-content-type-options: nosniff
server: cafe
age: 41450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Oct 2022 08:06:39 GMT

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 91ms
33ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 19 Sep 2022 19:37:29 GMT

GET
H3 200 container.html Show response
8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F903 6 KB
3 KB 16ms
15ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:37:28 GMT
expires: Mon, 18 Sep 2023 19:37:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA6F 6 KB
3 KB 16ms
15ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kaltim.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:37:28 GMT
expires: Mon, 18 Sep 2023 19:37:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tribunnews.com.1210784.js Show response
jsc.mgid.com/t/r/ Frame C558 2 KB
1 KB 99ms
39ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8defcfcc7044d5753f2a1c129d3e0211a96c068df11dcc6fcb7c25d3ca5ffdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 6167
cf-polished: origSize=2322
last-modified: Wed, 08 Jun 2022 10:34:27 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: A2V4FMEFNF82PPYY
x-amz-id-2: bhov5qvdY2WTGSSaMjrcjc9wpEPWeCLD4wJ+yxZTAdnpikoO7BpF4WjxSjlbkPNcAKKT38pkcXs=
cf-bgj: minify
server: cloudflare
etag: W/"000a62aefadb037ac47cfa84255cb0b3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: AByuedlJiELIplmBYwm5r4zBo4IKhQBf
cf-ray: 74cc8956296e2373-ZRH
expires: Sun, 18 Sep 2022 22:37:29 GMT

GET
DATA 200
OK truncated
/ Frame C558 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15265d18b7b9f602500c612bfd3ab3e17bf2af93d84ad0be391aa03133a1a197

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tribunnews.com.1181811.js Show response
jsc.mgid.com/t/r/ Frame CAA3 2 KB
1 KB 96ms
43ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5637fb0c1af143ce1d917da005a4eee55c9afa2dc9a4364f9da28ec0d89e4a59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ZAY1PABFY16P5PWW
cf-polished: origSize=2322
cf-ray: 74cc895629702373-ZRH
last-modified: Wed, 08 Jun 2022 10:33:30 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 1h6BySMpHlKoC+JywJnzfk43MLa9u1rFFly8nU9SpSV6F6PvcnvoAHqe4Fy/x66JKVT3Gnz3arM=
cf-bgj: minify
server: cloudflare
etag: W/"8a6e864c584234a37f98e62004586752"
vary: Accept-Encoding
x-amz-version-id: yWvQrtw2vcagPlaLBH2GnX_D9bmFl7p6
cache-control: public, max-age=10800
content-type: text/javascript
expires: Sun, 18 Sep 2022 22:37:29 GMT

GET
DATA 200
OK truncated
/ Frame CAA3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63d9c330b78082b29f6fac90215e6a5166351b555b2f1b4c9e95cdc3ece603e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/ Frame C2A0 85 KB
19 KB 385ms
261ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/index.html

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31dcd212c38b755b109e11d2f2b31f59e052bce9a197aa3485d182cdb7266dcc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 376640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19447
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 11:00:09 GMT
expires: Thu, 14 Sep 2023 11:00:09 GMT
last-modified: Wed, 07 Sep 2022 10:50:50 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F903 0
0 275ms
275ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CI6rrd3MnY5jtO8aKjuwPiOu4yA7OuNPta5z9no7GENzZHhABIMrW4x9gleKQgqAHoAHz5_a3AsgBCakCQyYB0hDOsD7gAgCoAwHIAwKqBI0CT9BWc0Zf7klYlVPLe32mmw6NE0nj_Q8AFzjHRWIGGUPaTna2UBEh2Shc9_hIPikEsCIs44a0IPwKhH55c1ngvk2qAePgJdNv3566-bkM8c4aV7nZzvSzDyML1TH9qbcQsGYdgDVUQnUHblNj9T7rLZSbHWKqwBQNK3_TN3S7TxC6CIQLNggTVmPPunKhUp8kDJR8DLodU7RJORMmWpehbMLfld3l-W_a85Oa8Lskwcd_5fBB3xOPMyx0enuBRwv4ULYh3bNh66WcpanhRelsectg207RbExFUFpubstzMQojDNzNC7sOOe1y4u2VDx-9Ka3o3yGys0uq42BNO0f1T-zlzBnAtZePUKfvCMvABMHzpJP-A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAZdgAf1l4nIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKmIC9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi03Nzg0MDM0MDYxMjUzMDIwGNHDEQ&sigh=4xzMwoZehCg&uach_m=[UACH]
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5CF1 143 B
426 B 310ms
16ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 18 Sep 2022 19:11:29 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame F903 3 KB
1 KB 1592ms
1471ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:29:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame F903 17 KB
7 KB 495ms
374ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:14:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DA6F 3 KB
601 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:07:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 19:37:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 19:37:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame DA6F 2 KB
902 B 1585ms
1472ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:34:25 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DA6F 0
0 281ms
281ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkJfgd3MnY5ntO8aKjuwPiOu4yA7cxbaDac7AxbemDczHmqb9CBABIMrW4x9gleKQgqAHoAGwuqHXA8gBCakCQyYB0hDOsD7gAgCoAwHIA8sEqgT2AU_QqGeqLSCHH5dALO1DzCVadi4r9eUNMkAEkY48haAZxbSz5x_SDOu3m1xzYxOaKEa1NEb5ALBkZncIb9Ik4zXY0rW5CIHJhKQeLZxsFp0tgFnoWCcqhw84sXzjvqUGU9AMNJ3ay3f8_Llv7SzW5dVIYzHFpBT35P6qzQmjZLLEnK9f6ubKWYIgJpfPTISmcAxlKzL5M90FUaUt9ux0V1GTnHKLeBZD915X-HLoN_kxcfzVYcq05JUcDoBzzv4u18uty2Ic7Wd4FIlAUPv6ahs9uF4Y2krDvLiI3JQCreB5sb4n0GgeXwM-29cGpAqVFsU_XjR8ZMAEkav95KID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_ZvWCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQpKQG0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTc3ODQwMzQwNjEyNTMwMjAY0cMR&sigh=-QeAAbqoxuw&uach_m=[UACH]&template_id=494
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame DA6F 23 KB
9 KB 526ms
414ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:37:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame DA6F 3 KB
1 KB 1584ms
1474ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:29:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame DA6F 17 KB
7 KB 617ms
507ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:14:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DA6F 0
0 29ms
28ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4irbGj8NcxBfR4u-7w9mDQlZ-w9mF0YowBeVR821J2S5VlHBD_jlq2qvCnkRecbXXq6aAkrKy4G87UCB8P0-Y4Y8zHQ
Requested by: Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA6F 141 KB
44 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:37:29 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame DA6F 33 KB
13 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 09:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 09:51:18 GMT

GET
H3 200 12387699964291798256_9146618617033836075.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame DA6F 71 KB
71 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/12387699964291798256_9146618617033836075.jpeg

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:24:28 GMT
x-content-type-options: nosniff
age: 209581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72725
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 07:37:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 09:24:28 GMT

GET
H3 200 16954631344432514325
tpc.googlesyndication.com/daca_images/simgad/ Frame DA6F 18 KB
18 KB 824ms
718ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16954631344432514325

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cd2df345488171f36ff248868b19d2759d24b295f25c0968d3f5ce7370f01bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:22:04 GMT
x-content-type-options: nosniff
age: 440125
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18045
x-xss-protection: 0
last-modified: Mon, 26 Jun 2017 02:19:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Sep 2023 17:22:04 GMT

GET
H3 200 15563671825036441357_18151003346215512536.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame DA6F 57 KB
57 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/15563671825036441357_18151003346215512536.jpeg

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab3f73e1f863baae6f8d45ee57fd9f1738af5e4dd2c5bb0f6e1374a1479a5de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:23:39 GMT
x-content-type-options: nosniff
age: 206030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58691
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 07:32:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 10:23:39 GMT

GET
H3 200 17529907153389355857
tpc.googlesyndication.com/daca_images/simgad/ Frame DA6F 28 KB
28 KB 657ms
551ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17529907153389355857

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5101a6ba53351d9eb60ce45901c0cca14120f84568162b5ffe3449e5833cc706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 19:45:07 GMT
x-content-type-options: nosniff
age: 517942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28257
x-xss-protection: 0
last-modified: Mon, 26 Jun 2017 02:20:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Sep 2023 19:45:07 GMT

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame DA6F
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

314ms
313ms

Image
image/png

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:38:45 GMT
x-content-type-options: nosniff
age: 381525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 09:38:45 GMT

Redirect headers

date: Sun, 18 Sep 2022 08:06:39 GMT
x-content-type-options: nosniff
server: cafe
age: 41450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Oct 2022 08:06:39 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 37ms
37ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 11:36:03 GMT
server: nginx
etag: W/"631f19a3-160f4"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 19 Sep 2022 19:37:29 GMT

GET
H3 200 TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C63 36 KB
16 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 15:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16105
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 15:20:20 GMT

