urlscan.io logo urlscan.io
SecurityTrails logo

banjarmasin.tribunnews.com Open in urlscan Pro
143.204.209.84  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.up.banjarmasinpost.co/
Effective URL: https://banjarmasin.tribunnews.com/
Submission: On April 09 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 87 IPs in 12 countries across 68 domains to perform 405 HTTP transactions. The main IP is 143.204.209.84, located in United States and belongs to AMAZON-02, US. The main domain is banjarmasin.tribunnews.com.
TLS certificate: Issued by Amazon on May 21st 2020. Valid for: a year.
This is the only time banjarmasin.tribunnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 103.27.206.197 55688 (BEON-AS-I...)
2 143.204.209.84 16509 (AMAZON-02)
16 143.204.229.13 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
11 216.58.212.162 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.222.179.94 16509 (AMAZON-02)
2 2a03:2880:f05... 32934 (FACEBOOK)
38 54.230.183.55 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.209.97 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
21 213.19.147.210 3356 (LEVEL3)
6 185.86.137.17 201081 (SMARTADSE...)
2 178.250.0.165 44788 (ASN-CRITE...)
1 52.58.26.10 16509 (AMAZON-02)
4 7 34.98.64.218 15169 (GOOGLE)
4 185.94.180.123 35220 (SPOTX-AMS)
1 104.76.201.56 16625 (AKAMAI-AS)
1 184.31.84.150 20940 (AKAMAI-ASN1)
11 185.64.189.112 62713 (AS-PUBMATIC)
1 13.67.9.5 8075 (MICROSOFT...)
1 54.192.210.10 16509 (AMAZON-02)
1 3 104.111.238.139 16625 (AKAMAI-AS)
1 143.204.209.25 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 163.181.56.210 24429 (TAOBAO Zh...)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.230.183.21 16509 (AMAZON-02)
1 2a03:2880:f15... 32934 (FACEBOOK)
3 13.67.9.0 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
33 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 80.252.91.53 15830 (EQUINIX-C...)
26 2a00:1450:400... 15169 (GOOGLE)
2 4 52.19.211.247 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
20 26 142.250.186.98 15169 (GOOGLE)
9 17 104.75.89.8 16625 (AKAMAI-AS)
9 29 185.33.221.15 29990 (ASN-APPNEX)
1 2 104.111.242.245 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
5 104.111.247.190 16625 (AKAMAI-AS)
8 142.250.185.162 15169 (GOOGLE)
6 52.16.188.154 16509 (AMAZON-02)
3 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
13 3.208.157.160 14618 (AMAZON-AES)
4 3.209.1.118 14618 (AMAZON-AES)
2 2 3.121.70.57 16509 (AMAZON-02)
2 3 34.247.209.159 16509 (AMAZON-02)
2 3 185.64.189.216 62713 (AS-PUBMATIC)
1 8 185.64.189.110 62713 (AS-PUBMATIC)
1 35.171.145.49 14618 (AMAZON-AES)
1 125.212.217.46 7552 (VIETEL-AS...)
1 2a00:1450:400... 15169 (GOOGLE)
4 172.217.18.98 15169 (GOOGLE)
3 104.75.88.200 16625 (AKAMAI-AS)
4 104.75.88.214 16625 (AKAMAI-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 2 213.155.156.165 1299 (TELIANET ...)
1 178.250.2.151 44788 (ASN-CRITE...)
6 6 52.51.154.44 16509 (AMAZON-02)
1 1 185.86.138.142 201081 (SMARTADSE...)
2 2 198.148.27.139 19189 (PULSEPOINT)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 13 185.64.190.80 62713 (AS-PUBMATIC)
1 1 87.98.252.5 16276 (OVH)
1 72.251.241.206 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 199.232.137.44 54113 (FASTLY)
1 169.197.150.7 398989 (DEEPINTENT)
1 2 35.227.248.159 15169 (GOOGLE)
2 2 3.125.99.7 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2 35.201.96.126 15169 (GOOGLE)
1 159.253.128.183 36351 (SOFTLAYER)
2 2 37.157.4.23 198622 (ADFORM)
1 1 185.29.133.52 30419 (MEDIAMATH...)
3 3 52.28.196.155 16509 (AMAZON-02)
2 2 52.17.151.21 16509 (AMAZON-02)
1 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 3.126.56.137 16509 (AMAZON-02)
1 185.64.189.114 62713 (AS-PUBMATIC)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
2 2 151.101.14.49 54113 (FASTLY)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 185.33.220.240 29990 (ASN-APPNEX)
1 1 34.255.212.202 16509 (AMAZON-02)
1 54.205.87.49 14618 (AMAZON-AES)
405 87
1    103.27.206.197 (Indonesia)

ASN55688 (BEON-AS-ID PT. Beon Intermedia, ID)
www.up.banjarmasinpost.co
2    143.204.209.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-84.fra53.r.cloudfront.net
banjarmasin.tribunnews.com
16    143.204.229.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-229-13.cdg3.r.cloudfront.net
cdn-1.tstatic.net
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
11    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
securepubads.g.doubleclick.net
4    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.222.179.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-94.ham50.r.cloudfront.net
cdn-3.tstatic.net
2    2a03:2880:f053:f:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
38    54.230.183.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-55.ham50.r.cloudfront.net
cdn-2.tstatic.net
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    143.204.209.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-97.fra53.r.cloudfront.net
asset.kompas.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
gcdn.2mdn.net
21    213.19.147.210 (United Kingdom)

ASN3356 (LEVEL3, US)
targeting.unrulymedia.com
tag.targeting.unrulymedia.com
tag.1rx.io
6    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
prg8.smartadserver.com
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    52.58.26.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-26-10.eu-central-1.compute.amazonaws.com
tlx.3lift.com
7    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
kompascybermedia-d.openx.net
us-u.openx.net
eu-u.openx.net
4    185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    104.76.201.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-201-56.deploy.static.akamaitechnologies.com
a.teads.tv
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
11    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    13.67.9.5 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hb.jixie.io
1    54.192.210.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-210-10.ham50.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
3    104.111.238.139 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    143.204.209.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-25.fra53.r.cloudfront.net
apis.kompas.com
3    2a00:1450:4001:810::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    163.181.56.210 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
scripts.jixie.io
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    54.230.183.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-21.ham50.r.cloudfront.net
certify.alexametrics.com
1    2a03:2880:f153:82:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    13.67.9.0 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tra.jixie.io
1    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.at
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
27    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
9    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
33    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.at
2    80.252.91.53 (Amsterdam, Netherlands)

ASN15830 (EQUINIX-CONNECT, GB)
bs.serving-sys.com
26    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    52.19.211.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-211-247.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
bf72ea5a466a086148209f1979b033f6.safeframe.googlesyndication.com
26    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
17    104.75.89.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-8.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
29    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2606:4700:3033::ac43:853a (United States)

ASN13335 (CLOUDFLARENET, US)
solution.urekamedia.com
5    104.111.247.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-190.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
8    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads4.g.doubleclick.net
6    52.16.188.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-188-154.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
3    2a02:26f0:10c:48b::2c79 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
13    3.208.157.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
4    3.209.1.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    3.121.70.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
3    34.247.209.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-209-159.eu-west-1.compute.amazonaws.com
match.adsrvr.org
3    185.64.189.216 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
8    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    35.171.145.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
go1.aniview.com
1    125.212.217.46 (Ho Chi Minh City, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)
dmp.urekamedia.com
1    2a00:1450:4001:67::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5ednly.c.2mdn.net
4    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
ade.googlesyndication.com
3    104.75.88.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
acdn.adnxs.com
4    104.75.88.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
ads.pubmatic.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    213.155.156.165 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
6    52.51.154.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
13    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    87.98.252.5 (France)

ASN16276 (OVH, FR)
green.erne.co
1    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
2    3.125.99.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    185.29.133.52 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    52.28.196.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    52.17.151.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.avct.cloud
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    34.255.212.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-212-202.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    54.205.87.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-87-49.compute-1.amazonaws.com
lm.serving-sys.com
Apex Domain
Subdomains		 Transfer
71 googlesyndication.com
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
bf72ea5a466a086148209f1979b033f6.safeframe.googlesyndication.com
ade.googlesyndication.com
316 KB
56 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
393 KB
55 tstatic.net
cdn-1.tstatic.net
cdn-3.tstatic.net
cdn-2.tstatic.net
599 KB
41 pubmatic.com
hbopenbid.pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
78 KB
33 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
80 KB
28 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r3---sn-4g5ednly.c.2mdn.net
1 MB
18 casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
16 KB
17 aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
192 KB
14 adsafeprotected.com
fw.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
186 KB
11 unrulymedia.com
targeting.unrulymedia.com
tag.targeting.unrulymedia.com
5 KB
10 1rx.io
tag.1rx.io
3 KB
9 googletagservices.com
www.googletagservices.com
307 KB
9 google.com
accounts.google.com
ampcid.google.com
www.google.com
adservice.google.com
73 KB
8 serving-sys.com
bs.serving-sys.com
secure-ds.serving-sys.com
lm.serving-sys.com
692 KB
7 openx.net
kompascybermedia-d.openx.net
us-u.openx.net
eu-u.openx.net
2 KB
7 smartadserver.com
prg8.smartadserver.com
rtb-csync.smartadserver.com
5 KB
6 bidr.io
match.prod.bidr.io
3 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
75 KB
5 jixie.io
hb.jixie.io
scripts.jixie.io
tra.jixie.io
8 KB
4 spotxchange.com
search.spotxchange.com
5 KB
4 criteo.com
bidder.criteo.com
gum.criteo.com
dis.criteo.com
788 B
3 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
2 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 teads.tv
a.teads.tv
sync.teads.tv
663 B
3 3lift.com
tlx.3lift.com
eb2.3lift.com
1 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com
68 KB
2 everesttech.net
sync-tm.everesttech.net
742 B
2 avct.cloud
ads.avct.cloud
894 B
2 adform.net
c1.adform.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
904 B
2 semasio.net
uipglob.semasio.net
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 tapad.com
pixel.tapad.com
616 B
2 taboola.com
trc.taboola.com
match.taboola.com
558 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 contextweb.com
bh.contextweb.com
906 B
2 de17a.com
d5p.de17a.com
637 B
2 urekamedia.com
solution.urekamedia.com
dmp.urekamedia.com
26 KB
2 criteo.net
static.criteo.net
51 KB
2 google.at
adservice.google.at
2 KB
2 google.de
ampcid.google.de
www.google.de
978 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 kompas.com
asset.kompas.com
apis.kompas.com
5 KB
2 facebook.net
connect.facebook.net
62 KB
2 tribunnews.com
banjarmasin.tribunnews.com
33 KB
1 gumgum.com
rtb.gumgum.com
335 B
1 playground.xyz
ads.playground.xyz
488 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 turn.com
ad.turn.com
518 B
1 quantserve.com
pixel.quantserve.com
542 B
1 mathtag.com
sync.mathtag.com
679 B
1 simpli.fi
um.simpli.fi
611 B
1 zeotap.com
mwzeom.zeotap.com
596 B
1 deepintent.com
match.deepintent.com
44 B
1 ad4m.at
ad4m.at
1 KB
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
327 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 googleapis.com
fonts.googleapis.com
825 B
1 facebook.com
www.facebook.com
409 B
1 alexametrics.com
certify.alexametrics.com
552 B
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
2 KB
1 googletagmanager.com
www.googletagmanager.com
43 KB
1 banjarmasinpost.co
www.up.banjarmasinpost.co
294 B
405 68
Domain Requested by
38 cdn-2.tstatic.net banjarmasin.tribunnews.com
33 pagead2.googlesyndication.com securepubads.g.doubleclick.net
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
29 ib.adnxs.com 9 redirects googleads.g.doubleclick.net
player.aniview.com
acdn.adnxs.com
27 tpc.googlesyndication.com securepubads.g.doubleclick.net
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
26 cm.g.doubleclick.net 20 redirects googleads.g.doubleclick.net
26 s0.2mdn.net banjarmasin.tribunnews.com
s0.2mdn.net
secure-ds.serving-sys.com
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
17 dsum-sec.casalemedia.com 9 redirects googleads.g.doubleclick.net
16 cdn-1.tstatic.net banjarmasin.tribunnews.com
cdn-1.tstatic.net
13 simage2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
13 track1.aniview.com player.aniview.com
11 hbopenbid.pubmatic.com cdn-3.tstatic.net
player.aniview.com
11 securepubads.g.doubleclick.net banjarmasin.tribunnews.com
securepubads.g.doubleclick.net
www.googletagservices.com
10 tag.1rx.io player.aniview.com
10 tag.targeting.unrulymedia.com player.aniview.com
10 googleads.g.doubleclick.net 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
banjarmasin.tribunnews.com
9 www.googletagservices.com securepubads.g.doubleclick.net
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
8 image2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
8 googleads4.g.doubleclick.net banjarmasin.tribunnews.com
6 match.prod.bidr.io 6 redirects
6 static.adsafeprotected.com fw.adsafeprotected.com
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
6 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 prg8.smartadserver.com cdn-3.tstatic.net
5 secure-ds.serving-sys.com bs.serving-sys.com
secure-ds.serving-sys.com
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
4 ads.pubmatic.com player.aniview.com
ads.pubmatic.com
4 ade.googlesyndication.com
4 dt.adsafeprotected.com 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
4 us-u.openx.net 2 redirects googleads.g.doubleclick.net
4 fw.adsafeprotected.com 2 redirects banjarmasin.tribunnews.com
4 search.spotxchange.com cdn-3.tstatic.net
4 fonts.gstatic.com banjarmasin.tribunnews.com
fonts.googleapis.com
3 x.bidswitch.net 3 redirects
3 acdn.adnxs.com player.aniview.com
3 image8.pubmatic.com 2 redirects
3 match.adsrvr.org 2 redirects
3 player.aniview.com solution.urekamedia.com
player.aniview.com
3 www.google.com 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
3 tra.jixie.io scripts.jixie.io
3 accounts.google.com cdn-1.tstatic.net
3 sb.scorecardresearch.com 1 redirects banjarmasin.tribunnews.com
3 maxcdn.bootstrapcdn.com banjarmasin.tribunnews.com
maxcdn.bootstrapcdn.com
2 sync-tm.everesttech.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 ads.avct.cloud 2 redirects
2 c1.adform.net 2 redirects
2 visitor.fiftyt.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 pixel.tapad.com 1 redirects image6.pubmatic.com
2 bh.contextweb.com 2 redirects
2 d5p.de17a.com 2 redirects
2 eb2.3lift.com 2 redirects
2 eu-u.openx.net 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 bs.serving-sys.com 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
secure-ds.serving-sys.com
2 static.criteo.net cdn-3.tstatic.net
static.criteo.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.at securepubads.g.doubleclick.net
2 bidder.criteo.com cdn-3.tstatic.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.gstatic.com banjarmasin.tribunnews.com
2 connect.facebook.net banjarmasin.tribunnews.com
connect.facebook.net
2 banjarmasin.tribunnews.com cdn-1.tstatic.net
1 lm.serving-sys.com secure-ds.serving-sys.com
1 rtb.gumgum.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 match.deepintent.com image6.pubmatic.com
1 match.taboola.com image6.pubmatic.com
1 trc.taboola.com 1 redirects
1 ad4m.at image6.pubmatic.com
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 green.erne.co 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 dis.criteo.com image6.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 r3---sn-4g5ednly.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 dmp.urekamedia.com banjarmasin.tribunnews.com
1 go1.aniview.com player.aniview.com
1 solution.urekamedia.com banjarmasin.tribunnews.com
1 bf72ea5a466a086148209f1979b033f6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 gum.criteo.com static.criteo.net
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com banjarmasin.tribunnews.com
1 certify.alexametrics.com banjarmasin.tribunnews.com
1 ampcid.google.de www.google-analytics.com
1 scripts.jixie.io www.googletagmanager.com
1 ampcid.google.com www.google-analytics.com
1 apis.kompas.com cdn-1.tstatic.net
1 d31qbv1cthcecs.cloudfront.net banjarmasin.tribunnews.com
1 hb.jixie.io cdn-3.tstatic.net
1 htlb.casalemedia.com cdn-3.tstatic.net
1 a.teads.tv cdn-3.tstatic.net
1 kompascybermedia-d.openx.net cdn-3.tstatic.net
1 tlx.3lift.com cdn-3.tstatic.net
1 targeting.unrulymedia.com cdn-3.tstatic.net
1 www.googletagmanager.com banjarmasin.tribunnews.com
1 asset.kompas.com banjarmasin.tribunnews.com
1 cdn-3.tstatic.net banjarmasin.tribunnews.com
1 www.up.banjarmasinpost.co 1 redirects
405 115
Subject Issuer Validity Valid
*.tribunnews.com
Amazon		 2020-05-21 -
2021-06-21		 a year crt.sh
*.tstatic.net
Amazon		 2020-08-05 -
2021-09-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.kompas.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-31 -
2021-06-30		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-16 -
2021-11-16		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
hb.jixie.io
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-05 -
2021-09-04		 6 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
accounts.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
scripts.jixie.io
Encryption Everywhere DV TLS CA - G1		 2020-08-11 -
2021-08-12		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
certify.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
tra.jixie.io
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-05 -
2021-09-04		 6 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.at
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
bs.serving-sys.com
Go Daddy Secure Certificate Authority - G2		 2020-01-07 -
2022-03-08		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2020-09-09 -
2021-10-09		 a year crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
secure-ds.serving-sys.com
DigiCert SHA2 Secure Server CA		 2021-03-17 -
2022-03-22		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2020-05-20 -
2021-06-20		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
dmp.urekamedia.com
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-03-30 -
2021-06-08		 2 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
visitor.fiftyt.com
GTS CA 1D2		 2021-04-06 -
2021-07-05		 3 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
lm.serving-sys.com
Amazon		 2020-12-29 -
2022-01-27		 a year crt.sh