GET
H3 200 tribunnews.com.1210784.es6.js Show response
jsc.mgid.com/t/r/ Frame C558 259 KB
76 KB 146ms
112ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c208f0465eac3db003fcf21e614d50835963a77cbeac641b03e207e870e7db23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 6167
cf-polished: origSize=264905
last-modified: Wed, 24 Aug 2022 10:17:48 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YYM651QXD29T4DQ1
x-amz-id-2: nfLQgCUi5CUHQChtz2lBrw2D2UhyWlMLJke9wByEG34FsbybMiCv4e3abPxvi0YlxOdGPYq9iUA=
cf-bgj: minify
server: cloudflare
etag: W/"f5ece328dfbc1e28997aada29152825a"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: Vdmfrn9oa8DVUc1DRru.jZj4jE_ORa2M
cf-ray: 74cc89569a7801f0-ZRH
expires: Sun, 18 Sep 2022 22:37:29 GMT

GET
DATA 200
OK truncated
/ Frame B27F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2227052fe753a05acb335afdc72ada48ae844abe4808d52984bc5a3615a6eb13

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 events.php Show response
trackad.cz/ 9 B
506 B 145ms
57ms XHR
text/javascript 185.59.208.153
VSHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://trackad.cz/events.php?u=https%3A%2F%2Fkaltim.tribunnews.com%2F&hbDomain=tribunnews.com
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 185.59.208.153 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS: webgarden-track-lb-ha2.vshosting.cz
Software: nginx /
Resource Hash: 9b82d7cd417c7a9b4e95fcc21bb024eeccee534035d5bec1a2a1268e6e4d4bd0

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:20 GMT
content-encoding: gzip
last-modified: Sun, 18 Sep 2022 19:37:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials: true
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H3 200 tribunnews.com.1181811.es6.js Show response
jsc.mgid.com/t/r/ Frame CAA3 257 KB
75 KB 154ms
137ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8824b86947bb050942704f6b30505a057943e5abf342bb9bd6ce915a76c535f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: EWMG409VPPDRFVQA
cf-polished: origSize=263592
cf-ray: 74cc89569a7601f0-ZRH
last-modified: Wed, 24 Aug 2022 10:14:50 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JJIWIBG73ceMcXznp1FJKa9lW8mSRtngCMqe5Z/DcdYQ3QcdpZRrdKh/Vu/Go64FTQqSVsc1mIU=
cf-bgj: minify
server: cloudflare
etag: W/"2a9927dcceb618dd9cb9952db634ccc7"
vary: Accept-Encoding
x-amz-version-id: d3qHVulHzArE0y3bMEKOZ7QPjQPntGSd
cache-control: public, max-age=10800
content-type: text/javascript
expires: Sun, 18 Sep 2022 22:37:29 GMT

GET
DATA 200
OK truncated
/ Frame 594E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81176ccfbc5bb87bf915fdaf544bc8df01badcbf8602dc337e894d736590d86e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B27F 20 KB
20 KB 319ms
18ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 422681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 22:12:48 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B27F 21 KB
21 KB 325ms
24ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:32:27 GMT
x-content-type-options: nosniff
age: 443102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 16:32:27 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 594E 20 KB
20 KB 323ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 422681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 22:12:48 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 594E 21 KB
21 KB 333ms
30ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:32:27 GMT
x-content-type-options: nosniff
age: 443102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 16:32:27 GMT

GET generate_204
tpc.googlesyndication.com/ Frame 7C63 0
0

GET
BLOB 200
OK 1b728e93-f198-4109-9bd6-dfdac4db906b
https://kaltim.tribunnews.com/ Frame CAA3 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kaltim.tribunnews.com/1b728e93-f198-4109-9bd6-dfdac4db906b
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK fb4910be-e55d-407b-9548-a2bbe409bf6b
https://kaltim.tribunnews.com/ Frame CAA3 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kaltim.tribunnews.com/fb4910be-e55d-407b-9548-a2bbe409bf6b
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
BLOB 200
OK b78ab0d1-2110-4625-a822-a4ee24b74f44
https://kaltim.tribunnews.com/ Frame C558 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kaltim.tribunnews.com/b78ab0d1-2110-4625-a822-a4ee24b74f44
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 04538ed5-6be0-4c5c-b120-caf28038021c
https://kaltim.tribunnews.com/ Frame C558 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kaltim.tribunnews.com/04538ed5-6be0-4c5c-b120-caf28038021c
Requested by: Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5CF1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
338 B

338ms
36ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:37:30 GMT
expires: Sun, 18 Sep 2022 19:37:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:37:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame CAA3 3 KB
630 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 18:03:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 19:37:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 19:37:29 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ Frame CAA3 0
43 B 173ms
159ms Script
text/plain 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=166352984965986937803&uniqId=0dafd&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fkaltim.tribunnews.com%2F&lu=https%3A%2F%2Fkaltim.tribunnews.com%2F&sessionId=6327737a-04f6f&pageView=1&pvid=183521b133bae24b450&site=535833&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cc89588de12373-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 78d2f6a3-cdbf-41e5-b100-2a0816c0da89
https://kaltim.tribunnews.com/ Frame CAA3 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kaltim.tribunnews.com/78d2f6a3-cdbf-41e5-b100-2a0816c0da89
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 css
fonts.googleapis.com/ Frame C558 3 KB
630 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:02:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 19:37:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 19:37:29 GMT

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame CAA3 2 KB
992 B 60ms
42ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 7050
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SG1V0WFRNKXC6R
x-amz-id-2: 2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 74cc8958ce362373-ZRH
expires: Mon, 19 Sep 2022 19:37:29 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame CAA3 836 B
812 B 53ms
36ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 5720
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SYWNNYNESPJ6F1
x-amz-id-2: 3myD4nXSsv4qiYMx2Hi56efn2ys0sdKXq9O5ZJG39ML6YXsxmNdK6iip2d5CSfCah3Py/VE8AbU=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 74cc8958ce3a2373-ZRH
expires: Mon, 19 Sep 2022 19:37:29 GMT

GET
BLOB 206
Partial Content 0f89ce06-a8d0-4752-afe5-5fb892fb4475
https://kaltim.tribunnews.com/ Frame C558 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kaltim.tribunnews.com/0f89ce06-a8d0-4752-afe5-5fb892fb4475
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame CAA3 16 KB
16 KB 481ms
248ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kaltim.tribunnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:52:55 GMT
x-content-type-options: nosniff
age: 521074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:52:55 GMT

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame C558 2 KB
1 KB 31ms
30ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 7050
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SG1V0WFRNKXC6R
x-amz-id-2: 2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 74cc8958ce3e2373-ZRH
expires: Mon, 19 Sep 2022 19:37:29 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame C558 836 B
581 B 36ms
35ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 5720
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SYWNNYNESPJ6F1
x-amz-id-2: 3myD4nXSsv4qiYMx2Hi56efn2ys0sdKXq9O5ZJG39ML6YXsxmNdK6iip2d5CSfCah3Py/VE8AbU=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 74cc8958ce402373-ZRH
expires: Mon, 19 Sep 2022 19:37:29 GMT

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame C558 16 KB
16 KB 476ms
260ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kaltim.tribunnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:52:55 GMT
x-content-type-options: nosniff
age: 521074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:52:55 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1181811/ Frame CAA3 1 KB
959 B 110ms
101ms Script
application/x-javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1181811/1?pv=5&cbuster=1663529849746634307038&uniqId=0dafd&lct=1661299200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=300&h=92&maxw_1=300&maxh_1=72&cols=1&ref=&cxurl=https%3A%2F%2Fkaltim.tribunnews.com%2F&lu=https%3A%2F%2Fkaltim.tribunnews.com%2F&sessionId=6327737a-04f6f&pageView=1&pvid=183521b133bae24b450&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d5530f5ee1f78ad8189aaed7e401699679e3f53affacf31d99e76d8e1e4a3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 74cc89591eb62373-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C2A0 16 KB
6 KB 505ms
504ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 07:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 19 Sep 2022 07:40:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C2A0 26 KB
10 KB 516ms
515ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 04:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 19 Sep 2022 04:52:24 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1210784/ Frame C558 1 KB
931 B 182ms
182ms Script
application/x-javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1210784/1?mp4=1&ap=1&w=300&h=92&maxw_1=300&maxh_1=72&cols=1&pv=5&cbuster=1663529849768185243055&uniqId=0f0db&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fkaltim.tribunnews.com%2F&lu=https%3A%2F%2Fkaltim.tribunnews.com%2F&sessionId=6327737a-04f6f&pageView=0&pvid=183521b133bae24b450&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edca457f4719ff9dbac3db16924095c1b0a5c9b58d98192d9ffb3159563f5212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 74cc89592ee02373-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK prod Show response
traid.jixie.io/sync/ 170 B
567 B 187ms
186ms XHR
application/json 114.119.175.30
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://traid.jixie.io/sync/prod
Requested by: Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 114.119.175.30 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-114-119-175-30.compute.hwclouds-dns.com
Software: elb / Express
Resource Hash: 0df04447181fe27c54a22004f091c32e685607e02defd1f5fe70947694c72907

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sun, 18 Sep 2022 19:37:30 GMT
Content-Encoding: gzip
Server: elb
X-Powered-By: Express
ETag: 53f0a340-3789-11ed-8ef4-cdf7d901e35c
Vary: Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

OPTIONS
H/1.1 204
No Content prod
traid.jixie.io/sync/ Frame 0
0 558ms
187ms Preflight 114.119.175.30
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://traid.jixie.io/sync/prod
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 114.119.175.30 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-114-119-175-30.compute.hwclouds-dns.com
Software: elb / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://kaltim.tribunnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://kaltim.tribunnews.com
Connection: keep-alive
Content-Length: 0
Date: Sun, 18 Sep 2022 19:37:30 GMT
Server: elb
Vary: Origin, Access-Control-Request-Headers
X-Powered-By: Express

GET
H3 204 l
www.google.com/ads/measurement/ Frame F903 0
0 24ms
23ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCHQUu3K7OCuojFXgEjtNCh52_4Doof9hmHc9Kxn5uA1YzPMeDdxvp24wfIxkdTMXRVtjFlCooGAWQNtXJd7enn6CtKQ
Requested by: Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F903 141 KB
44 KB 60ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:37:29 GMT

GET
DATA 200
OK truncated
/ Frame F903 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a34d5fc1a5a6bc2ca7e33402cd64eb44a2e1e986dc3be7c3b5ce65a1b5c128c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame CAA3 2 KB
1 KB 40ms
39ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 7050
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SG1V0WFRNKXC6R
x-amz-id-2: 2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 74cc8959c8b101f0-ZRH
expires: Mon, 19 Sep 2022 19:37:29 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame CAA3 836 B
1008 B 38ms
37ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 5720
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SYWNNYNESPJ6F1
x-amz-id-2: 3myD4nXSsv4qiYMx2Hi56efn2ys0sdKXq9O5ZJG39ML6YXsxmNdK6iip2d5CSfCah3Py/VE8AbU=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 74cc8959c8b601f0-ZRH
expires: Mon, 19 Sep 2022 19:37:29 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzEyNTMwOC83MzljM...
s-img.mgid.com/g/13801740/492x328/-/ Frame CAA3 17 KB
18 KB 108ms
49ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13801740/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzEyNTMwOC83MzljMjEwZDFjY2RjYTU1YTZjNjY5ZjU2MmUzMzljOC5wbmc.webp?v=1663529849-D0JvREGcFlhRpQiERXB96XjFDkfXUlKcUwxT5-ju26c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0eb054db3052b142e6240850ed4855af93c555b44dcf1b0324ca41aac3a4cb1

Request headers

Referer: https://kaltim.tribunnews.com/
Origin: https://kaltim.tribunnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 10:03:48 GMT
x-mg-request-uuid: 43bae049-66b6-4d78-8807-46695cebe642
age: 2885499
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 74cc895a1e620229-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17642
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ Frame CAA3 0
124 B 148ms
134ms Script
application/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1663529849878182214492
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 74cc8959e89d2373-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 664F 0
37 B 139ms
134ms Script
application/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1663529849888823613397
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 74cc8959e8992373-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame CAA3 209 KB
67 KB 182ms
52ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e44c56414d6d7edd75f68e972b2c7161626f82d4d3df26d8b76c237a223c090a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:30 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 10:48:20 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=105727
accept-ranges: bytes
content-type: application/javascript
content-length: 68097
expires: Tue, 20 Sep 2022 00:59:37 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame CAA3 48 KB
14 KB 190ms
36ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 18 Sep 2022 19:37:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
server: cloudflare
age: 2741
etag: W/"b17c28d6fd88a6b12feea5c52e9a7485"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 74cc895aeec7925b-FRA
x-amz-request-id: QDJ9R5CVV2749CKB
x-amz-id-2: uVNmhB5CKjvW2kk6nRvAAf2zFKzUZJGA7DDEuDmwhdWc2UFdhoWIxBcT17B4tBgSKZtq5vmjCwU=

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame C558 2 KB
1 KB 43ms
42ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 7050
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SG1V0WFRNKXC6R
x-amz-id-2: 2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 74cc895a59ce01f0-ZRH
expires: Mon, 19 Sep 2022 19:37:29 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame C558 836 B
1008 B 45ms
44ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 5720
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SYWNNYNESPJ6F1
x-amz-id-2: 3myD4nXSsv4qiYMx2Hi56efn2ys0sdKXq9O5ZJG39ML6YXsxmNdK6iip2d5CSfCah3Py/VE8AbU=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 74cc895a59d601f0-ZRH
expires: Mon, 19 Sep 2022 19:37:29 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzEyNTMwOC83MzljM...
s-img.mgid.com/g/13801740/492x328/-/ Frame C558 17 KB
17 KB 40ms
39ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13801740/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzEyNTMwOC83MzljMjEwZDFjY2RjYTU1YTZjNjY5ZjU2MmUzMzljOC5wbmc.webp?v=1663529849-D0JvREGcFlhRpQiERXB96XjFDkfXUlKcUwxT5-ju26c
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0eb054db3052b142e6240850ed4855af93c555b44dcf1b0324ca41aac3a4cb1

Request headers

Referer: https://kaltim.tribunnews.com/
Origin: https://kaltim.tribunnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:29 GMT
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 10:03:48 GMT
x-mg-request-uuid: 43bae049-66b6-4d78-8807-46695cebe642
age: 2885499
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 74cc895a5ed30229-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17642
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ Frame C558 0
37 B 139ms
138ms Script
application/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1663529849967152275239
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 74cc895a697f2373-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame C27A 0
37 B 135ms
135ms Script
application/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1663529849988292975842
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 74cc895a89be2373-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ Frame DA6F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f190feb667e88cf5a8b77896ae56bcdc8a5211bbf4f9032985c2870e214808e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame C558 209 KB
67 KB 132ms
107ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e44c56414d6d7edd75f68e972b2c7161626f82d4d3df26d8b76c237a223c090a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:30 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 10:48:20 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=105727
accept-ranges: bytes
content-type: application/javascript
content-length: 68097
expires: Tue, 20 Sep 2022 00:59:37 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame C558 48 KB
13 KB 98ms
48ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 18 Sep 2022 19:37:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
server: cloudflare
age: 2741
etag: W/"b17c28d6fd88a6b12feea5c52e9a7485"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 74cc895aeec9925b-FRA
x-amz-request-id: QDJ9R5CVV2749CKB
x-amz-id-2: uVNmhB5CKjvW2kk6nRvAAf2zFKzUZJGA7DDEuDmwhdWc2UFdhoWIxBcT17B4tBgSKZtq5vmjCwU=

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
53ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091301&jk=3222422483713283&bg=!EBOlE1fNAAZqQh0mSkI7ACkAdvg8WvcOwM0SJRBULXB5YfjVC5TUE-yfXCRo74JuQFynZo3R9sZQNQIAAACTUgAAAAJoAQcKALOjIZz5S7IQzfOoSJOPpYhlCmGCjlxv8RprIVj1A17EBPAunItyZQswSbBB2R_3irda7zXDBJmJYKu_KHhXyz2T0J_Usq-sKVDcNCRX6tk5n5ZmfTnJIXZpCQAIPhREm20konx54wz55YyLo5VZnwDUlK-ccHARjteQQ2q6OnembUBswQNHfnEz3MHoQqzEry0h4clRH97g2VKqO39QKld68MhNe1xGObQN7cFFvErpy2RmfpkCo8GNAeyZ9kRQD7F5ARFOYMajhdz3_GfGvi4dTJ1w5gsQ20tFGe9JDKbCgkyGrFXjYo41921NxDnXiyTHVLDTpmJGZ-4807Z8maEklqIrljktu1iNFHpypwYx7Jd9soBJLfX9s2vi3atZEKuEZuNIQSATkwbqWj8GLC5pfTLvp7mUFu1ww__lxEWfip_OsAa8z_9IZvwE_fV7a5n7XqJB-0hk44KS7zO1jFhGt2fEgTX01HZgDqIIwMbxiHGUGmpQIQW79y0BamoYcpnUBA61Wgv2EDkYI6UtNLHtUTHhdxOxD-IUQDixoXWUUJUWWifN7i0LTQ0MuLq1HV55zzcs1lUFBcJJMEp2wwBoakPtpbaH2rsZQGrenGkRyBNJ5Yf3Xtg7vaB3s5FYpZyoWj8BO6ChPu4jaz7-XtHvgNGoR0NO72vJs8iZu2QxvYH516g4WHGAiZ2I3kN7s-HBa7-NEXORqLrLT4zaXWku0BGhlcpuk44z4Ugkxk0VcwgrHGdtSywCMQFQehQVLjey95vnA9qa8WZVyIz_35OK9DL-_BDwPbIA-bRZ4T2IyDB981XNrHsTjZyJrvaMzXYhWiPLuNVjbDaYcINDJHpWfaSN4yp5ZuOvzbz8JoMu_VBsdHArradLJ6aSvUG8-zS2GEMnsnSsmJm7-C6M8jqqogzg0vDCdJo_-bgRWnrXMN3xXjLv7BZfDpiq-pwlCaf7g7JcFl5PYm7YLad-TI-rAn3pEXqEwXy0pSfTNDZziBD2zYGJzm68pSc31-m20mn-GvTGvE5nr1jYBBeWvMcL3FfTdi9Fj3dUCSdVx55g579aXZUMhUFHfDPJ7T-jKxKp0nORH_rzBksHxeiPBkVf1mkOp_3p8GBpZyPDoBilToQOO9fe4cncqg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame CAA3 33 B
335 B 62ms
16ms XHR
application/json 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3216533.ip-141-95-98.eu
Software: /
Resource Hash: 8c09e21a595b5e5b5dd20cc7ae30a9f553ca2b7888a73cd615846f1aa9dfab88