This page contains 49 frames:

Primary Page: https://banjarmasin.tribunnews.com/
Frame ID: 25C662E13C1BF52674AABBAF4A483D7A
Requests: 179 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=banjarmasin.tribunnews.com
Frame ID: B3A9AB756976C6AFB59B1C2726F70D37
Requests: 1 HTTP requests in this frame

Frame: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 46BE097EC5BC7AB92408D94C506ECDC3
Requests: 16 HTTP requests in this frame

Frame: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A15050DB80149E2361DBB2EC88D1A9DD
Requests: 14 HTTP requests in this frame

Frame: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C6676E388A7C6ACF0D5479F7DB2DFFE3
Requests: 16 HTTP requests in this frame

Frame: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ECC90E2D78C9760508499A17476882E9
Requests: 20 HTTP requests in this frame

Frame: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2248E12011F4EDF6B29D6FE9E8A321FD
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuevmrKBeBDWG71q5onhxM5nhjA7QKNEQaKjW7Hseva9Kl1tQlqZ5bJfYQ_lpgmSoT7nkxD0c7Qj17b8gMn4g8SJtlhZsYpsQ_hFOr-QJ7Ur8z66L08BNYeyI2UCDWCnT7AiiqyA6_s2PHLeopSTLef8YE9ZJUiw3Z7gTc7-OZxJ5nBg8_JeRKcy8V3j3h_FIZFTuOeHYSrBdE9FsyxdJu9GV9pr6hmDuPhzwVLjnrkPyLuglCXgBsZa-JjzNTCODkf0M2J37RCoLOFdmgrDNUUvOIrgUogWjx_A5rpVhZjSMwk1wyaQnlkIOWAtWTa11OREHbFMuw&sai=AMfl-YSNNAapCxZYD6S43WpaNBXcDqeqQEzGsOf6HdbnGHU0llPU0_4bnM9OdhwGmBGTB0vNHLlkutKs1Y2ZoM_VVepXykZmtv4KMhoDOvoDJjC70iXcq3Bsc4EOqDESzok&sig=Cg0ArKJSzEYhIDsw4YixEAE&urlfix=1&adurl=
Frame ID: 7291825045FF8AEE12AFE7DBF849EDED
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 764A7114E28A49B66A993A88D3A454A6
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQif_jARi4oKpsMAE&v=APEucNXflUP6L4X7ZUiSe448542vygF50LrCe1TU2IEt0P1vuPc0Y7I9FtIjMrS1lZlpOdQq4tqLZ2LSApp29y87tb4HycFL3RGKxfdXIGNBjNth11_poIOX6nLudX18Kl3bmZdd9rVme7T7v-7S-VCQTK3Mbu5ZMFpjPiZarsVX6JOM3PLR06IN4c1bCUOYXGSoi8w7Fr-cFwWwERwuZ2eqkJpFHc5Guw
Frame ID: 1B056C419E7382E23C4C1277ACDE8E08
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjZIRDakScYl5baogEwAQ&v=APEucNXkg4b216Uc6b65tMmTHiU0Is-JVcU4XCl6ASzbuOlspFTIkUqNgIWMSpSpYf079ylNUJtmzxPjqNhxaXBwEKwUqLSkXtJFHqyEvm3E9odN8MRXvmVBeLIZMdk-qkK96UfbFWcQ_NbxAxBkN4x-6HfAJlCv5D5_B5ZUdk88qnHn_7Nnn7NUXd2ot3eban2z_xr_2eoVc7nfjG01iNwQHcn2U625rA
Frame ID: E61A8FE210653DC354FF5340664BD192
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQif_jARjht-CjATAB&v=APEucNWxOPV7LnVob-qOkygECkSvISxNb4vwnmgFXDFnhBlLxCOhZtLaJJlZmcb5bxFsBnhPLZ_tbrqroL1lKNBQykAV7xknaCUFqZOqQ7S2jb7wxW0s52yDh8yhNyUnvOsB_uUkHlrKMeWZ9sHF4gmxQhCwIjALU2-16iB8ZbtKKAU7o8CqeHU3ecgEB70yc8nQCtGBpcOs9oQMQRM6eOiCbQztoOBChA
Frame ID: 49F7CF3C3A7F5C5ABA80BB8AD4A29805
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNXfbRDCtCNDneV-MGOe9aES_Rmg_WAyb3V6dmQJp-nBuxa8_DOZLZ64lghvkZ6fQKhYpQVls88d5LCqrU2vbhY5Ja8abjsXR3rstaJm3l6LYD-UIpMDoR1UkkaQAVfxvhRG2KiY4S9Nzjjk2UQZIwcLxO1EFei7H8xKxbpluaLeEKfWmLuSzvjqF3qNqd1aNL9PClmgQENQW_YdYFQsOOjPzZffwg
Frame ID: CE66BBB739D1E8F6F075BC8C5C04D378
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNUbwhjI18W5qLlShLU47rp8vfDy_UYrk-fnlD7IL9oZVuGTxiOj8lkqvPhVUYWqWnageud6_SQjtcbKpHbGyOaakmupFgLEPsg-J5w1zmzsw_ybdm1URaTApMCOebU1jZb3YhngqTmoW68F9bklBQz5ZV7y7ryubYvc821zNSiJXQnpbnz9UyKrqiVlJSiBn6-JWHX_xZ8dT1_ZpbuKRx4tSVlDqA
Frame ID: C0A50E750B7B53F144E2527F93E0ED00
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: B60AA43B2F0A98B30465800A24B1D0EF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A5323AA3E111EB1BC927542AF4E88F83
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYOvxLScX9dnxqoHgTQPbmAa4j_laNQbHHiaxi3Uiazxsu_qm-mOJ1GxiSkOyOwAgyJeLcr7i5xjoaOuRlxhPL20uOFsLhgHqdOoDibPNyvEyEnMv0-fgi1CIW9kONS8sIaSFl7qxqfNv2m7p7iQqltz2fT5xmLH2HOIlZ6BoMkLjKakurxOdSSemmX2ABf9tmnsKQhvTchekcCEaLjdklF5dPdZ3FDKHj3uDCFMy20I_svmQ0VBvO-NncVjh0pCIPKzkg0fYbxUq3gatz_uXaQJJfCvyfpfrZ5xd9-mefaiqJaQlOrjQw-eWXjikpLe1pY_vNflB_y3Aa694VobdeKbk8r-GcTSXs3y2rtEM&sig=Cg0ArKJSzEsFmkBpWMPpEAE&urlfix=1&adurl=
Frame ID: 94DF696E4F08DCD85A04B30187E46068
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9109151/1617869297867/index.html
Frame ID: F59E87F6FDFA846E46128328DEAB500F
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4864958390687760384/index.html?e=69&leftOffset=0&topOffset=0&c=mSYUOASF4K&t=1&renderingType=2
Frame ID: 632358D4E4C79E9E1A006718597C494D
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
Frame ID: 3FF803F5172FBB761777AE8CEC8AC314
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
Frame ID: 0E59E724D71F80EFEABDC692A78D949B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A37F8E7FF386D73A45EA63C52B4B774D
Requests: 3 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/index.html?v=_2_127_1_0&n=1&isPreview=false&clickTag=https%3A%2F%2Fsecure-ds.serving-sys.com%2FBurstingCachedScripts%2FReportPage_2_12_3_0.html%3FebReportURL%3Dhttps%253A%2F%2Fbs.serving-sys.com%2FServing%2FadServer.bs%253Fcn%253Dbrd%2526PluID%253D0%2526Pos%253D23916470521773436%2526EyeblasterID%253D1083129936%2526sessionid%253D715657777233199579%2526usercookie%253Du2%25253D2971ef0e-5645-41b4-934a-0c65cb2deff0%2526OptOut%253D0%2526di%253D0%2526dg%253D1075977878%2526dgo%253D1075977878%2526gdprpurposes%253D1023%2526ncu%253Dhttps%25253A%25252F%25252Fgoogleads.g.doubleclick.net%25252Fdbm%25252Fclk%25253Fsa%25253DL%252526ai%25253DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%252526ae%25253D1%252526num%25253D1%252526cid%25253DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%252526sig%25253DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%252526client%25253Dca-pub-7784034061253020%252526dbm_c%25253DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%252526cry%25253D1%252526dbm_d%25253DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%252526adurl%25253D%2526ebReferrer%253Dhttps%25253A%25252F%25252F5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com%25252Fsafeframe%25252F1-0-38%25252Fhtml%25252Fcontainer.html%24%24ebImpressionID%3D23916470521773436%24%24ebTURLs%3D%5B%2522https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%26sig%3DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%26cry%3D1%26dbm_d%3DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%26adurl%3D%2522%5D%24%24ctick%3D1617996155266
Frame ID: 68CAE794ACB9072A71B56BA18E130C69
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CB56096D4425BCF4B7F3CF5FFBBDCB63
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9FBBE75DF9264985AC237EA23F715D48
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: AD0AAFAFB22690B27A0C93A912CD953A
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 4D899A04476E39679AFCA484EF9306A9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6BE766BB31D4E7D55B2DE88A17FD56F8
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 81E64BD5370B1E681EE8282C3979EBB3
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Frame ID: 032BEAA1F16DE9D35366C85922A0CAD5
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 086BCDADFC3E9FF901BDFEA0C97204CD
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 25C8CB58EC188094540849E3DC517A91
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 572D7D684F2FFE38B1E6F1DBCD13C8E6
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DECCD6144B4DAC16BDA4C4971ABFAF56
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0DDE4007B49E43BCA45A0AEFA727ED81
Requests: 23 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1FC0CDA7B914DC65AB3632569A156F26
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5247651444649942097
Frame ID: 3F71D59966C934EA6960682B0EB7732E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6C046A5D1211AEA7BD8CF5F0D020E724
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AALdPU7A4VMAACnBlFNCLw
Frame ID: FD2CA0AD339BC38E2332EF1F762A64B5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6949240587961038989
Frame ID: 83F1F7D7D93A4A0D8FC301C38DCB8821
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Yz56IlxbGyevirCV9xgRWnUK
Frame ID: BAD8E73389909C3DA91CC802B404B22F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F5FFE2C612DA2F835BE623D7D090DAED
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EA176379F6E563C27F6C246DFE9C7699
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=YowWpOikrhub&pid=557219
Frame ID: D89ACC639CD267C30F35A0B97EAD9E18
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 28C22ED81D8133A3499FDB8063F8C2CE
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2174ea01-761e-49ce-aa0c-bd606025ed22-tuct76a2efe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: D2C824D62B1EDDF837B64FFAF7FAA16F
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: AD978DED9362AE9B69C1DFD9CCF284B0
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: D29991BF2EFBFAA96CFF7FFA11EA60EF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:poQUnc6t1LuWIe5&gdpr=0&gdpr_consent=
Frame ID: 44E0498B8B1CE3D0734305959661393C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.up.banjarmasinpost.co/ HTTP 302
    https://banjarmasin.tribunnews.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Page Statistics