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kaltim.tribunnews.com
date: Sun, 18 Sep 2022 19:37:30 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ Frame CAA3 216 B
631 B 86ms
24ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

e9f400f8bb4889cc4e7dd24dd9837c862a92ed0369720fb9c2d5915afa615afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kaltim.tribunnews.com
date: Sun, 18 Sep 2022 19:37:29 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 79ms
25ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkaltim.tribunnews.com%2F&domain=kaltim.tribunnews.com&bundle=a2qgul85YUFGekhYaklTNm1TOUoxcEdSR1l3alJWZVhOQWVjQk1OamRiZGthdDdQZFVKVzRSUGolMkZiWXZoUWdnd0JtbzdrVG12c0JxUUpWZHRWc2dZcFhXb3FkQXlEaExZY1o2cXowdmxVYzRuc0Q5eUFBbyUyQjB2NW5Wejk4Z1ZxU25JMXZzam9BVFNWV2h1OGptY3U5S1JyY0ZRJTNEJTNE&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://kaltim.tribunnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 18 Sep 2022 19:37:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 601886
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame CAA3
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkaltim.tribunnews.com%2F&domain=kaltim.tribunnews.com&bundle=a2qgul85YUFGekhYaklTNm1TOUoxcEdSR1l3alJWZVhOQWVjQk1OamRiZGthdDdQZFVKV...
https://mug.criteo.com/sid?cpp=OX2sD3xMVlZnRE1vajEzYjZ3RzRxMXdrNzRDZDdHNVltNmQrNkozTWVLUVhyWFpUUFJYY0tNQW9lVkVkL3RKZXJNM09EMDViQnVoQlNseFplRndTT1VRb2xYM0kzVVRmQWFJZmNRUS9CMWtLT1p4d21hQVRzYlRLbEJjR0...

439 B
706 B

26ms
25ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=OX2sD3xMVlZnRE1vajEzYjZ3RzRxMXdrNzRDZDdHNVltNmQrNkozTWVLUVhyWFpUUFJYY0tNQW9lVkVkL3RKZXJNM09EMDViQnVoQlNseFplRndTT1VRb2xYM0kzVVRmQWFJZmNRUS9CMWtLT1p4d21hQVRzYlRLbEJjR0I3VWl0bGFyRk80dHJVb2pGcFJIdW9HbUExS1pOUlRQbWlMNnRVRU9zSXB5aW1oa2FhUDRBNzlPZklVT0dkSU1ya1dFVDVIUnpVaml4N1V5L1Z4dndPbExJMnhPSldxVUFVT002MnY2aUFjOVdSTTlhLzdtdFBTRm5RYmRHZHovblVYT2RzV2Zhck5Vemp0UTBWbVA5c1Y1dHgrZmJzNFpKVk5pTlMxMVI4NEdqaGt3VnVMbz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

39be092fc054b7249a94a0fb94f4b94a0612cc16f263c81d22418c681a896a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1997700
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:29 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=OX2sD3xMVlZnRE1vajEzYjZ3RzRxMXdrNzRDZDdHNVltNmQrNkozTWVLUVhyWFpUUFJYY0tNQW9lVkVkL3RKZXJNM09EMDViQnVoQlNseFplRndTT1VRb2xYM0kzVVRmQWFJZmNRUS9CMWtLT1p4d21hQVRzYlRLbEJjR0I3VWl0bGFyRk80dHJVb2pGcFJIdW9HbUExS1pOUlRQbWlMNnRVRU9zSXB5aW1oa2FhUDRBNzlPZklVT0dkSU1ya1dFVDVIUnpVaml4N1V5L1Z4dndPbExJMnhPSldxVUFVT002MnY2aUFjOVdSTTlhLzdtdFBTRm5RYmRHZHovblVYT2RzV2Zhck5Vemp0UTBWbVA5c1Y1dHgrZmJzNFpKVk5pTlMxMVI4NEdqaGt3VnVMbz18&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 794559
content-length: 0
expires: 0

GET
H2 200 idp.min.js Show response
content.zeotap.com/sdk/ Frame CAA3 55 KB
18 KB 112ms
42ms Script
application/javascript 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.zeotap.com/sdk/idp.min.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feb4fc467795a580abc9ca8be5f38bbec4cb85b1a5cd9c40743052acf912cf47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 3427
x-guploader-uploadid: ADPycdsiy-URPbrbZjDn0OMoi9Hl0Iyn55u9Rr3uc-ZLwfx8VW1j2m_Wd-c7VXk9nnRhRWVDbbqI-UdknGhsLEZ3dMT_4g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 08:59:03 GMT
server: cloudflare
etag: W/"ab1a346bb1160bca58c151a07ab8582b"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=ezzPYw==, md5=qxo0a7EWC8pYwVGgerhYKw==
x-goog-generation: 1645001943546675
cache-control: public,max-age=3600
x-goog-stored-content-length: 56329
cf-ray: 74cc895c6bdf91d2-FRA

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame C558 33 B
335 B 17ms
17ms XHR
application/json 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3216533.ip-141-95-98.eu
Software: /
Resource Hash: 5b705ff99d59a85b0f6fcba07b8fe8b3073830c1409000e5bd1e879a7f0f142b

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kaltim.tribunnews.com
date: Sun, 18 Sep 2022 19:37:29 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 40ms
25ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://kaltim.tribunnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 18 Sep 2022 19:37:29 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 659724
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame C558
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkaltim.tribunnews.com%2F&domain=kaltim.tribunnews.com&bundle=a2qgul85YUFGekhYaklTNm1TOUoxcEdSR1l3alJWZVhOQWVjQk1OamRiZGthdDdQZFVKV...
https://mug.criteo.com/sid?cpp=DMM_b3xoOFlzczFFSzdHNzVJL3lXc1Y2RU1YcTNXVVJZODBBUWVDS2JaakJwcTJYb2dmWXRMS3JMdU5zOElTYzc3V3JMbU9CemNlelZuL2p6NG5DSkRtTmpUTmFkbFFBcXpBRDhBSW5tcklzd0VjNk5WaFBWbG5UTnQzN1...

453 B
716 B

36ms
36ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=DMM_b3xoOFlzczFFSzdHNzVJL3lXc1Y2RU1YcTNXVVJZODBBUWVDS2JaakJwcTJYb2dmWXRMS3JMdU5zOElTYzc3V3JMbU9CemNlelZuL2p6NG5DSkRtTmpUTmFkbFFBcXpBRDhBSW5tcklzd0VjNk5WaFBWbG5UTnQzN1hhRUFtYnBxMEtyRjlkbkVGVC8wTi9kaERLNllYSkpBOXB1N0YzQ3pnRXAvQlhNcXdBSmZnN1F2MXNkMy9RMklMZWE3czFxV2tiZmFwS1ltSVVmcWIzYkhPTVdZaEREMWZGQ2NvVXlJZDV3WWk2eHB2VWkrdDFnOUxSK0lhdlBnUWQ4STJNM2NhejNsYVhOM29FRHpSM3Y1ZURYdXdkallyYkVPblA3RnlETEs5NlBLMlFvND18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e2f252052747c37e3b1793130f3771d61f5e40c7f65ecfab8e3f8176dd43d6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:30 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 9123443
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:29 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=DMM_b3xoOFlzczFFSzdHNzVJL3lXc1Y2RU1YcTNXVVJZODBBUWVDS2JaakJwcTJYb2dmWXRMS3JMdU5zOElTYzc3V3JMbU9CemNlelZuL2p6NG5DSkRtTmpUTmFkbFFBcXpBRDhBSW5tcklzd0VjNk5WaFBWbG5UTnQzN1hhRUFtYnBxMEtyRjlkbkVGVC8wTi9kaERLNllYSkpBOXB1N0YzQ3pnRXAvQlhNcXdBSmZnN1F2MXNkMy9RMklMZWE3czFxV2tiZmFwS1ltSVVmcWIzYkhPTVdZaEREMWZGQ2NvVXlJZDV3WWk2eHB2VWkrdDFnOUxSK0lhdlBnUWQ4STJNM2NhejNsYVhOM29FRHpSM3Y1ZURYdXdkallyYkVPblA3RnlETEs5NlBLMlFvND18&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 838341
content-length: 0
expires: 0

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ Frame C558 216 B
631 B 26ms
26ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

294663b7a2396cf86042d817fd4c60ab3b88817ada31b7837093e347097a85a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://kaltim.tribunnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kaltim.tribunnews.com
date: Sun, 18 Sep 2022 19:37:29 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 idp.min.js Show response
content.zeotap.com/sdk/ Frame C558 55 KB
19 KB 75ms
41ms Script
application/javascript 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.zeotap.com/sdk/idp.min.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feb4fc467795a580abc9ca8be5f38bbec4cb85b1a5cd9c40743052acf912cf47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 3427
x-guploader-uploadid: ADPycdsiy-URPbrbZjDn0OMoi9Hl0Iyn55u9Rr3uc-ZLwfx8VW1j2m_Wd-c7VXk9nnRhRWVDbbqI-UdknGhsLEZ3dMT_4g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 08:59:03 GMT
server: cloudflare
etag: W/"ab1a346bb1160bca58c151a07ab8582b"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=ezzPYw==, md5=qxo0a7EWC8pYwVGgerhYKw==
x-goog-generation: 1645001943546675
cache-control: public,max-age=3600
x-goog-stored-content-length: 56329
cf-ray: 74cc895c6be191d2-FRA

GET
DATA 200
OK truncated
/ Frame 2C33 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8568784a92910f57f3a94f34e898568da20b0bbdc8ef969acf69db9dfd3170b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 78ms
24ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 18 Sep 2022 19:37:29 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 558558
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 77ms
24ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 18 Sep 2022 19:37:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 448118
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/ Frame C2A0 2 KB
2 KB 535ms
535ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/cta.png

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20cb24c74f871c8c78b9c355ac140bed804938586ae1e7241aed2755c0360df8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 376640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1633
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 10:50:50 GMT
server: sffe
date: Wed, 14 Sep 2022 11:00:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 11:00:10 GMT

GET
H3 200 date.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/ Frame C2A0 2 KB
2 KB 537ms
535ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/date.png

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7fe6c0d333d2327b1d05c1971e8ad3a4ed2ec27455685741c83f2f57dab5d0a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 376640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2142
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 10:50:50 GMT
server: sffe
date: Wed, 14 Sep 2022 11:00:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 11:00:10 GMT

GET
H3 200 h2-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/ Frame C2A0 6 KB
6 KB 547ms
545ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/h2-logo.png

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97a75d1f8c4917bd9b213b4b57efbd64a7521d77843dd04208168d1637451f84

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 220185
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6276
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 10:50:50 GMT
server: sffe
date: Fri, 16 Sep 2022 06:27:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 06:27:45 GMT

GET
H3 200 held_in_parallel_with.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/ Frame C2A0 1 KB
1 KB 545ms
544ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/held_in_parallel_with.png

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97eb01088e5e3368035be5ad62e2ccbd4a25737fa5abfc61877e4404b3dbca91

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 376640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1361
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 10:50:50 GMT
server: sffe
date: Wed, 14 Sep 2022 11:00:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 11:00:10 GMT

GET
H3 200 headline.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/ Frame C2A0 4 KB
4 KB 538ms
537ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/headline.png

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb7886a3b64462a995d17c19a809ca44029a59f94c4794cafc9df64d2e36645c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 376640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3647
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 10:50:50 GMT
server: sffe
date: Wed, 14 Sep 2022 11:00:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 11:00:10 GMT

GET
H3 200 wave.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/ Frame C2A0 1 KB
1 KB 544ms
543ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/wave.png

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14da7784744d6844dd9ca80985c03d96cb3c11cf2d7dc347b1f777d40115b63a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 376640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1335
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 10:50:50 GMT
server: sffe
date: Wed, 14 Sep 2022 11:00:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 11:00:10 GMT

GET
H3 200 weh-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/ Frame C2A0 3 KB
3 KB 539ms
538ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/weh-logo.png

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71342f830860e0d89cd0a33406047546eb7be804e98f226138a67d9ee8c35ca1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 376640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3109
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 10:50:50 GMT
server: sffe
date: Wed, 14 Sep 2022 11:00:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 11:00:10 GMT

GET
H3 200 keyvisual-blur.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/ Frame C2A0 26 KB
26 KB 555ms
554ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/keyvisual-blur.png

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f7f852f01407c2cc19053b3e800fd7dc2aadafbf5a868272059a8f7469495b7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 376640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26161
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 10:50:50 GMT
server: sffe
date: Wed, 14 Sep 2022 11:00:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 11:00:10 GMT

GET
H3 200 keyvisual.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/ Frame C2A0 101 KB
101 KB 560ms
559ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6574631222394224640/keyvisual.png

Requested by

Host: 8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
URL: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ba9c6dc5b426fbb7a97e939e80522f3a5d4a5d1559b16a773f493772201cc0d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 203344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103318
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 10:50:50 GMT
server: sffe
date: Fri, 16 Sep 2022 11:08:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 11:08:26 GMT

GET
H3 200 TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js Show response
pagead2.googlesyndication.com/bg/ Frame 589F 36 KB
16 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 15:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16105
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 15:20:20 GMT

GET
H3 200 TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F1A 36 KB
16 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 15:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16105
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 15:20:20 GMT

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 156ms
29ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=156479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:30 GMT
content-length: 0

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 332ms
27ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:37:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 pd
u.openx.net/w/1.0/ 43 B
131 B 99ms
33ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:30 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 2C33 20 KB
20 KB 286ms
285ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 422683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 22:12:48 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 2C33 21 KB
21 KB 323ms
323ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:32:27 GMT
x-content-type-options: nosniff
age: 443104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 16:32:27 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame DA6F 20 KB
20 KB 371ms
371ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 422683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 22:12:48 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame DA6F 21 KB
21 KB 425ms
425ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:32:27 GMT
x-content-type-options: nosniff
age: 443104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 16:32:27 GMT

GET
H3 200 TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D1E 36 KB
16 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 15:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16105
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 15:20:20 GMT

GET
H3 200 TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0599 36 KB
16 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js

Requested by

Host: kaltim.tribunnews.com
URL: https://kaltim.tribunnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 15:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16105
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 15:20:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 594E 42 B
64 B 96ms
61ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAUR8OiwBko-g7Bf6Wlvwud3MH5TKdhthRUe2FPFsRAFhLgAEzrIN15Ab0rBwvGX5XCgMX4R-C4DTMBrVESWpsViBUqh8eZljJKvjbAH-3vFpjMn9VjlcNXqz8EBX02YJvpBv3xxtyQMkn4NNXWn93RbforaS7rZ3Ddg&sai=AMfl-YRu1sQ17WVLGS97fgOHwNtAWXmdAcdKMl_CV7xc9NyUCYsviu_c8DkSIaTq-oo3YDpRq2w5NlizmOVOFXLMMPokJxtjZ6vIXJOdDE4naBQQ4lE42E1RGSwFsT9pUJw&sig=Cg0ArKJSzKPzL9_kYFOhEAE&id=lidar2&mcvt=1001&p=70,315,320,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4069701958&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663529848957&rpt=1864&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B27F 42 B
64 B 66ms
60ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxSCZU92jQTvHIW4yKIUA6F659Qx3EyqnHJ3nVbZHU05-HXe_DHILh8l6Yk9ljVCgSCZPYWCPGxw8HvmzxIazwTx8bRhpsRjYIWfS1BtFGSyHT-WYmbdaFZJc9KxF0aaUhcymJaPFxtysMRCYXIvzRH9ct9f17I9AG2Q&sai=AMfl-YQ-9vIAt91BBBU6DHmC9KVxBoQrTEE4cwVjnbncdpYw63XgJ_xXCiNENp7uQaIJD12H40IXUbVD5TRjOK-z6U5HpsOxSCmX3IBUYKBf2E0Lt2WM__gwHKVg5mzIlUs&sig=Cg0ArKJSzAxmRW4qhC32EAE&id=lidar2&mcvt=1000&p=498,225,1098,385&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3804316819&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663529848896&rpt=1948&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 63ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DFP7BBGFWN&gtm=2oe9e0&_p=209900040&cid=676228237.1663529848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1663529847&sct=1&seg=0&dl=https%3A%2F%2Fkaltim.tribunnews.com%2F&dt=Tribunkaltim.co%20-%20Berita%20Terkini%20Kalimantan&en=UA%20pageviews&ep.domain=kaltim&ep.content_type=homepage&ep.agent=desktop&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 31ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FYJCTGV1LV&gtm=2oe9e0&_p=209900040&cid=676228237.1663529848&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1663529847&sct=1&seg=0&dl=https%3A%2F%2Fkaltim.tribunnews.com%2F&dt=Tribunkaltim.co%20-%20Berita%20Terkini%20Kalimantan&en=pageview&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kaltim.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kaltim.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C33 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTl_QxRlQXTzu35SB4cN11w6ZOxpBFvdXUWCm_utAxx0DdPeu2m5sxLQP0bTVH1QOtGRXOAo-YlUmcRZmdTynLXA_XJV_JwaHDCjt0mPDZhaSAVV6YgEZMNlVlQig3Nuz5lZfDK28JnccV9_elJRJ8UCn3GIRuxwrBFQ&sai=AMfl-YQ5xCNmuxuQLdIzt3nqP1ZjM25yEHvTS7Wmb7hWhVKkrG0lu994s4AkqtGuHya-H21Yc4CMVdU7ATXnTmqwtWe7JGfQvZiKiY07d3ig-xmkhGbYHy8_sIAmM6Y6KIs&sig=Cg0ArKJSzG1mmSLmos3TEAE&id=lidar2&mcvt=1000&p=498,1075,1098,1375&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4106938682&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663529849080&rpt=2514&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?LhT0Ag