405
Requests

100 %
HTTPS

32 %
IPv6

68
Domains

115
Subdomains

87
IPs

12
Countries

4424 kB
Transfer

9247 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.up.banjarmasinpost.co/ HTTP 302
    https://banjarmasin.tribunnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://sb.scorecardresearch.com/b?c1=2&c2=8077308&ns__t=1617996152436&ns_c=UTF-8&cv=3.5&c8=Banjarmasin%20Post%20-%20Berita%20Terkini%20Banjarmasin&c7=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1617996152436&ns_c=UTF-8&cv=3.5&c8=Banjarmasin%20Post%20-%20Berita%20Terkini%20Banjarmasin&c7=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&c9=&cs_ak_ss=1
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
Request Chain 189
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHCpeuvK1Rg-.pMBeR2.IQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
Request Chain 191
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
Request Chain 193
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHCpeuvK1Rg-.pMBeR2.IQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
Request Chain 195
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
Request Chain 197
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHCpeuvK1Rg-.pMBeR2.IQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
Request Chain 199
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
Request Chain 201
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHCpeuvK1Rg-.pMBeR2.IQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2&C=1
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
Request Chain 203
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM5xC1E2BYmQQtDiVIdryG8&google_cver=1
Request Chain 205
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjZiMTY1ZGUtYmYxNi0yMmNlLWQ0YzgtOTFhYjMwYWQ2YmVh
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEMG-fXkfWNR77r1Y-O7T-EQ&google_cver=1
Request Chain 207
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDc3NDczNjQtYmQ2OS00ZmIxLWJkMzktNDMxNzIyNjcxZDQ5
Request Chain 245
  • https://fw.adsafeprotected.com/rfw/st/654467/53133099/skeleton.js?adsafe_url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:611302d7-fc3b-529d-1429-e3f42783aa2e,c:9jZiBA,sl:na,em:true,fr:false,mn:app17ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:su78YuV+11%7C121%7C122%7C123%7C131%7C132%7C133%7C141%7C142%7C143%7C151%7C152%7C153%7C16*.654467-53133099%7C161%7C162%7C17%7C181%7C182%7C183%7C19%7C1a%7C1b,idMap:16*,pl:,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:558,oid:efcbeec9-9968-11eb-81f6-0289e6fd96ae,v:19.8.188,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 249
  • https://fw.adsafeprotected.com/rfw/st/654467/53133099/skeleton.js?adsafe_url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:b6dda771-99de-2056-2a9f-9cdc5535b973,c:9jZiE5,sl:na,em:true,fr:false,mn:app27ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:su78YtX+11%7C121%7C122%7C123%7C131%7C132%7C133%7C141%7C142%7C143%7C15*.654467-53133099%7C151%7C152%7C153%7C161%7C162%7C163%7C164%7C17%7C181%7C182%7C183%7C19%7C1a%7C1b,idMap:15*,pl:,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:773,oid:efcbeef3-9968-11eb-8aae-02617d9e854e,v:19.8.188,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 265
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAirm0D9r36sTD0Cpa0l1MA&google_cver=1
Request Chain 266
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 267
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTU2MDg0ODAtODM2MS00RjY1LUEwMjMtNTI3MTY1MjI5OTlB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 296
  • https://gcdn.2mdn.net/videoplayback/id/67f0aacb9b09b7b7/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3729165979/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/56E8296D3A2A8955B209DBA8E832A22D3A3D032B.869CE7DA507C776353A31B3C854937A72725FDD9/key/ck2/file/file.webm HTTP 302
  • https://r3---sn-4g5ednly.c.2mdn.net/videoplayback/id/67f0aacb9b09b7b7/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3729165979/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4BBC0C72D9CBA0A06188D75961F91EAB13F1E614.0E743DCFD6C6016CD1D7226940391E8DB90F9BBC/key/cms1/cms_redirect/yes/mh/4H/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednly/ms/onc/mt/1617995815/mv/m/mvi/3/pl/49/file/file.webm
Request Chain 344
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5247651444649942097
Request Chain 346
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKb2tVN0E0Vk1BQUNsN2xGTkNMdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJokU7A4VMAACl7lFNCLw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=193153582939671169 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJokU7A4VMAACl7lFNCLw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D193153582939671169%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=193153582939671169&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJokU7A4VMAACl7lFNCLw&pid=558502&do=add HTTP 303
  • https://match.prod.bidr.io/cookie-sync?userid=193153582939671169&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJokU7A4VMAACl7lFNCLw&pid=558502&do=add&_bee_ppp=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AALdPU7A4VMAACnBlFNCLw
Request Chain 347
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6949240587961038989
Request Chain 348
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Yz56IlxbGyevirCV9xgRWnUK
Request Chain 350
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 351
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=YowWpOikrhub&pid=557219
Request Chain 353
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2174ea01-761e-49ce-aa0c-bd606025ed22-tuct76a2efe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 355
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 356
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:poQUnc6t1LuWIe5&gdpr=0&gdpr_consent=
Request Chain 357
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lWCEgINhT2WgI1JxZSKZmg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 359
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=95608480-8361-4F65-A023-52716522999A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=95608480-8361-4F65-A023-52716522999A&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 360
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=95608480-8361-4F65-A023-52716522999A&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=95608480-8361-4F65-A023-52716522999A&gdpr=&fbounce=1
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDJINLkAxy7W3RRmudUOUHI&google_cver=1
Request Chain 363
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=64120c6b-b7b7-4595-b57a-ec00d6b4ee98
Request Chain 364
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1998991230123221109
Request Chain 365
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:907e6070-a97e-4000-a3c1-434cf00c561b&gdpr=0&gdpr_consent=
Request Chain 366
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3001115148448799227&gdpr=0&gdpr_consent=
Request Chain 367
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=46756001-3a2c-42f9-be4e-043099aaf5c9&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2c7fd386-8e3d-44ed-9317-2a9f3171c5d1&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 369
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=95608480-8361-4F65-A023-52716522999A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=95608480-8361-4F65-A023-52716522999A&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IV3G.LJE2uVPxzRTZvExeX_FCTP_bs0-~A&gdpr=0&gdpr_consent=
Request Chain 370
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE
Request Chain 371
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2899558292828265947&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 372
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YHCpfwAAB6sqpAAJ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHCpfwAAB6sqpAAJ&gdpr=0&gdpr_consent=&_test=YHCpfwAAB6sqpAAJ
Request Chain 373
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 374
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:41f47f78-8812-49e0-b832-37ad26bd022a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 376
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3001115148448799227
Request Chain 377
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_5656c8a6-9ca3-442e-b001-afead8e9a9ef

405 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
banjarmasin.tribunnews.com/
Redirect Chain
  • https://www.up.banjarmasinpost.co/
  • https://banjarmasin.tribunnews.com/
188 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-84.fra53.r.cloudfront.net
Software
Apache /
Resource Hash
821b62f0d594edbd005b17fcf859683c7740f037af74b33b715c9b18bb726811
Security Headers
Name Value
Content-Security-Policy script-src: 'self' *.tstatic.net *.kompas.com; frame-ancestors 'self' *.tstatic.net fonts.google.com adservice.google.co.id adservice.google.com *.gstatic.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google-analytics.com datastudio.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io *.alexametrics.com *.openx.net *.jixie.io *.facebook.net
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
banjarmasin.tribunnews.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
content-length
31024
cache-control
no-transform
content-encoding
gzip
content-security-policy
script-src: 'self' *.tstatic.net *.kompas.com; frame-ancestors 'self' *.tstatic.net fonts.google.com adservice.google.co.id adservice.google.com *.gstatic.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google-analytics.com datastudio.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io *.alexametrics.com *.openx.net *.jixie.io *.facebook.net
date
Fri, 09 Apr 2021 19:20:33 GMT
permissions-policy
geolocation=();notifications=();push=();sync-xhr=();fullscreen=(self);
referrer-policy
no-referrer-when-downgrade, strict-origin-when-cross-origin
server
Apache
set-cookie
csrf_cookie_name=83625e05b14c2a9c5a35dd2da2e1dac3; expires=Fri, 09-Apr-2021 21:20:33 GMT; path=/; domain=.tribunnews.com 3bun_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22d6f63f2fe862fc284b22a0fdea43511f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A11%3A%22172.31.3.92%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A17%3A%22Amazon+CloudFront%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1617996033%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Da7dc76c239cfa5f1e3cae5717239b6f9; expires=Sat, 10-Apr-2021 05:20:33 GMT; path=/; domain=.tribunnews.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-we-need-to-talk
Thank You
x-xss-protection
1; mode=block
vary
Accept-Encoding,User-Agent
x-cache
Hit from cloudfront
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
F16X7ph5MVwmUKF0g2D5WsHEF7LMVeXxxhKPs-LG9GRa-NJfuzUfsA==
age
118

Redirect headers

x-powered-by
PHP/7.2.34
location
https://banjarmasin.tribunnews.com/
content-type
text/html; charset=UTF-8
content-length
0
date
Fri, 09 Apr 2021 19:22:31 GMT
server
LiteSpeed
cache-control
no-cache, no-store, must-revalidate, max-age=0
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
style.1.8-20210127_daerah.css
cdn-1.tstatic.net/css/theme15/ 		51 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/css/theme15/style.1.8-20210127_daerah.css
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91e1697d6dfcbe150fe1d37c193813122691bf706b8c90e57f21408025173190

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 00:54:36 GMT
content-encoding
gzip
age
498476
x-amz-meta-sha256
91e1697d6dfcbe150fe1d37c193813122691bf706b8c90e57f21408025173190
x-cache
Hit from cloudfront
last-modified
Wed, 27 Jan 2021 04:06:12 GMT
server
AmazonS3
etag
W/"3f09b63108bb13484a70c5559f3a0e58"
vary
Accept-Encoding
x-amz-version-id
o2HcR.Ersx_yxTAW8O5WDE.O9CMrzN8X
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
CDG3-C1
content-type
text/css
x-amz-cf-id
FDsuxdStmz4z8ih5RAXr_XZSbN89jVWpyH_dYQKvuVkYiJ945VBJmg==
x-amz-meta-s3b-last-modified
20210127T040528Z
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 718
age
2591700
cdn-cachedat
2021-03-10 20:26:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0959af120b0000176e1d2aa000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ee86ac04c9cc5e4b6aa4d3998616f598
cf-ray
63d61ac9adb2176e-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery-1.8.3.min.js
cdn-1.tstatic.net/js/jquery/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/jquery/jquery-1.8.3.min.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:07:52 GMT
content-encoding
gzip
last-modified
Wed, 25 Mar 2015 04:27:56 GMT
server
AmazonS3
age
2574880
etag
W/"e1288116312e4728f98923c79b034b67"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
CDG3-C1
content-type
application/javascript
x-amz-cf-id
G6tuK3mPjIjSQdJtv2D8jwxhptA2MF0CUo6OxjJhdVtVsxBuHrRB7A==
expires
Tue, 24 Mar 2015 16:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
cb2ad22433044455b68fe8b93ae34ffda313c3c9bcee57e56b3ca714e73f8be9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"838 / 850 of 1000 / last-modified: 1617995087"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20315
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:31 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://banjarmasin.tribunnews.com
Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
age
33534
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8892
x-xss-protection
0
expires
Sat, 09 Apr 2022 10:03:37 GMT
jquery.fancybox_2.min.css
cdn-1.tstatic.net/js/fancybox2.1.3/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/fancybox2.1.3/jquery.fancybox_2.min.css
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:18:23 GMT
content-encoding
gzip
age
1688649
x-amz-meta-sha256
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a
x-cache
Hit from cloudfront
last-modified
Wed, 10 Jun 2020 05:52:59 GMT
server
AmazonS3
etag
W/"9dba4b0617628815180b9c368b6bf56e"
vary
Accept-Encoding
x-amz-version-id
null
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
CDG3-C1
content-type
text/css
x-amz-cf-id
H2MxfsFG1L2OEL6GeLzyvuDIu48W3JArwKqKGmZxa6N51w6L9Ao4MQ==
x-amz-meta-s3b-last-modified
20200610T055203Z
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
2591699
cdn-cachedat
2021-03-10 20:26:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0959af120c0000176e19b5b000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
dbc1afb9a84d639148de495f557e96e6
cf-ray
63d61ac9adb5176e-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
liftdown-style.css
cdn-1.tstatic.net/css/liftdown_pickword/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/css/liftdown_pickword/liftdown-style.css
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c26dfa3c9005232a7a79003f0577df7d2efe5786bd50b98916b38a33f69acf88

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"5c479740df6c5de1ef7797cee2b133bc"
age
64909
x-amz-meta-sha256
c26dfa3c9005232a7a79003f0577df7d2efe5786bd50b98916b38a33f69acf88
x-cache
Hit from cloudfront
last-modified
Thu, 12 Mar 2020 06:19:49 GMT
server
AmazonS3
date
Fri, 09 Apr 2021 01:20:43 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
CDG3-C1
x-amz-cf-id
H2t3otzR9pY35j1Q0_cDiJ1k16rfr8GlyGq9ZVze7Svs9Hpsqvl_og==
x-amz-meta-s3b-last-modified
20200312T061031Z
pickwords-style.css
cdn-1.tstatic.net/css/liftdown_pickword/ 		1 KB
931 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/css/liftdown_pickword/pickwords-style.css
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d7e2d8c46ba5754884aa066b5e96e2eb5df0dbd8598b4e249f6050fdfa909d9

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 17:16:01 GMT
content-encoding
gzip
age
1994791
x-amz-meta-sha256
7d7e2d8c46ba5754884aa066b5e96e2eb5df0dbd8598b4e249f6050fdfa909d9
x-cache
Hit from cloudfront
last-modified
Thu, 12 Mar 2020 06:20:13 GMT
server
AmazonS3
etag
W/"45e934751f74fca9c354de7ad1daeda7"
vary
Accept-Encoding
x-amz-version-id
null
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
CDG3-C1
content-type
text/css
x-amz-cf-id
6iOa53Au7vKMYiA6lRoWvm02yrLScx6POwIG1X56Cpjt_qq1rckBkA==
x-amz-meta-s3b-last-modified
20200312T061103Z
tribun.1.8-20190807.js
cdn-1.tstatic.net/js/tribun/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/tribun/tribun.1.8-20190807.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92d6b966c3b2fb58c469e35de5c5cdf8cdaa30ea9bb7a3e15e1b86765f892452