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tribunnews.com/	1970-01-20 06:05:37	Name: csrf_cookie_name Value: 98cf32302769b2554c9cf838367723d4
.tribunnews.com/	1970-01-20 06:06:05	Name: 3bun_session Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22bd6549dc086125e6c877d3d4f3bc7d51%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22172.31.21.224%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A17%3A%22Amazon+CloudFront%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1663464045%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dd1a5d3807694cfddd0667ac5913dcddd
kaltim.tribunnews.com/	1970-01-20 06:48:41	Name: _pbjs_userid_consent_data Value: 3524755945110770
.facebook.com/	1970-01-20 08:15:05	Name: fr Value: 0PmiNkS1V7Q1rAfsD..BjJ3N3...1.0.BjJ3N3.
.tribunnews.com/	1970-01-20 15:41:29	Name: _ga_DFP7BBGFWN Value: GS1.1.1663529847.1.0.1663529847.60.0.0
.tribunnews.com/	1970-01-20 15:41:29	Name: _ga_FYJCTGV1LV Value: GS1.1.1663529847.1.0.1663529847.60.0.0
.rubiconproject.com/	1970-01-20 14:51:05	Name: khaos Value: L87QPX7H-Y-LLKE
.rubiconproject.com/	1970-01-20 14:51:05	Name: audit Value: 1\|naVuGyos1qqxd99UBY/9NP+oE/PhLWQEKtLvkckcz9t9RnRL5Ni0L3vROAtb1RrsdSbYao463tOmbGBgRAsmA3KY++jymV4//OcAOQ2chXQTS1P2tDIGrA==
.adnxs.com/	1970-01-20 08:15:05	Name: icu Value: ChgI59lKEAoYASABKAEw9-admQY4AUABSAEQ9-admQYYAA..
.adnxs.com/	1970-01-20 08:15:05	Name: uuid2 Value: 4319257778722409709
.jixie.io/	1970-01-20 14:51:05	Name: _jxx Value: 53f0a340-3789-11ed-8ef4-cdf7d901e35c
.jixie.io/	1970-01-20 06:05:31	Name: _jxxs Value: 1663529847-53f0a340-3789-11ed-8ef4-cdf7d901e35c
.tribunnews.com/	1970-01-20 06:06:56	Name: ukid Value: 675a733f2704160bbaf6839ea50da471
.tribunnews.com/	1970-01-20 06:05:33	Name: AMP_TOKEN Value: %24NOT_FOUND
.tribunnews.com/	1970-01-20 15:41:29	Name: _ga Value: GA1.2.676228237.1663529848
.tribunnews.com/	1970-01-20 06:06:56	Name: _gid Value: GA1.2.1313663856.1663529848
.tribunnews.com/	1970-01-20 06:05:29	Name: _gat_UA-15224089-38 Value: 1
.criteo.com/	1970-01-20 15:27:05	Name: uid Value: a63b50f0-2813-4d48-ad54-d5485eab900e
.tribunnews.com/	1970-01-20 15:27:05	Name: __gads Value: ID=74d07dd4e9b42106-229fcd6425ce0073:T=1663529847:S=ALNI_MY2J15j8xCZQEtRArdGQOBQlkmAAQ
.tribunnews.com/	1970-01-20 15:27:05	Name: cto_bundle Value: a2qgul85YUFGekhYaklTNm1TOUoxcEdSR1l3alJWZVhOQWVjQk1OamRiZGthdDdQZFVKVzRSUGolMkZiWXZoUWdnd0JtbzdrVG12c0JxUUpWZHRWc2dZcFhXb3FkQXlEaExZY1o2cXowdmxVYzRuc0Q5eUFBbyUyQjB2NW5Wejk4Z1ZxU25JMXZzam9BVFNWV2h1OGptY3U5S1JyY0ZRJTNEJTNE
.mgid.com/	1970-01-20 06:05:31	Name: __cf_bm Value: rE0lbRbEjHm1CtlRAWjCjkqsGleA4CZx0icX.E.hJm0-1663529849-0-AZXRWHs1AsoqoL8SG5EFQjIt418Hzx2vuAWziBINPPfoWWSOV29VKD6c/bufutur1v42vETyi5DJ7t0Qw/GgDVo=
.doubleclick.net/	1970-01-20 15:27:05	Name: IDE Value: AHWqTUluxBBKZP19u2N0q776dSkV-nuBcbzNDAyjVYT8G93Tlbiw8UmECesxxhfE31A
kaltim.tribunnews.com/	1970-01-20 14:51:05	Name: _jxx Value: 53f0a340-3789-11ed-8ef4-cdf7d901e35c
.tribunnews.com/	1970-01-20 14:51:05	Name: _jxx Value: 53f0a340-3789-11ed-8ef4-cdf7d901e35c
kaltim.tribunnews.com/	1970-01-20 06:05:31	Name: _jxxs Value: 1663529847-53f0a340-3789-11ed-8ef4-cdf7d901e35c
.tribunnews.com/	1970-01-20 06:05:31	Name: _jxxs Value: 1663529847-53f0a340-3789-11ed-8ef4-cdf7d901e35c
kaltim.tribunnews.com/	1970-01-20 14:51:05	Name: _jx Value: 53f0a340-3789-11ed-8ef4-cdf7d901e35c
.tribunnews.com/	1970-01-20 14:51:05	Name: _jx Value: 53f0a340-3789-11ed-8ef4-cdf7d901e35c
kaltim.tribunnews.com/	1970-01-20 06:05:31	Name: _jxs Value: 1663529847-53f0a340-3789-11ed-8ef4-cdf7d901e35c
.tribunnews.com/	1970-01-20 06:05:31	Name: _jxs Value: 1663529847-53f0a340-3789-11ed-8ef4-cdf7d901e35c
kaltim.tribunnews.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fkaltim.tribunnews.com%2F%22%2C%22svsds%22%3A2%7D%2C%22C1181811%22%3A%7B%22page%22%3A1%2C%22time%22%3A1663529849863%7D%2C%22C1210784%22%3A%7B%22page%22%3A1%2C%22time%22%3A1663529849957%7D%7D
.doubleclick.net/	1970-01-20 06:05:33	Name: DSID Value: NO_DATA
.tribunnews.com/	1970-01-20 14:51:05	Name: zpstorage_MA%3D%3Dconsenttribunnews.com Value: eyJyZXNvbHZlZCI6dHJ1ZSwiY29uc2VudFN0cmluZyI6IiIsImdkcHJBcHBsaWVzIjpmYWxzZSwidHJhY2siOnRydWUsImlkZW50aWZ5Ijp0cnVlLCJjb29raWVTeW5jIjp0cnVlLCJ2ZW5kb3JDb25zZW50Ijp0cnVlfQ%3D%3D
kaltim.tribunnews.com/	1970-01-20 15:27:05	Name: cto_bidid Value: VNK4ol9oYXg3OHBKT3BTUEtTcGdFOHQwYTU0WklwJTJCVCUyQlJacGYyRmFRV09kTEpXZjVVaWowTG11TGNiVVV0Z1NWNjE2bkNVb0pJc25sUGJ6SGZNTzlvYld3UmwwTklNUllLejJqMWFEJTJCSnZrMUlqd1h6TUdjdiUyRlBrOSUyRm8zU1VTNEU4R2M
kaltim.tribunnews.com/	1970-01-20 15:27:05	Name: cto_bundle Value: T_FhS185YUFGekhYaklTNm1TOUoxcEdSR1l6NSUyRnZHV3M2d1JXRnpZUnpUSWg0Y1RsY3pvcDRNRkVnSWlQZ2dlbTc3MDB4YlRVb1hNRDZJdTN1SXhKSUpjZFhyY050cU1PJTJCcW9ZJTJCeWVVZ2MlMkZYUnNTTzBoZ3hlaUo0RE9xTWZSZzlOVWVnbHNMZTNoRTJxMGxBZ21aUDl3TXZBZyUzRCUzRA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8f5365d770aa0705c3e2cfd3da2f70d6.safeframe.googlesyndication.com
a.teads.tv
accounts.google.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
apis.kompas.com
asset.kompas.com
bidder.criteo.com
c.mgid.com
cdn-1.tstatic.net
cdn-2.tstatic.net
cdn-3.tstatic.net
cdn.id5-sync.com
cdn.mgid.com
cm.mgid.com
connect.facebook.net
content.zeotap.com
delivery.r2b2.io
eb2.3lift.com
etarget-emea.adnxs.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.jixie.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
id5-sync.com
image8.pubmatic.com
jsc.mgid.com
kaltim.tribunnews.com
kompascybermedia-d.openx.net
lb.eu-1-id5-sync.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prg.smartadserver.com
prg8.smartadserver.com
r2b2-emea.adnxs.com
region1.analytics.google.com
s-img.mgid.com
sb.scorecardresearch.com
scripts.jixie.media
search.spotxchange.com
securepubads.g.doubleclick.net
servicer.mgid.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
t-1.tstatic.net
t-2.tstatic.net
t-3.tstatic.net
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
trackad.cz
traid.jixie.io
u.openx.net
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
tpc.googlesyndication.com
103.132.192.30
104.18.18.126
110.238.107.108
114.119.175.30
13.224.189.126
13.224.189.54
13.224.189.93
13.225.78.11
13.225.78.16
13.225.78.74
13.225.78.80
13.32.99.68
141.95.98.64
141.95.98.67
15.197.193.217
163.171.128.128
178.250.2.131
178.250.2.146
18.155.153.29
18.198.174.222
18.66.15.39
185.59.208.153
185.64.190.77
185.64.190.79
185.86.137.32