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"be91403c70880ee1b6e1f2ee7540a674"
last-modified
Mon, 08 Jul 2019 09:23:15 GMT
server
AmazonS3
age
236001
x-amz-meta-cb-modifiedtime
Mon, 08 Jul 2019 09:22:04 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
date
Wed, 07 Apr 2021 01:49:11 GMT
x-amz-cf-pop
CDG3-C1
x-amz-cf-id
20a58FQrMMXkzCoVsTgV_P_W0sMk4E800E7r_nKFM5OyiS5AL_Zj-A==
jquery.bxslider.mini.js
cdn-1.tstatic.net/js/bxslider/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/bxslider/jquery.bxslider.mini.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
130368e1880972a560164d6a42407eb853179a8eb98aa11b3ec7605296dfe775

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:07:53 GMT
content-encoding
gzip
last-modified
Wed, 25 Mar 2015 04:27:51 GMT
server
AmazonS3
age
2574879
etag
W/"d7163e041d3b536a19694784ad2ec6da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
CDG3-C1
content-type
application/javascript
x-amz-cf-id
OGgwaedhd2jhFL22HIeGLbNvBFf7TCCTip4HBRKB04NbMCPb1d6WQw==
expires
Tue, 24 Mar 2015 16:00:00 GMT
jquery.fancybox.pack.js
cdn-1.tstatic.net/js/fancybox2.1.3/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/fancybox2.1.3/jquery.fancybox.pack.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ff9d4ae2b3407b031e3359007ff4d7ac9e0b342f25ce44c77d3cb7f14f65043

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Wed, 25 Mar 2015 04:27:55 GMT
server
AmazonS3
age
190912
etag
W/"38b8a249b8b955e0c789a490847d9cc5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
date
Wed, 07 Apr 2021 14:20:40 GMT
x-amz-cf-pop
CDG3-C1
x-amz-cf-id
GOaAk4wLTDdrOvIprv3wSTcwXPPfa0R0XVvAhc_mO8R5-6L8n5F9pw==
expires
Tue, 24 Mar 2015 16:00:00 GMT
prebid4.32.0-26032021.js
cdn-3.tstatic.net/ads/prebid/ 		250 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-94.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93ad25346390323235a0b27d7f517853a0b911cb94f0755786ee858f2626acaf

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Fri, 26 Mar 2021 07:43:41 GMT
date
Tue, 30 Mar 2021 08:38:31 GMT
content-encoding
gzip
last-modified
Fri, 26 Mar 2021 07:44:35 GMT
server
AmazonS3
age
902641
etag
W/"759d0d923ac130ee53892ca24052d031"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 5fbb28bff7a0b15518cded51f089f259.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
vgqTAQrR3v59yR93Q1V6VEDRaN1aqJcg79Cen3jvG1GCRCb6U-vJDw==
glightbox.min.css
cdn-1.tstatic.net/css/glightbox/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/css/glightbox/glightbox.min.css
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 00:26:37 GMT
content-encoding
gzip
age
500154
x-amz-meta-cache-control
max-age=2592000, public
x-amz-meta-sha256
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
x-cache
Hit from cloudfront
last-modified
Fri, 08 May 2020 08:14:16 GMT
server
AmazonS3
etag
W/"7443f26fb8ef9bb0368d931f2b1f1cb5"
vary
Accept-Encoding
x-amz-version-id
null
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
CDG3-C1
content-type
text/css
x-amz-cf-id
fF7D7H7cjsh08Orfki5eHkxN6l6CCSG_eH999M1ce2ro7Nawb6qqrg==
x-amz-meta-s3b-last-modified
20200331T194635Z
glightbox.min.js
cdn-1.tstatic.net/css/glightbox/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/css/glightbox/glightbox.min.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 00:26:37 GMT
content-encoding
gzip
age
500155
x-amz-meta-cache-control
max-age=2592000, public
x-amz-meta-sha256
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
x-cache
Hit from cloudfront
last-modified
Fri, 08 May 2020 08:14:31 GMT
server
AmazonS3
etag
W/"c8e60c852f16b93503708e1b27423274"
vary
Accept-Encoding
x-amz-version-id
null
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
CDG3-C1
content-type
application/javascript
x-amz-cf-id
peAUnofv-hCY2EzGFkrx6OiBvOhF9msNYiY_hc0r7B3eTc8jf0n__A==
x-amz-meta-s3b-last-modified
20200331T184655Z
sdk.js
connect.facebook.net/id_ID/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/id_ID/sdk.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f053:f:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c89556d402493b53d306694fe6ee3a0a359ffad6a67d5d032bece65d0857426e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://banjarmasin.tribunnews.com
Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
4oxmrtOHNfHms6dyQnJtAg==
cross-origin-resource-policy
cross-origin
expires
Fri, 09 Apr 2021 19:40:59 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
LWgTtztfzsGDdLM8lxnJwchQcujMJyhDBycVchbPM/OA1ljprspGWcCzrDNoBDC791QM7C5mG36WpJq8NYdKpQ==
x-fb-trip-id
1679558926
x-fb-content-md5
666d0cde217898c0d016163acd331b3b
date
Fri, 09 Apr 2021 19:22:31 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"165fc68747a8ee759f73e85c2ef232e2"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
banjarmasinpost.svg
cdn-1.tstatic.net/img/logo/daerah/svg3/ 		22 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-1.tstatic.net/img/logo/daerah/svg3/banjarmasinpost.svg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a764718006443bf75db60d5a4adea6a2aba9275c4e31bc347f7aa97aee2bade

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Thu, 22 Feb 2018 08:54:16 GMT
date
Wed, 17 Mar 2021 14:30:54 GMT
content-encoding
gzip
last-modified
Thu, 22 Feb 2018 09:01:49 GMT
server
AmazonS3
age
2004698
etag
W/"5e46afcae527bfa5ca6c5d3c16bcc8f8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
CDG3-C1
content-type
image/svg+xml
x-amz-cf-id
cHYaylgtcvEWU8YUW-BFiohf_5Ga9VAw95yHISc-PMULNynzqFBIFw==
Logo_T_blue.svg
cdn-1.tstatic.net/img/logo/tribun/svg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-1.tstatic.net/img/logo/tribun/svg/Logo_T_blue.svg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Fri, 24 Jul 2015 09:49:00 GMT
date
Thu, 25 Mar 2021 18:08:32 GMT
content-encoding
gzip
last-modified
Sat, 15 Aug 2015 14:25:23 GMT
server
AmazonS3
age
1300440
etag
W/"2881375fb0f9e7fc4d0a2f42434696e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
CDG3-C1
content-type
image/svg+xml
x-amz-cf-id
Zoj21tyM1glpM2mk70XL7QdR3RjCClJxFQWSd5YxuElpm5s5LC41JA==
presiden-jokowi-menangis-saat-melihat-korban-bencana-alam-di-ntt.jpg
cdn-2.tstatic.net/tribunnews/foto/bank/thumbnails/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/tribunnews/foto/bank/thumbnails/presiden-jokowi-menangis-saat-melihat-korban-bencana-alam-di-ntt.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff639f2169daa1367ba8f1d057486804f0cb94abcd2d96185eec076b838d4dea

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 17:35:46 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 16:45:55 GMT
server
AmazonS3
age
6406
etag
"992e526dae23345e5b5f1aa610b9ac0e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
2345
x-amz-cf-id
kszZ5jaIb3Nx2X5WdtRuSQz1A2xyJdbHZjA_AuzYgHEpaAgnJ6XgDw==
banjir-bandang-di-adonara-5-april.jpg
cdn-2.tstatic.net/tribunnews/foto/bank/thumbnails/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/tribunnews/foto/bank/thumbnails/banjir-bandang-di-adonara-5-april.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
444b64dc34e8c5d2d72b1b5fad6c446fc4a046b1bd39a97aa9845068b549685e

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 17:49:09 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Mon, 05 Apr 2021 01:06:53 GMT
server
AmazonS3
age
5603
etag
"0d4f2372b65e16d0d66615c7d03c6fdd"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
1952
x-amz-cf-id
D4-6T_j8JuR7xUVcOKHYqlsxEvM1xc82n3o54Htt6iOGPIdOY5fiKA==
rumah-terduga-teroris-jagakarsa-2.jpg
cdn-2.tstatic.net/tribunnews/foto/bank/thumbnails/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/tribunnews/foto/bank/thumbnails/rumah-terduga-teroris-jagakarsa-2.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4dea9fd3eb0528b23ed2638bb4bbc2dbbc32117981aab8820b49038f7e0ad21b

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:43:51 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Wed, 07 Apr 2021 23:20:50 GMT
server
AmazonS3
age
31121
etag
"f90914f4628ceb652729d0d60bd4044f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
1656
x-amz-cf-id
3sp9eOWsaVULruCtOFMwsr5cdYTbX6VJQkUZbuWPBYXcTw6tIq7qLA==
personel-densus-88-antiteror-polri-saat-menggerebek-rumah-pria-berinisial-wi.jpg
cdn-2.tstatic.net/tribunnews/foto/bank/thumbnails/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/tribunnews/foto/bank/thumbnails/personel-densus-88-antiteror-polri-saat-menggerebek-rumah-pria-berinisial-wi.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3a70f43b5750186ee6c18a34f72d6f73f7033d5b458d3287d4a81107e5d8868

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 12:37:14 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 11:47:50 GMT
server
AmazonS3
age
24318
etag
"2e7d73ef711b8131bb5fd738f9cfbc3a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
2460
x-amz-cf-id
N7Qz_7nC7q6HJhd_pqf4ZcGbajLwAzFwrNLM660KlLzwwFxpAwsR4w==
masterpieve-maia.jpg
cdn-2.tstatic.net/tribunnews/foto/bank/thumbnails/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/tribunnews/foto/bank/thumbnails/masterpieve-maia.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2fbd31953687213ca608175f69dc8cc6bb81dc3493ecbde9434b14987cb752c

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 16:35:00 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Wed, 25 Nov 2020 02:25:48 GMT
server
AmazonS3
age
10052
etag
"46abec27ecd41372bbdfc2759cc0b2bc"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
2207
x-amz-cf-id
k6W1cdMIpQadyxiKZvK8nZlrgvqSpiWTbVYmtKPPIr8WUsBw6IqT9w==
1100-petugas-pelayan-publik-terima-vaksinasi-covid-19_20210309_183141.jpg
cdn-2.tstatic.net/tribunnews/foto/bank/thumbnails/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/tribunnews/foto/bank/thumbnails/1100-petugas-pelayan-publik-terima-vaksinasi-covid-19_20210309_183141.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
095ef73b59749f0a6c01cfd110657272919b7a4ccdf23c14a68cdcbd0cda5d2f

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:43:51 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Tue, 09 Mar 2021 11:31:44 GMT
server
AmazonS3
age
31121
etag
"6ac77047e342050dea39e0ca6c2db9f4"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
1998
x-amz-cf-id
2fDHcwGN2_fdbMJlF69XeY_cUpIS_Jf0F76lgz-22v2LLjBW4Pa-EA==
vicky-baru.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/vicky-baru.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee6e18a5143397b541cb8f801af593d9969ecfbeaaeba16899cc75a0eb08b14c

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:43:29 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jan 2021 12:15:56 GMT
server
AmazonS3
age
31143
etag
"f082bc4812e090db5e9b90ec1994bfe2"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
5732
x-amz-cf-id
X9ZfkRWMQcdUmNKEm3td-CNEIHcmrUrCKCGlcrJZAVp9ch2mJ3n9JQ==
betrand-peto-ruben-onsu-dan-sarwendah-dalam-unggahan-instagram-2-desember-2020.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/betrand-peto-ruben-onsu-dan-sarwendah-dalam-unggahan-instagram-2-desember-2020.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
317af6251f93a4ef954fa1f31a5e0ec58ca37b17e05fb6df7d4d156a9e5f8ef5

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 20:47:23 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Wed, 10 Feb 2021 10:30:15 GMT
server
AmazonS3
age
167709
etag
"de769bae0d00aec828d66b933742e728"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
4614
x-amz-cf-id
ImmIk9jjdh4gZWpgUOXJpqAEE5zdOTuE-joyrMOyYNUtwRr1UcOxFg==
celine-evangelista-dan-boy-harsya-atau-malik-harsya.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/celine-evangelista-dan-boy-harsya-atau-malik-harsya.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
988fff2b2725b99cd88d4a226414997a1445ec4d2d5a586a6375df1591618ab1

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 01:15:48 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Sun, 07 Feb 2021 03:05:29 GMT
server
AmazonS3
age
65204
etag
"ee55518560807e3060c36d34b4567fb1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
3533
x-amz-cf-id
xWqY-TIIZ6MNMSp98ouaZLXFcaSXriYmh6JDBADmvPiMUD-igb2sOQ==
kemesraan-atta-halilintar-dan-aurel-hermansyah.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/kemesraan-atta-halilintar-dan-aurel-hermansyah.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6c65f5b0002dc5d89cb6e5bcf6651adc927b964ab20c6e5b72bbda1a4eda2b2

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 00:30:09 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Wed, 07 Apr 2021 00:27:03 GMT
server
AmazonS3
age
240743
etag
"46e841ebaf89a88beb762d946a157dbc"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
4147
x-amz-cf-id
9hX-498FvoAMEBZ7yIJVEMHqWVyLMuk2nGOE_DAykJbKLr3RgNDvlQ==
cagliari-juventus-cristiano-ronaldo-alvaro-morata-federico-chiesa-liga-italia-serie-a.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/cagliari-juventus-cristiano-ronaldo-alvaro-morata-federico-chiesa-liga-italia-serie-a.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a2e2f76be747221544fc8417e760d333e2793f8669366bb3990702dcf68f61c

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 13:29:18 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Mon, 15 Mar 2021 04:43:34 GMT
server
AmazonS3
age
107593
etag
"de767c1e56f3053cc2450ca6bdf32a71"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
6691
x-amz-cf-id
amXK6ldl0fNAF0cEfkLVHX3pbZNbCSJhR-QksMGf58mA4CB6HO6poQ==
kalapas-kelas-ii-b-amico-balalembang-menjelaskan-hasil-temuan.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/images2/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/images2/kalapas-kelas-ii-b-amico-balalembang-menjelaskan-hasil-temuan.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59a56a9fe9d02cb9bc5d1c9c6986a65bb081c3e6e3d4c337c57db88fecb9ad29