185.86.139.58
185.89.211.26
185.89.211.83
185.94.180.124
2001:4860:4802:32::36
213.19.147.43
23.35.229.56
23.35.236.201
2602:803:c003:200::41
2606:4700:10::6816:3456
2606:4700:10::ac43:db6
2606:4700:1::6813:884e
2606:4700::6810:7aaf
2606:4700::6812:bcf
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::200d
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:400c:c00::9c
2a02:2638:1::3
2a02:2638::1c
2a02:6ea0:c700::10
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
35.244.159.8
76.223.111.18
02adbac2565f8480082711bd2c6fe1a1c4b18ee79f1af7807c1f43fd7d154963
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
04f15f76f85b582d60f6de2e23030fec9ff9a7cdd12d483873ca85f305bce0b1
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07d5530f5ee1f78ad8189aaed7e401699679e3f53affacf31d99e76d8e1e4a3c
0b4b8f88d48aa9f88f7e9f20fa7ea5069d71a054e5efbf840f597c6ca6897d7b
0c90a6d38f4475d1ca22b57ad8ea01ef77204a755a6ac2ad7d7aacecd3fbde5c
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
0df04447181fe27c54a22004f091c32e685607e02defd1f5fe70947694c72907
10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
130368e1880972a560164d6a42407eb853179a8eb98aa11b3ec7605296dfe775
14da7784744d6844dd9ca80985c03d96cb3c11cf2d7dc347b1f777d40115b63a
15265d18b7b9f602500c612bfd3ab3e17bf2af93d84ad0be391aa03133a1a197
15887578870885161c59b65914860e82cc7441248efc627f3c8344b9f54db65f
15c5a76de91f6a34def9a89fdc30a1ee8b31edb4ffd77e871f2fed32763cf98c
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19171493411351ba7dd2c2a9e424638dff16c8578443dbcb61ec1d799634a7f2
198df9e86e8cad251be95483e0a9df4e44f3a2611dff9a915c05555cada60ef2
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
20cb24c74f871c8c78b9c355ac140bed804938586ae1e7241aed2755c0360df8
21bb8b2da922e092ee9dfa8d45dd6cfdcfc06835b73f451ea13feef7610c43d2
2227052fe753a05acb335afdc72ada48ae844abe4808d52984bc5a3615a6eb13
241be19d8e0ae944f2ebdb957b900591a7325ddd785bcfa7b5aaf9424f8795a0
28da412115003b11b729dbdbf028f1d840e4217a1e40ef5a3228cde1978dba60
294663b7a2396cf86042d817fd4c60ab3b88817ada31b7837093e347097a85a1
2df1880bc41b0c87529cf24d0bfa774060d2e17417225f4409b55e2313510523
2f9ecb8e1c41aeeb8983591498e78e82342ca1fd4be35250764c5494f4ccd05a
31dcd212c38b755b109e11d2f2b31f59e052bce9a197aa3485d182cdb7266dcc
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
365168b741b2c13608f5a89a7dd6081f7006079f53292c91725290a331d992f6
371d1e77972fe88de6d98cf5bbdf57e6dd983d92d7413c2ab7f27b3b25693ebe
383577a19566f5dbcbe746e7f5397a5b45e9d68bb603812651b217cd97844bdf
38c652f2c4344262c9b4e66d19c6e6fc039d93e2aebc69374383e5d64acdc14a
38f3e299be74536064d1520ddf967b2a556fc6c536cce9a5a3dc46d2bc8554e1
39be092fc054b7249a94a0fb94f4b94a0612cc16f263c81d22418c681a896a13
3b007ce23cb6dbf29de8d52ad10201a436df6e2a03a897ce93214d12c04afdbd
3b266f5c6a3325583d3295451669e61751617f842a1b0362ad5c0edaa726a2b0
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
3c07a0e37be58ccd4de161d91d9a6df7bd01fd33bb54bb2e0a955aa110ced1ea
3fee8a4fe55d15d7ad5da0426d76a39ba93325ee5d32eee8ee7ef1f4176321b6
4003c566483649c108a5eb3ecd4c5a099f98960558f722d71ef6e63267ab09fe
419a8186694aabd2e88864a50f905f2931be5650bba099233e2d8a22db4d3821
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
461f906fbdd651ac3cc6e3c4424304be60da05bd573659d5bc855724137ebcb2
4628c67f3423516ff2c07df9883726fd9fced4d522a2f57ac99edb1c0cf0fef2
46e97ec58a6964473ec254346a5cf2939d79fb9b9b0e7bc26ca2d0b5a59c0269
49e9d9f4caa7c3107079272defb7962e8483ca2b51156daae653e7e5b257b372
4a9d5f68de8410ebce6191901bd458f8a1d5dd63aa3f955a469938a1e87f0702
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
50b0047af6f32bd2e1725d3c59ac96d0fa5be679ac36f165ff5cbf8a78f135c5
5101a6ba53351d9eb60ce45901c0cca14120f84568162b5ffe3449e5833cc706
52985ca00e82ec689eb22669c02e596325f62481e98c5434d7732905052d2565
53f1ab408e8e90ee62653e656bb9cea7f0f83fe469a6068abfa783974c909054
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55002a52fc7d6c252606b173042aed16f4b426884d02d009179d71576dbf2102
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
55f5ae06829df25012203d5b37ee87270e890362249f6363e9e78f58fb061514
5637fb0c1af143ce1d917da005a4eee55c9afa2dc9a4364f9da28ec0d89e4a59
5b705ff99d59a85b0f6fcba07b8fe8b3073830c1409000e5bd1e879a7f0f142b
5b8c82bd4219aa07a3fca2fa5d97b4cc1039143449e7dc0db07094579a0d6c60
5db06f72f368bbb55c5a0e5525824fa6a83df2f01b4b9649b5c3acf1d5bbc762
5dc685ed4935640fc69a56126575082ea8379cf3e588d9f1d7c1c6a1aff762ae
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60ad8599d9e6c046512ed3f3cee4ac766f58fdf786dbd8bafe0bea83b47b4f0c
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6262a39f9b6883f5fbdca38b3f1123a3f675f4feaeed1bf6714f3550d267d418
6384deb08fc0c80e93d6fac9278d48ab0fa10f4f42f8bab1c7186501a9cdce07
63d9c330b78082b29f6fac90215e6a5166351b555b2f1b4c9e95cdc3ece603e6
64634b2945088730da96a212276e30f3ff50aa165d7d473431fedc8d17c6fbcb
6654ba54b8c9ef959768420dcb208c9a4ffa1acf396378701e24dd6fe3320f62
67c294aa3ad690c92b1fd16b65b0830071393fef20eacce9c7664f656ced145c
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b863f7dbb61c2061033870ba4e51f44fd2f991eedd36d14641d79dd516dc045
6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71342f830860e0d89cd0a33406047546eb7be804e98f226138a67d9ee8c35ca1
76d9c2fdee8376eceb9629df80d6b303e7dd3104c0bbadd88758a2d54ed44f32
76ffba0a5751814890d71696659fd7b588342b9151f3b4fac00c762528fecbc9
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7ba9c6dc5b426fbb7a97e939e80522f3a5d4a5d1559b16a773f493772201cc0d
7cd2df345488171f36ff248868b19d2759d24b295f25c0968d3f5ce7370f01bb
7d95977385bc631a30cea376353c9ff5d8320ec0130acee795814c279834f205
7dab56df9b930fa4ee3a3644d056559cb2c4df808bf04b7935fdd6f100f6af96
7f190feb667e88cf5a8b77896ae56bcdc8a5211bbf4f9032985c2870e214808e
7f3582eb2102f7bd956fc3ca67929e11bb7fed2cf0f846fc169f1ce6915d6282
7ff9d4ae2b3407b031e3359007ff4d7ac9e0b342f25ce44c77d3cb7f14f65043
801215c1f70f00898d9372b8a4e501a37f22267b228c4857500bb5c4d9739e19
810ce3044d21adc8e80171cef6304a257d06b25da7dcd5c10ebc4bdc614db2c4
81176ccfbc5bb87bf915fdaf544bc8df01badcbf8602dc337e894d736590d86e
81ac6fad406a9ffa5169e72cde52126727f1184be89ea8eadaf9e262a18d00aa
82a67dae51abad2836db7ff977cc143dec0e7ff3c263ba76188195677862a5f2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
8824b86947bb050942704f6b30505a057943e5abf342bb9bd6ce915a76c535f5
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bcdb5a067d3b6ea4524d4b5e36d4157afce419a9428dfb776681aaecc470009