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:30:47 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 02:15:14 GMT
server
AmazonS3
age
60705
etag
"7a0ad95a66f411243c54c872e1d75844"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
66688
x-amz-cf-id
Uw9Rw3qVSCh3eKr-Sv0vQL3dKdoCkNqd2DyW8FPtdG6R4JoyR5-Paw==
amanda-gisel-yes-2.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/images2/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/images2/amanda-gisel-yes-2.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c27da17601d18737a82132bcfb99b884e111eae0afdbdc18ebf270d0c5974529

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 12:46:16 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 12:33:14 GMT
server
AmazonS3
age
110176
etag
"7553e6c6430e57f5caa911bf40ac23f9"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
46884
x-amz-cf-id
s0bAsj3W-tw0sJCTvvl1UKQs4-dyGhMzYPBG2-TKgF_ycTdWRcMsAQ==
ustaz-abdul-somad-jelaskan-batas-waktu-sholat-dhuha-inset-dua-anak-sholat-dhuha.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/images2/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/images2/ustaz-abdul-somad-jelaskan-batas-waktu-sholat-dhuha-inset-dua-anak-sholat-dhuha.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de4be51dee3e85acaa5b96f3e176b98a5764e5b262def5375631f9f9bedd8e0e

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:30:47 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Wed, 04 Nov 2020 22:10:06 GMT
server
AmazonS3
age
60705
etag
"964ac32e53b114439335eff3ccf69e19"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
49824
x-amz-cf-id
kZppiJDu90GzmIef35Cb5yy6jN9sYSCyoE7FqPapg8cGp1OUoBuw8Q==
ayu-nagita-baru2.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/images2/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/images2/ayu-nagita-baru2.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a8e3760f6b719bd08610ae7bfb01ef5556667229fc60805a377d664d9dbfbc0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:33:00 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Sun, 04 Apr 2021 06:40:32 GMT
server
AmazonS3
age
60572
etag
"03bba735991e74b0808a0144c909380d"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
40649
x-amz-cf-id
MQhFOA90drDV43GKIHSvsaCjm3GJZ1jJuv3dKmKKTg96N3HS-XrU9g==
live-streaming-indosiar-psis-semarang-vs-psm-makassar-piala-menpora-2021.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/images2/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/images2/live-streaming-indosiar-psis-semarang-vs-psm-makassar-piala-menpora-2021.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd614bdff3d478e23af99cb24cfb845e0c7c480d17de36c0dd02383ab9e743ec

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:07:36 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 04:03:22 GMT
server
AmazonS3
age
29696
etag
"59f3fd954cafdf6acf1c611a2419f6f1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
49694
x-amz-cf-id
60CYN9HqU7eDZu17d0k-MuJApiZl2opX7MmvTT67ktDv0e2vf6PCSg==
kalapas-kelas-ii-b-amico-balalembang-menjelaskan-hasil-temuan.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/kalapas-kelas-ii-b-amico-balalembang-menjelaskan-hasil-temuan.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ea126aedd47dce95bd1dc2ce98ad419eb9f4c0e094ef425191c0ca394335385

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:16:14 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 02:15:14 GMT
server
AmazonS3
age
61577
etag
"e4497c9acda724fe4234a27124ca2177"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
6371
x-amz-cf-id
C5bHQFbd4X10j1Duu3spEAUEIlqKTlUzgGnHE7TFw0JJHGJ7EevfqA==
amanda-gisel-yes-2.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/amanda-gisel-yes-2.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
555fe9658fab13e8ce2b127a4f27256d78b19cf4cf79cb7c2f8b6b056a9096af

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 12:33:53 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 12:33:15 GMT
server
AmazonS3
age
110918
etag
"4ee031b6d66a2eddbeb3e6091191ae9a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
4527
x-amz-cf-id
r-jP4WzFQTpuLg7LTC2expdd4R55qOsDSjxnnrq4nGWOyXeayjdLQQ==
ustaz-abdul-somad-jelaskan-batas-waktu-sholat-dhuha-inset-dua-anak-sholat-dhuha.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ustaz-abdul-somad-jelaskan-batas-waktu-sholat-dhuha-inset-dua-anak-sholat-dhuha.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75f1e376e97be7d842d2d604d5bbd8c30e005aa7d5622a39de190cecfcacad2d

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:08:53 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Wed, 04 Nov 2020 22:10:06 GMT
server
AmazonS3
age
62019
etag
"e3c4c37c88ce044a0a50518c44d3b294"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
4725
x-amz-cf-id
a4JWABPd_7Gf6PWNbDXcBsxSCqWFsMj_FU5_Tvlsj1OKAoFl_YZaeA==
ayu-nagita-baru2.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ayu-nagita-baru2.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24496720a823c47ec90503d986e145f444fb51273a8f15f70d946f925febd8e9

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 04:58:05 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Sun, 04 Apr 2021 06:40:33 GMT
server
AmazonS3
age
224667
etag
"c3cdf82574609d4c1ca99a924bd261d7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
4159
x-amz-cf-id
Mf3wOf1lWtNPfEnhkQeDLPeNijykn-t7yZkEeF4CcaWOtr3dsds4SA==
live-streaming-indosiar-psis-semarang-vs-psm-makassar-piala-menpora-2021.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/live-streaming-indosiar-psis-semarang-vs-psm-makassar-piala-menpora-2021.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec8d08aca5b3e90f3d5987705a7cedd31d51ddd098c941612c6b50142e94fc69

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 04:06:31 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 04:03:22 GMT
server
AmazonS3
age
54961
etag
"5d3d8ec8114703ef9b4437f44d850df8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
4938
x-amz-cf-id
Nj-o5gjTLU5jWUxqeE6WyKONwyYytQL74TtjivdYFOmFJmwh5znZsg==
pencarian-orang-tenggelam-di-sungai-martapura.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/pencarian-orang-tenggelam-di-sungai-martapura.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f59bb0cbb9ae64cb10fc46fff934722f8d82eb00048771419dea4666d307d3fb

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 16:31:45 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 16:25:27 GMT
server
AmazonS3
age
10247
etag
"b2330b0bd1f3b5316cc02de9c97352cb"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
3653
x-amz-cf-id
gNBjqizRYgeCRN34qw2VKeocV82-hAZNEStS3u1ekYHVCpbxwZXl8A==
digitalisasi-pembayaran-jual-beli-di-lokbaintan.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/digitalisasi-pembayaran-jual-beli-di-lokbaintan.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a54f204f81928b4de9e0a1c62eb9c6bb3191833ad093e725c075d46411888391

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 16:16:08 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 16:13:32 GMT
server
AmazonS3
age
11184
etag
"543c151eb1ead7f0279f80fa75e32b23"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
5914
x-amz-cf-id
tOP_yndUjOxdDa3oAJK62f3fb9T6bCZyeh6Z9JjYUxDfsjpCGr--Ow==
sekretaris-umum-esi-kalsel-handoko-tri-hatmojo-berbincang-di-btalk-bpost.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/sekretaris-umum-esi-kalsel-handoko-tri-hatmojo-berbincang-di-btalk-bpost.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
963a9ebe36ac555b2141733a345d7087d4ec3369acb660e17c6d59477459a502

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 16:05:51 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 16:04:05 GMT
server
AmazonS3
age
11800
etag
"ecf7229180236ee9d541eb83f74594dc"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
5030
x-amz-cf-id
6_J0qYm42EfHxN2Eic8BOzFVDVGa5WvYRhtR_iRzUFEnWN9EAD30Qg==
staf-dprd-banjarbaru-menjalani-test-swab.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/staf-dprd-banjarbaru-menjalani-test-swab.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88a5da05a90e0589e7d60e9787b9a690d06e7d7bdd52191a284d32fb203cc255

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 16:03:14 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 02 Oct 2020 08:58:50 GMT
server
AmazonS3
age
11957
etag
"1b524a1a7d57f2c998e1b2b290267cf2"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
5530
x-amz-cf-id
p9ID056T3mm3WFOO9M9KajGMIkH4CzQnuEJW5uFJEmWWBEZ-gkB_qw==
prilly-nikah-suami.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/prilly-nikah-suami.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d048a022e43a31b5261e0c8e7151a95d66bba0af19d79f22c40185c09b26301

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 15:58:06 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jun 2020 15:38:02 GMT
server
AmazonS3
age
12266
etag
"fbf3cddd6927f061c1d695cb5f5bd723"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
5507
x-amz-cf-id
tpmBDtD2lfIHg0al_EMAehTUE5MWOKjvzbTYVG2HLGC3BYC_6XH6BA==
update-covid-19-kalse.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/update-covid-19-kalse.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40aa602f25590ccece6e369411335d448895104817a3aa62009d1e4dae94ee81

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 15:43:56 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 15:43:07 GMT
server
AmazonS3
age
13116
etag
"94424ce21e010678b998d5d3b34ace24"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
3767
x-amz-cf-id
QTeTGZ0QmRqTdPUkwn6zlri33gXloGwGQujs4fEh8XSaCv3PjeuNWA==
ariel-noah-dan-bcl-kembali-bersama.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ariel-noah-dan-bcl-kembali-bersama.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b34a58e197326397bb9bcc59ad938a884888b622415fdf569b43475dfcce983

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 04:34:59 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Sun, 29 Nov 2020 10:19:47 GMT
server
AmazonS3
age
53253
etag
"93ef4afba3f2070fb3337ee04c511ac7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
4981
x-amz-cf-id
7R-mgGS0UiEqXdse28hngXk0Bz_X3knVnuHDE5vJ1P5BKc3-juDG0Q==
pj-gubernur-kalsel-safrizal-za-membuka-rangkaian-musda-x-mui.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/pj-gubernur-kalsel-safrizal-za-membuka-rangkaian-musda-x-mui.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb071a21e509d0458b8860ec83da00df3647f6e3aea5b731571de8df3aaea58e

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 15:39:01 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 15:34:35 GMT
server
AmazonS3
age
13411
etag
"2042f99749713524e626f5eb84956c57"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
5655
x-amz-cf-id
vA7kwRnkBbmJNvdo-vpAkfggtFcIh9J_CIzXuJV1zzI8OWEW2MRk_g==
logi-piala-menpora-2021-yang-tayang-lewat-live-streaming-indosiar.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/logi-piala-menpora-2021-yang-tayang-lewat-live-streaming-indosiar.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
208288a9d9378f541abf5c9d67ff9a9811bcfa3f11b3e426d03ba380d687fc84

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 02:13:08 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Sun, 14 Mar 2021 06:54:40 GMT
server
AmazonS3
age
1703364
etag
"34e19c79405bffeebff83d09e4de8475"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
2949
x-amz-cf-id
CVeX3pOvaMipw7vgIMo9Z20qdxEc6RjmV9oydmhQnGMPY2qITJ24Uw==
sungkar-hamil-irw.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/sungkar-hamil-irw.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7e6baf20f7eae175ae8d6cc3dba3bd1fc2cbb3864c426dbabff18a933c8cb49

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:15:09 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Tue, 30 Mar 2021 03:59:50 GMT
server
AmazonS3
age
36443
etag
"15850442243c9062e5db30da6d91d88c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
4096
x-amz-cf-id
Dw9w2ievnR88bJoqXtB8GdNwB04erBWTOd7umQO8gt_jRLFhKhG_cg==
live-streaming-indosiar-piala-menpora-psis-semarang-vs-psm-makassar.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/live-streaming-indosiar-piala-menpora-psis-semarang-vs-psm-makassar.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6770d87b19b2f1de90654900471df074b0c098119c640f57da04b34189e2428

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:11:46 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 07:37:40 GMT
server
AmazonS3
age
36646
etag
"3a1f67ac8d7df4fb498858ef19d46e83"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
3245
x-amz-cf-id
oBqnEXRL6MLxjiIqBMqi2M4STnNemt4NdSuMe3qNxIsFTTybGHbR6w==
andhika-pratama-dan-ussy-sulistiawaty-berbohong.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/andhika-pratama-dan-ussy-sulistiawaty-berbohong.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c8c9f00b0652ada20b90b3afdf64f072615eaeb0c157b790fd5b58d2f215352

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 04:49:36 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 06 Sep 2019 08:25:08 GMT
server
AmazonS3
age
52376
etag
"ac736202bd7de6cc964717308c648307"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
4598
x-amz-cf-id
HMUS-yj88TtKYFv5SetufaKyYs03Lp9da-GkZDEON2r8LBFNpNyjKQ==
syahnaz-sadiqah-jeje-govinda-zayn-dan-zunaira.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/syahnaz-sadiqah-jeje-govinda-zayn-dan-zunaira.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0069d1c1ee46275e447c2433a9dc21e4116e36ed6f860ecdba8e5870679136d5

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:21:00 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Sun, 21 Feb 2021 05:34:17 GMT
server
AmazonS3
age
32492
etag
"1cf6dbdb80742c56d9f611b0f10b87c7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
4552
x-amz-cf-id
LdCpFeK3_b5z-Atz9CFrvSc98UO9NPFZwdnnvRwd4DHEX-Ie9M3kqA==
pemain-psm-makassar-zulham-zamrun.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/pemain-psm-makassar-zulham-zamrun.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed6bc58d6fba10e686e4551757aac7c50c6958fa6eff783c01216ffc846a4527

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 02:52:01 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Sat, 16 Feb 2019 14:31:57 GMT
server
AmazonS3
age
145830
etag
"9ddb796d438e55c17cbba0c12eb1d8b7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
4431
x-amz-cf-id
vnUqx5hU-JoMRDIXv_Ehj0DLary6ePs52SEg1Sb4K8et4R2qznNLZw==
romelu-lukaku-antonio-conte-bologna-vs-inter-milan-liga-italia-serie-a-2021.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/romelu-lukaku-antonio-conte-bologna-vs-inter-milan-liga-italia-serie-a-2021.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb6f8760c75d115cb07e20e5aa89cd9c214deeb7b31aa5beea918a499e75d5f2

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 12:09:42 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Sat, 03 Apr 2021 23:59:12 GMT
server
AmazonS3
age
25970
etag
"a6900b7dd95f1a51e0e6a2edaa26d8f9"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
5355
x-amz-cf-id
6UMa_PMcafEfe6qWtqGWs0cE9ulwlWvswZqvFpCBRZV6ono18f0bEQ==
ketua-idi-kalsel-dr-hm-rudiansyah-mkes-sppdkgh-sadfasfasdf.jpg
cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/foto/bank/thumbnails2/ketua-idi-kalsel-dr-hm-rudiansyah-mkes-sppdkgh-sadfasfasdf.jpg
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e8a71d2020a8d484f18436f0a8af7d90372a4308bf936973573ed430c57f51b

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:06:30 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 09:04:00 GMT
server
AmazonS3
age
36962
etag
"c6bc30ec115f59f54ade10c407e168db"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
4482
x-amz-cf-id
PUZP_0MgCD6OkC3wdAqg06Y4wJzXIZRVs6bTe7u6fmCfYeed6xgHug==
bpost-epaper2.gif
cdn-2.tstatic.net/banjarmasin/banner/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/banjarmasin/banner/bpost-epaper2.gif
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-55.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40a02e0b6e4b8615884fde3c08fd6dd8a45c9a98f3ac2d016e1d428db4c38d1d

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Mon, 16 Mar 2015 06:05:41 GMT
date
Wed, 03 Feb 2021 06:24:24 GMT
via
1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2015 11:17:12 GMT
server
AmazonS3
age
5662688
etag
"06794822589e9e42675d57ac81422651"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31536000, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
11751
x-amz-cf-id
kLhmP31gSLh3K--L7V7dikPPJQjd_Tzbkft4YiJjbqp050DcgwLSog==
lozad.min.js
cdn-1.tstatic.net/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/lozad.min.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Fri, 31 May 2019 01:49:18 GMT
date
Sun, 07 Feb 2021 18:51:25 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 01:51:20 GMT
server
AmazonS3
age
5272266
etag
W/"34b722949a97a9f6734cd66d940531ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
CDG3-C1
content-type
application/x-javascript
x-amz-cf-id
e_VZoRnRD_HWXbhgLZCC1PG28aeppssXlz800dtj_HFjxWgjT0FWDg==
firebase-app.js
www.gstatic.com/firebasejs/5.5.6/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-app.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 08:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
age
556296
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12419
x-xss-protection
0
expires
Sun, 03 Apr 2022 08:50:55 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.5.6/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-messaging.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 14:15:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
age
104828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10096
x-xss-protection
0
expires
Fri, 08 Apr 2022 14:15:23 GMT
tribun.js
asset.kompas.com/kgnotif/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/kgnotif/tribun.js?v=3
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-97.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
081a28dfa5acc18a525c552aa51fc5a0bc1e2eb1c387db969b8f8af3d77a530d

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 09:30:43 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
age
1936308
x-amz-meta-sha256
081a28dfa5acc18a525c552aa51fc5a0bc1e2eb1c387db969b8f8af3d77a530d
x-cache
Hit from cloudfront
content-length
3689
last-modified
Thu, 18 Mar 2021 08:21:13 GMT
server
nginx
etag
"c779e5bc5b38950e7582691cd13dc484"
access-control-allow-methods
GET, OPTION
x-amz-version-id
o5WmqjaGYyr3x092m48I3dsgu0hL9.xO
access-control-allow-origin
*
expires
Fri, 18 Mar 2022 09:30:43 GMT
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
Gdx_Wbe4OxfI-CJARBGFlskC-WU9OwOdh5vhehGzkxu-tUDbKKH74g==
x-amz-meta-s3b-last-modified
20210318T073258Z
sso_g_signin.min-1.0.js
cdn-1.tstatic.net/js/kgmedia/tribunnews/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.0.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbba45cb3355a22c9ddd6893732795b6746e460fc1ac52e77b5268ec9d685f5f

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Mar 2021 02:25:52 GMT
content-encoding
gzip
age
1184200
x-amz-meta-sha256
dbba45cb3355a22c9ddd6893732795b6746e460fc1ac52e77b5268ec9d685f5f
x-cache
Hit from cloudfront
last-modified
Thu, 14 Jan 2021 04:57:50 GMT
server
AmazonS3
etag
W/"9d3e5dbdb245a14e5139aca792974052"
vary
Accept-Encoding
x-amz-version-id
iwnBU7Ip0vrtHzsOMmfNlAhCmESC_5lX
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
CDG3-C1
content-type
application/javascript
x-amz-cf-id
04p8-HAoi_AHY_otO2tatcWviEilJv4_O5He6YZrJDUt013TaDDZ3w==
x-amz-meta-s3b-last-modified
20210113T054706Z
gtm.js
www.googletagmanager.com/ 		141 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc5b722d2ede843c41d3198c0e03a5e365bfff38f9787d0999e4725dac82a54b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43428
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Apr 2021 19:22:31 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://banjarmasin.tribunnews.com
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617, 617
age
271063
cdn-cachedat
2021-04-06 15:46:31
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56780
cf-request-id
0959af130100002c2634b54000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
43d4453ee78e2610c5895c178653cac8
accept-ranges
bytes
cf-ray
63d61acb3e1b2c26-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
pubads_impl_2021040101.js
securepubads.g.doubleclick.net/gpt/ 		286 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Apr 2021 08:39:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103004
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:31 GMT
ico.png
cdn-1.tstatic.net/css/theme13/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-1.tstatic.net/css/theme13/images/ico.png
Requested by
Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/css/theme15/style.1.8-20210127_daerah.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce1973c0c3ca7fb42ef70ac00a7941e8c47c5abbb3ce346a21460b6df523e951

Request headers

Referer
https://cdn-1.tstatic.net/css/theme15/style.1.8-20210127_daerah.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:34:11 GMT
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
last-modified
Wed, 25 Mar 2015 04:27:31 GMT
server
AmazonS3
age
2501301
etag
"55588fdde1eefcb63c001bd846c2d34d"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=2592000, public
x-amz-cf-pop
CDG3-C1
accept-ranges
bytes
content-type
image/png
content-length
13732
x-amz-cf-id
T0lufb89fM3h8h8uaU1Sn8HCmuRwQScVynvlux5JIR3yJ1pKsM7IHg==
expires
Tue, 24 Mar 2015 16:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
5853
date
Fri, 09 Apr 2021 17:44:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Fri, 09 Apr 2021 19:44:58 GMT
sdk.js
connect.facebook.net/id_ID/ 		199 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/id_ID/sdk.js?hash=04192cf32fbc35797d9b5f836ba867b8&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/id_ID/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f053:f:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b5882b50944b49be3c6e08e8f3345c9768fe492a443a6fe3a61cb289dc428e78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://banjarmasin.tribunnews.com
Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Lz+BalE8W44BzzYxOl4A+w==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
61328
x-fb-rlafr
0
x-fb-debug
a4yF1/Umky8q+/J9m6kD6Deah73UBJXM6It65ywSURH5VSPDW2d6Mfvjqx40/GnQWwSXFENXi/iSiTNYye0haQ==
x-fb-trip-id
1679558926
x-fb-content-md5
a36701b12df9d3c6ef5c2ed96ec80184
x-frame-options
DENY
date
Fri, 09 Apr 2021 19:22:31 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"6dd135ff4b4b1f649441aa245ab7ae15"
timing-allow-origin
*
expires
Sat, 09 Apr 2022 17:17:44 GMT
prebid
targeting.unrulymedia.com/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/prebid
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:32 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
v1
prg8.smartadserver.com/prebid/ 		910 B
960 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
7a2aad8b26717505221895e70e44c0a4da38aeb0d4e11a09f2a31060ecf9920f

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:31 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b14%3b127
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:31 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg8.smartadserver.com/prebid/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:31 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg8.smartadserver.com/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
f383d71bd96d0e23e8914e68dd64e5984d48e2865e6ceaa88d0e123bd6abb0f5

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:31 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b25%3b113
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:31 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg8.smartadserver.com/prebid/ 		767 B
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
d57327b082d55df9b01342d3b1ad2d7fa7f4d01793e34d1bc8a22c693f83f0e0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:32 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b21%3b107
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
cdb
bidder.criteo.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.32.0&cb=21790485019
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://banjarmasin.tribunnews.com
date
Fri, 09 Apr 2021 19:22:31 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.32.0&referrer=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&tmax=1000
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.26.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-26-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:32 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
kompascybermedia-d.openx.net/w/1.0/ 		172 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kompascybermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b7fed23a-ecf0-4c0c-be91-67497487878d%2C1a5f8376-55a7-47fa-bf3f-8df64927fe95%2Cf90cadfd-c31e-49c3-a570-262b4493d17e%2C980160e7-1d0e-4579-837d-58f4116e98e6%2Cf81b63b0-891c-4db4-b7f4-6e0b3c478290%2C74b87140-ee19-4819-8157-7287a5a0762b%2C5c8828ff-b7aa-41be-b1ed-f222472395d2&nocache=1617996151928&aus=728x90%2C970x90%2C970x250%7C160x600%7C300x600%2C300x250%7C300x250%7C300x600%2C300x250%7C300x250%2C300x100%2C1x1%7C320x100%2C320x50%2C1x1&divIds=div-Top-Leaderboard%2Cdiv-Left-WideSkyscraper%2Cdiv-Right-MediumRectangle-1%2Cdiv-Right-MediumRectangle-2%2Cdiv-Right-MediumRectangle-3%2Cdiv-Inside-MediumRectangle%2Cdiv-BelowArticles&auid=540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
3718276885a3a794737c0003455305424a9951854fdff7bd5ed92cedca854710

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:32 GMT
content-encoding
gzip
server
OXGW/16.205.50
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
280686
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/280686
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Fri, 09 Apr 2021 19:22:32 GMT
X-SpotX-Timing-Transform
0.000972
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.001094
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000291
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.012340
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000271
X-fe
048
Last-Modified
Fri, 09 Apr 2021 19:22:32 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007211
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
X-SpotX-Timing-Page-Misc
0.002459
X-SpotX-Timing-Page-Exception
0.000027
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.007211
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
282137
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/282137
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Fri, 09 Apr 2021 19:22:32 GMT
X-SpotX-Timing-Transform
0.000714
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.002756
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000479
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000007
X-SpotX-Timing-Page
0.017815
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000546
X-fe
030
Last-Modified
Fri, 09 Apr 2021 19:22:32 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006752
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
X-SpotX-Timing-Page-Misc
0.006523
X-SpotX-Timing-Page-Exception
0.000019
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000019
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.006752
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
301966
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301966
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Fri, 09 Apr 2021 19:22:32 GMT
X-SpotX-Timing-Transform
0.000772
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.001153
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000459
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.009028
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000301
X-fe
104
Last-Modified
Fri, 09 Apr 2021 19:22:32 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004164
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
X-SpotX-Timing-Page-Misc
0.002143
X-SpotX-Timing-Page-Exception
0.000021
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.004164
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
301967
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301967
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Fri, 09 Apr 2021 19:22:32 GMT
X-SpotX-Timing-Transform
0.000315
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.001263
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000324
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.010673
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000370
X-fe
085
Last-Modified
Fri, 09 Apr 2021 19:22:32 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006160
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
X-SpotX-Timing-Page-Misc
0.002201
X-SpotX-Timing-Page-Exception
0.000027
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.006160
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:32 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 09 Apr 2021 19:22:32 GMT
cygnus
htlb.casalemedia.com/ 		25 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=450352&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2248c213a55b651d3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbanjarmasin.tribunnews.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A7%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249b7f7366a8cfa7%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2250fc71c7132addf%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225123eb5ed0db14a%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2252ab9c78e80d1dd%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22537f8ce3eff7038%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225450d5e638e312c%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225501b459e0e21ae%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225665c7c2694caa%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22578f0e23d6fb14f%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2258033db1d3e84a5%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2259b3828a7f62bcc%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2260a7d2be2edbbbe%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22611deebe137d008%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22628e155e6852069%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2258033db1d3e84a5%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aedfe0d8a8c57ad73aa9b50a679e4ecc1aac105135845e1bbab90848501f67fa

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:32 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[AT], RC:[], CN:[EU], CIP:[91.132.139.84], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://banjarmasin.tribunnews.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 09 Apr 2021 19:22:32 GMT
translator
hbopenbid.pubmatic.com/ 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://banjarmasin.tribunnews.com
date
Fri, 09 Apr 2021 19:22:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hbpost
hb.jixie.io/v2/ 		155 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.jixie.io/v2/hbpost
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.67.9.5 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
fc855d8f0efb146ddaf7b56fc4792c13b9aca92cd0548be831dc8ff2aadade36

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:32 GMT
content-encoding
gzip
x-powered-by
Express
etag
eec02370-9968-11eb-902c-935a778e5491
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
-1
cdb
bidder.criteo.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.32.0&cb=27565831553
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://banjarmasin.tribunnews.com
date
Fri, 09 Apr 2021 19:22:31 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.210.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-210-10.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57d87f4202b259833def537015880ebd3733bb40d19c95df1da49ba126c3b397

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 18:06:02 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 31 Mar 2021 18:01:58 GMT
Server
AmazonS3
Age
782191
ETag
W/"22e062f70826be118ae2cae04b9fa227"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 2e44a3b2c1d0f478404fb20d9971a779.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
HAM50-C2
X-Amz-Cf-Id
-BrsFGEr5SKtB5a0G-wsTWZjucaCVB_djlm8g1DLMqg6xMjHFORgjw==
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Sat, 10 Apr 2021 19:22:32 GMT
user
apis.kompas.com/api/activity/ 		86 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/activity/user
Requested by
Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/js/jquery/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-25.fra53.r.cloudfront.net
Software
nginx / PHP/7.1.31
Resource Hash
e882b800252581c822acdeb6b53057da6f18362e15e22dee5e18d4fd8330eec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:32 GMT
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-powered-by
PHP/7.1.31
x-cache
Miss from cloudfront
mail-subject
Join_via_header
we-hiring
jobs@kompas.com
content-length
86
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
private, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, X-Prototype-Version, Origin, Allow, *
x-amz-cf-id
3rSS7ICqF2KlG5IuxlhJfGyNGQkxry3JVp2LsRPO8U3i2eDOYJPAyQ==
expires
-1
client
accounts.google.com/gsi/ 		176 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f47471743e83ebc93ca9bd8b67a6e96fd46d18ad76088cdb256d92602ed30d09
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3n+7OInHHoO/lvV1ABudlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-3n+7OInHHoO/lvV1ABudlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-type
application/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:32 GMT
bx_loader.gif
cdn-1.tstatic.net/css/theme15/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-1.tstatic.net/css/theme15/images/bx_loader.gif
Requested by
Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/css/theme15/style.1.8-20210127_daerah.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.229.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-229-13.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cc8973d1965d3676ce68657d5caabc0bb05078786f110c4116fd4f39c250b6c