8c09e21a595b5e5b5dd20cc7ae30a9f553ca2b7888a73cd615846f1aa9dfab88
8cbb3c74cb9e068b68a22a3cf83ae9f20ab6f85b5ef2bd5e5da687eba5dced10
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8f7f852f01407c2cc19053b3e800fd7dc2aadafbf5a868272059a8f7469495b7
91e75f7df7d4fa2cb335f9a060bbceba73d9f5a5eb0e76ab8527643dd599eda7
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
92d6b966c3b2fb58c469e35de5c5cdf8cdaa30ea9bb7a3e15e1b86765f892452
93286109f5ce9478f8a8bf24276b2c3723a242a91670de7f35ab2f466042899e
93ac1b418cf868e42d4f34c599f4b20920a362a1c69b692da6865d0ab8b9a929
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
972da80e295d7259617f8b5729d9929b2c3871551ef7ac27ebf492116b0a9c28
97a75d1f8c4917bd9b213b4b57efbd64a7521d77843dd04208168d1637451f84
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
97cff914ce0c1b1248695a1c2491769b261060365de1d1430c6330fae04b5511
97dc277e40f22dd4f072a0d94b5738e0ae8439fc33cd66b8c931068579283102
97eb01088e5e3368035be5ad62e2ccbd4a25737fa5abfc61877e4404b3dbca91
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9897487ef5452304e9321ab41aa74331f139c9daa8cd9d6dd3c3c1925c6c2189
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99dd300f70b33cff7246c8e19268061eefb84cab54398ed804ff215f8db32c77
9b82d7cd417c7a9b4e95fcc21bb024eeccee534035d5bec1a2a1268e6e4d4bd0
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9f0e57748a6389312cc6af7fd498f6f221db5a42ff8839199f6714b7c3911c57
9ffa2edba5720f8300b1d8ef9c293be13c2aa056ee6330fa0721ac4bddb1e753
a079a9068cc2aff9c60327c8e45587cf4f7d7c8e40911eacd52202189f865ba6
a0eb054db3052b142e6240850ed4855af93c555b44dcf1b0324ca41aac3a4cb1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a34d5fc1a5a6bc2ca7e33402cd64eb44a2e1e986dc3be7c3b5ce65a1b5c128c6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a70191471177476feac482fb93521555db7446a40ae1ead5c10532b8c885b03d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77ac31ca5ed1965ca84753e35e413d54585898e45a228102bd7273db2287eca
ab3f73e1f863baae6f8d45ee57fd9f1738af5e4dd2c5bb0f6e1374a1479a5de4
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a
ad48566840975a57c4da93beb69a033885eecac1ca91a18a684aeef5f9bc2aa3
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae2e12f245ed0c5e1589229f7211e5f2d15827a0ab94d591c2b1b031ef8ee823
afb1d9b25d185c339f2f6142468a52998d7df2889ef3b10d3b2acb70100aa954
b07ed0f0fc0282ba2a0e4e74a8e29d38adff4b2710bee81c69b9c84d8ae1a583
b2bb6df815c99d2b25cf29e1c5ca9f2f1eea3b0bcd26b515c05a0a06286f43ac
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b3dc641127c9001b13330d8bc1afc5da04a6dc3228ac540edb41dd4beae1c1c9
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b518d39acf51fc8c1dc75d758eea2417ece08ee08a21a0acfa350f789da66525
b9a6c5f951aa79ae705a464e1ef4db6b38666aa06cd20ac56c06a9ca397d1219
ba060e050ddbf1949a31f1a83e21113f6b28ce54dc3c2b8ab2f2e054da264078
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9bbecd1cc466f1be644c38e4266ca527725edd458ab694cb7cee828068b165
c208f0465eac3db003fcf21e614d50835963a77cbeac641b03e207e870e7db23
c3a795fc8758c9399923dc3e2c7630632755381439dec897c781aaba48dd69ce
c490ff89b5b38fdc9b2267c1a9b284d8ef118363015f8d17417d248d54457b42
c8b905f4a68c1dbebd870c8641505a0e129da5a41a1e153c02ed2a1b1cc2ae02
c8defcfcc7044d5753f2a1c129d3e0211a96c068df11dcc6fcb7c25d3ca5ffdc
c982198f8a5f32c511e5676a7d4ca191558f0fd9019ae931d6806e8a31c73516
c9fb0e8e99c760b6341cfdbe659ef5364d0e330b13953117ee3d01421c096b3c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cae952b605a3b239f6ab94c67bcd094e8f434646a081eaa64ae8cc60268ab839
cb7886a3b64462a995d17c19a809ca44029a59f94c4794cafc9df64d2e36645c
d1b00ecf1ef0b40fcee55e191ca763afd08b18fa8273489bb3944f9f85dd4053
d31fd29105c9c2c5baee26f422fc018eb4c9f2ee7115ed7fc67d8fd6eb753048
d5ac13b5b603c682d3dc197179de4fd5efd2528f77059e3a5448bd4e6982f239
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d8568784a92910f57f3a94f34e898568da20b0bbdc8ef969acf69db9dfd3170b
d9eb4cd87068a9bd2272cd2ab33dc036438bb93a179caa4ba4f84dd520bbc764
dbba45cb3355a22c9ddd6893732795b6746e460fc1ac52e77b5268ec9d685f5f
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df085e044de42a27804eec784cc3637be253e486dfc827bbdfd471dc2923674f
df4f9c3d7d11a4ba21b585bfdaff006aa925b32c3ec626969a38a5036a5aa03e
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e0d3550b3d55984b039a7e45983a8a6e47cf560b185a77c489bb66e1fe24cae5
e19d9e8b4c764883c7d1b25e23688ac032e2e14a5d84c35c1eb57f99eefcf7eb
e1fb859e5ce4f09aa09a1b2110fe07d121336fa155dcd932941a0f69d82b8a2b
e22bfda3176ee35c7259eaeb7b8786b8bdf24b7731cdd517213ee8e384c0e0e1
e2f252052747c37e3b1793130f3771d61f5e40c7f65ecfab8e3f8176dd43d6c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c56414d6d7edd75f68e972b2c7161626f82d4d3df26d8b76c237a223c090a
e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce
e796af78da7f0f24b1c52bc34705b921ccf2cd1053e1c6acb90d6ea66f4801fd
e7fe6c0d333d2327b1d05c1971e8ad3a4ed2ec27455685741c83f2f57dab5d0a
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
e9f400f8bb4889cc4e7dd24dd9837c862a92ed0369720fb9c2d5915afa615afb
eae25907207f1ac62bd4c4e5f2ceee3d78e9dcd12b2948cdd58414c9a1ae4ee3
edca457f4719ff9dbac3db16924095c1b0a5c9b58d98192d9ffb3159563f5212
ee131ca1e0dce1d4cd711e0795927de6371f89f763f5970d049faf5cae3dc575
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d5d78ebcf28982e081f9a8a246738b15070e37b396931694449371a3ed173a
f35bb4bcaf2396e85660c9e3d973f2096814c4953cabf71cd308611ed932d8af
f6409f41205c674fae4e28a1db03e6d48df3b9f78928b6a62906959850f21655
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908
fdcd60e61a6e9ce53b77eee8ae99c758241a71cd5320799bb8c58948e8da1ebf
feb4fc467795a580abc9ca8be5f38bbec4cb85b1a5cd9c40743052acf912cf47
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

kaltim.tribunnews.com Open in urlscan Pro 13.224.189.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

322 Requests

96 %HTTPS

48 %IPv6

39 Domains

72 Subdomains

67 IPs

10 Countries

4204 kBTransfer

8556 kBSize

35 Cookies

111 Outgoing links

Page URL History

Redirected requests

322 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kaltim.tribunnews.com Open in urlscan Pro
13.224.189.93 Public Scan

Screenshot
Live screenshot

Full Image

322
Requests

96 %
HTTPS

48 %
IPv6

39
Domains

72
Subdomains

67
IPs

10
Countries

4204 kB
Transfer

8556 kB
Size

35
Cookies

322 HTTP transactions
7 data transactions