Request headers

Referer
https://cdn-1.tstatic.net/css/theme15/style.1.8-20210127_daerah.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Wed, 25 Mar 2015 04:27:31 GMT
date
Sun, 14 Mar 2021 23:06:27 GMT
via
1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
last-modified
Sat, 17 Oct 2015 10:59:54 GMT
server
AmazonS3
age
2232966
etag
"937a162c468e53b64831610af64c2c2e"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=2592000, public
x-amz-cf-pop
CDG3-C1
accept-ranges
bytes
content-type
image/gif
content-length
5536
x-amz-cf-id
RSPNPiaFgHFgfHddaWP9b8z-xZlXnGtMA7a5YPdQaFp6FF3vqTgZUg==
getNewsbreaking
banjarmasin.tribunnews.com//main/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://banjarmasin.tribunnews.com//main/getNewsbreaking
Requested by
Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/js/jquery/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-84.fra53.r.cloudfront.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src: 'self' *.tstatic.net *.kompas.com; frame-ancestors 'self' *.tstatic.net fonts.google.com adservice.google.co.id adservice.google.com *.gstatic.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google-analytics.com datastudio.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io *.alexametrics.com *.openx.net *.jixie.io *.facebook.net
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://banjarmasin.tribunnews.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src: 'self' *.tstatic.net *.kompas.com; frame-ancestors 'self' *.tstatic.net fonts.google.com adservice.google.co.id adservice.google.com *.gstatic.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google-analytics.com datastudio.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io *.alexametrics.com *.openx.net *.jixie.io *.facebook.net
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
content-length
20
x-xss-protection
1; mode=block
x-we-need-to-talk
Thank You
referrer-policy
no-referrer-when-downgrade, strict-origin-when-cross-origin
server
Apache
x-frame-options
SAMEORIGIN
date
Fri, 09 Apr 2021 19:22:32 GMT
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cache-control
no-transform
permissions-policy
geolocation=();notifications=();push=();sync-xhr=();fullscreen=(self);
x-amz-cf-id
-poVAcMYJgECFXjb_od2ROIacP1BY6Q17Eubs2ByptB4PvAysxIBuQ==
publisher:getClientId
ampcid.google.com/v1/ 		74 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 09 Apr 2021 19:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://banjarmasin.tribunnews.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
jixietracker.min.js
scripts.jixie.io/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.io/jixietracker.min.js?accountid=9262bf2590d558736cac4fff7978fcb1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.56.210 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
6d2ff10a5568ddab0b9a660a173fa950e243600d56d9e7e5575eb8f8ac05ffdf

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 10:27:53 GMT
content-encoding
gzip
x-oss-request-id
6049F0A92FFB293232297C18
content-md5
zeWcsNFMnkiSZNvpQ87UhA==
age
2537679
x-cache
HIT TCP_MEM_HIT dirn:12:519940323
x-oss-cdn-auth
success
x-swift-cachetime
2592000
x-swift-savetime
Thu, 25 Mar 2021 10:36:20 GMT
content-length
4220
x-oss-object-type
Normal
last-modified
Wed, 04 Nov 2020 04:25:49 GMT
server
Tengine
etag
"CDE59CB0D14C9E489264DBE943CED484"
vary
Accept-Encoding
ali-swift-global-savetime
1604464002
content-type
application/javascript
via
cache29.l2ot7-1[0,200-0,H], cache20.l2ot7-1[0,0], cache20.l2ot7-1[0,0], cache11.de3[0,0,200-0,H], cache12.de3[1,0]
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
14211669491861816437
eagleid
a3b538a016179961525427675e
x-oss-server-time
1
publisher:getClientId
ampcid.google.de/v1/ 		3 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 09 Apr 2021 19:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://banjarmasin.tribunnews.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=8077308&ns__t=1617996152436&ns_c=UTF-8&cv=3.5&c8=Banjarmasin%20Post%20-%20Berita%20Terkini%20Banjarmasin&c7=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1617996152436&ns_c=UTF-8&cv=3.5&c8=Banjarmasin%20Post%20-%20Berita%20Terkini%20Banjarmasin&c7=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&c...
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1617996152436&ns_c=UTF-8&cv=3.5&c8=Banjarmasin%20Post%20-%20Berita%20Terkini%20Banjarmasin&c7=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&c9=&cs_ak_ss=1
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:32 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1617996152436&ns_c=UTF-8&cv=3.5&c8=Banjarmasin%20Post%20-%20Berita%20Terkini%20Banjarmasin&c7=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:32 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
style
accounts.google.com/gsi/ 		665 B
918 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.CBgPM6QawHU.O/am=cg/d=1/ct=zgms/rs=AF0KOtVY8tmo5mlTqwo4oNTeioK7lqjLzw/m=gis_client_library
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6d64a081cc23a3255ae098398e7651dfe20ca7e5149462855e7a10a9f48f4e4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5q6r44bPKRmupt2znNVehA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-5q6r44bPKRmupt2znNVehA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:32 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Banjarmasin%20Post%20-%20Berita%20Terkini%20Banjarmasin&time=1617996152453&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&random_number=5138602172&sess_cookie=9412f173178b815fe83c1938e16&sess_cookie_flag=1&user_cookie=9412f173178b815fe83c1938e16&user_cookie_flag=1&dynamic=true&domain=tribunnews.com&account=6d9Cm1akKd605T&jsv=20130128&user_lang=en-US
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 03:07:24 GMT
Via
1.1 d4ed28727dd020fd5850b309fbb1f2f5.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
58509
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
HAM50-C3
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
omvKtdnws5GLns4pkzBy1bxZSSYeuQaAAYsNh1XxwwyiC4U7U_49SQ==
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=114488588566911&ev=fb_page_view&dl=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&rl=&if=false&ts=1617996152469&sw=1600&sh=1200&at=
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f153:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 09 Apr 2021 19:22:32 GMT
collect
www.google-analytics.com/j/ 		2 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1048073293&t=pageview&_s=1&dl=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&ul=en-us&de=UTF-8&dt=Banjarmasin%20Post%20-%20Berita%20Terkini%20Banjarmasin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAQCAC~&jid=1563522827&gjid=1768591635&cid=1930590966.1617996153&tid=UA-15224089-38&_gid=1796539826.1617996153&_r=1&gtm=2wg3v0NNJ5M3B&cd20=1930590966.1617996153&z=1901831610
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
load
tra.jixie.io/sync/ 		108 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.jixie.io/sync/load
Requested by
Host: scripts.jixie.io
URL: https://scripts.jixie.io/jixietracker.min.js?accountid=9262bf2590d558736cac4fff7978fcb1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.67.9.0 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
cb1d1e4b05a3c097ed91e9759d13f4a37deb498114a1d2dceaae50d54635f194

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:32 GMT
Content-Encoding
gzip
X-Powered-By
Express
ETag
ef215640-9968-11eb-8a64-e5269c68079e
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
private
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Expires
Sat Apr 09 2022 19:22:33 GMT+0000 (Coordinated Universal Time)
collect
stats.g.doubleclick.net/j/ 		4 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-15224089-38&cid=1930590966.1617996153&jid=1563522827&gjid=1768591635&_gid=1796539826.1617996153&_u=YEBAAEAAAAQCAC~&z=1350398152
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 09 Apr 2021 19:22:32 GMT
content-type
text/plain
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
accounts.google.com/gsi/ 		42 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=657538641912-e5c2itnmne4v4ple558a79fi6kkb3iau.apps.googleusercontent.com&as=dIrwqQtaIctwzg4i9k13zw
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.CBgPM6QawHU.O/am=cg/d=1/ct=zgms/rs=AF0KOtVY8tmo5mlTqwo4oNTeioK7lqjLzw/m=gis_client_library
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dcc25ad839e618d26df7fb561358d19b978d287df2ee761f2e1db51bbf7d9d4b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X99nbKiTnqz9gpafRhCsgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-X99nbKiTnqz9gpafRhCsgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-15224089-38&cid=1930590966.1617996153&jid=1563522827&_u=YEBAAEAAAAQCAC~&z=1769196704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-15224089-38&cid=1930590966.1617996153&jid=1563522827&_u=YEBAAEAAAAQCAC~&z=1769196704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.at/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.at/adsid/integrator.js?domain=banjarmasin.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=banjarmasin.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		85 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=463235169753534&correlator=2064879094093436&output=ldjh&impl=fifs&eid=31060033%2C31060550%2C31060699%2C44739387&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210409&iu_parts=31800665%2CBanjarmasinPost%2CHome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=160x600%2C728x90%7C970x90%7C970x250%2C300x600%7C300x250%2C300x250%2C300x600%7C300x250%2C608x110%2C1x1&ists=1&prev_scp=pos%3DLeftWideSkyscraper%26page%3Dhome%7Cpos%3DTopLeaderboard%26page%3Dhome%7Cpos%3DRightMediumRectangle-1%26page%3Dhome%7Cpos%3DRightMediumRectangle-2%26page%3Dhome%7Cpos%3DRightMediumRectangle-3%26page%3Dhome%7Cpos%3DNativeAds-Latest-1%26page%3Dhome%7Cpos%3DPremiumTopframe%26page%3Dhome&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1617996152&dt=1617996152837&dlt=1617996151277&idt=540&frm=20&biw=1600&bih=1200&oid=3&adxs=225%2C315%2C1075%2C1075%2C1075%2C426%2C-12245933&adys=434%2C100%2C267%2C2188%2C2188%2C932%2C-12245933&adks=1409774076%2C1552362255%2C236898491%2C913228110%2C236898489%2C1334992932%2C3212798792&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1%7C970x0%7C300x1989%7C300x1989%7C300x1989%7C648x6577%7C1x1&msz=160x-1%7C728x90%7C300x600%7C300x-1%7C300x600%7C648x141%7C0x0&ga_vid=1930590966.1617996153&ga_sid=1617996153&ga_hid=1048073293&ga_fc=false&fws=128%2C132%2C128%2C128%2C128%2C132%2C128&ohw=0%2C728%2C0%2C0%2C0%2C650%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
0b531be3740d838df8c87092d3b7edf3761187dde8318c1460a2a7773cbf1d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28758
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,5664021037,5531250885
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-1,138346308268,138329725443
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:32 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sat, 10 Apr 2021 19:22:32 GMT
syncframe
gum.criteo.com/ Frame B3A9 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=banjarmasin.tribunnews.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=banjarmasin.tribunnews.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banjarmasin.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1506
date
Fri, 09 Apr 2021 19:22:32 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sat, 10 Apr 2021 19:22:33 GMT
container.html
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 46BE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banjarmasin.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 09 Apr 2021 19:22:32 GMT
expires
Sat, 09 Apr 2022 19:22:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A150 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banjarmasin.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 09 Apr 2021 19:22:32 GMT
expires
Sat, 09 Apr 2022 19:22:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C667 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banjarmasin.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 09 Apr 2021 19:22:32 GMT
expires
Sat, 09 Apr 2022 19:22:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ECC9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banjarmasin.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 09 Apr 2021 19:22:32 GMT
expires
Sat, 09 Apr 2022 19:22:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795245888949"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:33 GMT
container.html
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2248 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banjarmasin.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 09 Apr 2021 19:22:32 GMT
expires
Sat, 09 Apr 2022 19:22:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 7291 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuevmrKBeBDWG71q5onhxM5nhjA7QKNEQaKjW7Hseva9Kl1tQlqZ5bJfYQ_lpgmSoT7nkxD0c7Qj17b8gMn4g8SJtlhZsYpsQ_hFOr-QJ7Ur8z66L08BNYeyI2UCDWCnT7AiiqyA6_s2PHLeopSTLef8YE9ZJUiw3Z7gTc7-OZxJ5nBg8_JeRKcy8V3j3h_FIZFTuOeHYSrBdE9FsyxdJu9GV9pr6hmDuPhzwVLjnrkPyLuglCXgBsZa-JjzNTCODkf0M2J37RCoLOFdmgrDNUUvOIrgUogWjx_A5rpVhZjSMwk1wyaQnlkIOWAtWTa11OREHbFMuw&sai=AMfl-YSNNAapCxZYD6S43WpaNBXcDqeqQEzGsOf6HdbnGHU0llPU0_4bnM9OdhwGmBGTB0vNHLlkutKs1Y2ZoM_VVepXykZmtv4KMhoDOvoDJjC70iXcq3Bsc4EOqDESzok&sig=Cg0ArKJSzEYhIDsw4YixEAE&urlfix=1&adurl=
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 09 Apr 2021 19:22:33 GMT
css
fonts.googleapis.com/ Frame 7291 		8 KB
825 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1683bf67bf7e9ed81d1b1d42e95f3c58d7c292e0e20e88b101f7dde8ce3a9799
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 18:21:50 GMT
server
ESF
date
Fri, 09 Apr 2021 19:22:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Apr 2021 19:22:33 GMT
16326417913688203162
tpc.googlesyndication.com/simgad/ Frame 7291 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16326417913688203162?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8795e7756745decfb0f4ea1fa493c86890a4f56114eaa1879df228b9bf765b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 03:21:53 GMT
x-content-type-options
nosniff
age
57640
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17979
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 03:03:13 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 03:21:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7291 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:33 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 764A 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
90c967a7dca88dee0c9d617d90f60a3ca9da84e6c1934a47863363a98fa781e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"838 / 669 of 1000 / last-modified: 1617995140"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20877
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 764A 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsss1dd_AfQzc4xWav7myMOpNDKVetaJe16mtwoBFDPuIqgDZatYFBVCEYd0YIVL3xs_-omOpm8ASp7dfs63wlrwfPArvOv9GGAglSHu7iSbzBYJpSyBr-2QbMhrS2PEi1h8LgjdYKAsKpvYaZyCJLx1TAoXL53-WZyax3fyLX4mJn3AxMwmLzcbdcVr1oaStw_kX63pNfCN6XyD6mStNFLwyi7KLOVSI9QCybBi5_eNCudd6JNyBoYax98NxH0iarO_G2EeEuLdQC0yK66OVv_GWTPrimh-1nhrdqLcmpBAQhJhZIoHpknGadOJVPrZ2UxewNUW4nxF&sai=AMfl-YT2qj0aOLA6ooNu1cxEt7ebyh9fZNHAzitUcO0-GyIbRqyZMmNSoVkwrJ7fkBFvZJ3PSJunMAOjzIlpFy_GBbnWS2gZ43RP5UgsQKA9v1FchBLbcHdTB4KyO_3cL9Q&sig=Cg0ArKJSzO2gPEbI6imfEAE&urlfix=1&adurl=
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 09 Apr 2021 19:22:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8a025d62f50a0de83365c65c788aa96e1b56f2a677e84831c73121e2be99751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6418
x-xss-protection
0
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 7291 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://banjarmasin.tribunnews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
33536
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Sat, 09 Apr 2022 10:03:37 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 7291 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://banjarmasin.tribunnews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
33536
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Sat, 09 Apr 2022 10:03:37 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 7291 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://banjarmasin.tribunnews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:47 GMT
server
sffe
age
33536
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
expires
Sat, 09 Apr 2022 10:03:37 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1B05 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQif_jARi4oKpsMAE&v=APEucNXflUP6L4X7ZUiSe448542vygF50LrCe1TU2IEt0P1vuPc0Y7I9FtIjMrS1lZlpOdQq4tqLZ2LSApp29y87tb4HycFL3RGKxfdXIGNBjNth11_poIOX6nLudX18Kl3bmZdd9rVme7T7v-7S-VCQTK3Mbu5ZMFpjPiZarsVX6JOM3PLR06IN4c1bCUOYXGSoi8w7Fr-cFwWwERwuZ2eqkJpFHc5Guw
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLan3wEQif_jARi4oKpsMAE&v=APEucNXflUP6L4X7ZUiSe448542vygF50LrCe1TU2IEt0P1vuPc0Y7I9FtIjMrS1lZlpOdQq4tqLZ2LSApp29y87tb4HycFL3RGKxfdXIGNBjNth11_poIOX6nLudX18Kl3bmZdd9rVme7T7v-7S-VCQTK3Mbu5ZMFpjPiZarsVX6JOM3PLR06IN4c1bCUOYXGSoi8w7Fr-cFwWwERwuZ2eqkJpFHc5Guw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmhe_FSrffSSRkO1Tr-SNc2as70fKBAWFs6FkDg19khsBggfO-Vjr7usqS7xRE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 09 Apr 2021 19:22:33 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 46BE 		58 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgXI7iCJ7bNaQKvcS1_pA1E3uLZlvg1JEfYlYe5hA8H12ENJ10kTP9WRGcqMsHDFEr2uL96ceotet0pCarBscrAdh7o7Ic_rsAu3xKgosLr44A_br3JwcwvYYEESF1IgtqmHEQMOYi5SOR7XKkxsX9x8nUxQ&dbm_d=AKAmf-BDkh0MzEzNrME2l8hHUxocDDUhqjmoSaXOiFMThk1nGFuPfz3FTfuQI74cOmWFkyF0dZu1IzeQKahs0zqEoNrJhVIvJaHRlwf7vWdZldhQqc06mpKeK1tEf9Hxkxb3i0uLxcPQfn2G9ivG1XN-YeFU_PZRxtgEjmN47JSIpTNXKSAUEgvkQoCk7pOkB_NmU-Ku97U2BiWof-S9gMpUsmNhl0iilmUCAAaQMD7og4X00hPvPCihdOt1YR3aQoa9nDW3Eeznrry5q0S6tdl1gpaCB-G9Jvekyli1gbsG70VEiOW2SuXyRA1DvKucuRS-U6Arifk1-526zjp_mr2XooNYvFvtVlQUEGklVYc_rIr6xtfBSzG5UQS4mZfqZrojtveTZ4hnmzJXVvkbfZh9e6-GOQjQ9EWs9K0o-4AxOf1RpkYTUlJUU8Dwd6ZP3LOyjoHCTKP4xnmHHIM-Ejn6-jDBqiTUAUO0V5eBn3TiGQGA_N-tEBIrg_zgaMPeGYw5yAq1UGCG2JjHbXg3H63vqckHCFyIiveD0VO2PmwOLu4Xunuud7tWJFpCah81mGhotdpsVk74h9RF00q-A-LIrxiNaDX9MQ4Ym3m5NER-qQHeVeRXyqgXz1Lh1ZzQUHml99vnzHGLroyQEm-8vyb2JV0_rYonIL_F4JAzCCzHTpJuDuLXpncD_bi3qmAkjxnhUEABc1Urko7L5V2kAv3DGNw2EzNH1QCcPSYBEgT6XL373G_GYAEvPQsvqSi0VlVvkYKzVvBab5aDE4kIQQ7uRp8Oh9kif3A56WaU-Q2rgfya8YyzEYFXsRxGKQIKQ3sAzGd-VDiw4DWwEG44WLIvVig8MJV4Tv97qxZqi3c8uys841hGAhtC6lfG4cJm76LVS_qMWABFAqx00n9M3p6C6FdczoyDG4ArXkyvbftHRi-B-KVLBQQLaw5ajsWUY9RzJoCRg4T4JmfCxNCjUPMa30v-hwRb15nHxJaQqcR6W8J3Ly5HoskbDsYfcsU3QwAVYKsmBEmnUrtsVNX9Oz7uqiD5_65FPFsyu0_wDuJoCwjcBJ4ZQaWdyu9NkvvTSnNnOxvthtULjkKTSwOKm_4FZcAstyAa2e3yEX7wpGmIXpYFSQm2xhi_Y9Wbw2uR6_6HjrBT6xKmNvfUyWFuFxXyWbNNWIGALryuCvV5PE_E-UVNO5pv5WaApdnMWb5jJJgWLkU71LuxRpVBw91nYCSCakbZebGnbvfBvCiXN6X7gF8wzygLFuQwmOGtCrqoAgTHBx32lfP9XCXjNXiPOTSKFvBSPh5gMRP87kbHstidFaQtXJK8GaBbmaXyteOnQqfNZGn8JQ18D23zz9jrFoK-L9dzmepNAQfVPLxEbn9c-5f-SYiBKp795g0z9GE5G2J5nqcuD1UqQPorff6N1Ta9sCZBpkLwCXfZCCaTabxD6YK67LYC__JhyrBi3_WKxgKC1qq8iqv5PQisf9WGrQI1mYxkoQiEyLzGKKvol1RMwqmYMugvKL9B1LcbLq474sNL-n2mvTBN2S6cJDnfnmI7jtHMxERExz6_BWIoqXnmbKJWSYWpIXukDuJLgkyMyWfwh6H6UYqecp4f_FoAXuDz87tedMYzZH3go-QZtXW0dBGhopbK7eMbcVif0VcaxtKMCf6lAQZQWNdAyUXSjhh7f9upZUOdQVLihKZBH1xzsNtZ3O6hcTetQBNC-nrvlPTU0TKJGYijPzhwCSpktPM5hPL9RIWmMXXE-iW3MYFnXFx7mbzccqoAu7YwXPHwi0bgcse7jI8gaxfrnuYtJgEi3xPMlK3cEm1Pcs8vPFe6C-x2Hs82elid_6FuOk-OhA5Xq8g0-Mrt-m1XVmCYEro9G2kC8AAxjqZN5vlnlsOws4pkYExBX3S069m5TmlQxCMnwG_joOmA_l5XisuSO9GEX8sPp37Pow0xYgdnvaTVVNnjZGs6udWp2oTQ_ffu_gPcfd19R7WgmZ5KfZBDscAEKRDsBXG6KEKXSJI2aRZoMOck8QbOsxoZq1eu2ZJfZkKxRFkytyGm9yEWwwZSoMxMpvgFd1So3G_Izx_aiPyHkCdx83sogsgDA2NEPU8dNFUKg25ar2QRtUAXg75nr-Ujn_refG1i5p_ciU1BrUdBexMV1nRqFwIG9LAUkiclzYXGvoOkbjEYyu4lXzYP4rtTbGNsW4s2pY9upKvqqZ-0DwHE-EQ2VvZLdfRHL71iuqeAGFZU6jXHdRinaRC_anyxQe_1AAvM2Ph7vjbTREziWZ3BPUy20Diwv-1Tn8cTP4ewGV4ayHZmGhFRJy46v2cwDRGyPozCnMwh1UYydhVv8QrUzXLWx4WdUhNffC1ElhMUlGK8mfldy3nev6HshUxTyUBroCfEbp9z4CI9K7A7XvNTqI7SaVyW8j5NhPum6aqPLzMd6OwQD6PwbS8YfXck9SuD-Jz4x3MI88X1kWJ92EVpntzFMaruZp61-aTUiwEKDoMpxy7CtSZaHn-tn_5MOJYhSyS3PdffqaU_-RJuOk61v_oQUXgsgQYCfEtrXet_2DpWBSG8C1Lx1lpk2KdayJ8ySan4cekHQuSndHXQq9BNXZ9GjlogmxWmUNxNCcQXJA6e1VuX_lRZYmsBU4bWf5oX0ocTVVoxVvs4rx3Z4-WwhQMyfr33iYGypdwVBjRQXXvymwPtjow1vjfplw_IfSdxyrABrIOvPYwcfMwBNlxYmzkGEQdYJ4isENnQk9g9ZZDcVswXtFaaSFLxJKubOH7LAJUGhxzxknuWoa0i4GaKrTGpiKN34ldmFme4wOCCIHloqgy2Vjo_zcFE9BBdrgw8SZjKz1EfrDK96nSm2gzVDNImWNPdBW8HrHjaoCO133ukA_fX1NSsgqe_TuPPcf0YQI9eltmYNvAunPoIPqeunj1OGKeLJAObGlKXyKAeTe3BBBFuZ0NK-ILdR6aAV93hrdD3zkFupJ4cGNcoM64hUZKbwPK1sQSqzdbUqIljPpT1qcaYpP_mDWx7tvIrL7Gx1et2iF7scyI6xWEWe9PHpxdN80Q&cid=CAASPeRou0CdPlOVOSFtXcjXS7iBiIRY7o5olB4AD4bzq462fw71h6ekI5qz0PwCu4BLGffqIk9Sx0AVHp04LOg&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2a13f62ff6d3e3ec41570ec87925881e81a046db39240e61f51815315c74d32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23454
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 46BE 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWY2c2nlSeVTZ3yOebBfh__m5WEJRrs3L_6aSImcCBk3GKD9ZTqJlua9ah83z1pHfmS0PUdQvv6gNev_JntgicOff8mnpsihbHwEuFPFk5WbwZAvY
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 46BE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 46BE 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 46BE 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:33 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E61A 		624 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COjZIRDakScYl5baogEwAQ&v=APEucNXkg4b216Uc6b65tMmTHiU0Is-JVcU4XCl6ASzbuOlspFTIkUqNgIWMSpSpYf079ylNUJtmzxPjqNhxaXBwEKwUqLSkXtJFHqyEvm3E9odN8MRXvmVBeLIZMdk-qkK96UfbFWcQ_NbxAxBkN4x-6HfAJlCv5D5_B5ZUdk88qnHn_7Nnn7NUXd2ot3eban2z_xr_2eoVc7nfjG01iNwQHcn2U625rA
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COjZIRDakScYl5baogEwAQ&v=APEucNXkg4b216Uc6b65tMmTHiU0Is-JVcU4XCl6ASzbuOlspFTIkUqNgIWMSpSpYf079ylNUJtmzxPjqNhxaXBwEKwUqLSkXtJFHqyEvm3E9odN8MRXvmVBeLIZMdk-qkK96UfbFWcQ_NbxAxBkN4x-6HfAJlCv5D5_B5ZUdk88qnHn_7Nnn7NUXd2ot3eban2z_xr_2eoVc7nfjG01iNwQHcn2U625rA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmhe_FSrffSSRkO1Tr-SNc2as70fKBAWFs6FkDg19khsBggfO-Vjr7usqS7xRE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 09 Apr 2021 19:22:33 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame A150 		23 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BM4rzPm9uZfYfx7XkCZV7Qk0W4YGqVrXTcwYtW1-iAoJmAxDvkZbg14_51xvM_LajEnhuNdmmDMaaXo5evt_t9p7IaBROR5-2VNqAXkB4f-285ZPmgNt2Pm3QE_hp6rYG9bFDq1O21tlEaCsEJgvE8m3492A&cry=1&dbm_d=AKAmf-D0XVWZvaailV14l_2r3rrhg45fNvLACwVf83l3mjNdi6XTbL2DhyJWSly4V-v0JcMgmhkHkS4erMyXsSyPpNtYW7CvaqgExtD8MRHC-Nz2yJxasUuDIRhu-LlsOGRGhZlvNnjoAE9iVZzMwzTN4BSNhHpDOhvB-emEMMttwKhzd7kQZtutYzI5WCb1L8xBk5Mdr7Fhkzx0nmRjtYmxJZnO_JhfqPEyRGrPCSLtOFUV9X0AiN807S4iI0wtXcfcylGp7TLqLVd5osjFkAjgc4-dpmnCs-FAvzgq5IBrqZ-S-MgpNeIJ3u6JNRcjFsXoXQis0_YiUNuwIGVcmun92cR0onsP4x63PlpjPE9Umn91y6GiLPekCcr5aV0DlXpp9XYhF6cE31thVLdvtxGZquanR6xpuCNjc4BuxmCtQ_BmXmHn4k1CxqbEFcvkmTlsgUYNpIYAtuhqRl2Unc1Ppw0AI_nCvdtzKbtB0FU1sSkl8iaHymwSHh19ck5Q7hPOw5REHFMEdwjhmGOkqi_RyKnl0pVthID7uRHrkIRnYZRGgPQ6ndkd-ETN-bBLblv3Z66UdnEalphgeFg4P1gLg9BSOzo4SWCDB5c5BO90oruXk8wTE8I7Y5wRDT09eaFOknPSfcjaON1nDs57UCRMQ8iJQB5u3G3JryPHXWyfgZXbdziS8QL1QGsUAv2-dXyLA_aK_SubTwECzNciI0ZxXGTET-bNx9GIz8T1KF0ArPjAP_rqKUKPpWCbyU39TowFRhxTubaHTyLpgaN6YygX7i28uTCnV21nkJAnA4O4YqtyynSoKIKUmVXEaeBBYmjinim8f2vPnZ-q_ufYuzXK2Xcmg9L8FEvT9uFwBwc0jd8OTU0xme8pkRemtUD1cNZyEsM5wPAG_pYuYVwjsI6gLuVLnUy3ogzLSpnSh45R5ShgcwySMDMIRQ7iM_n2vhPwq1QG0foeqm-YzQlenhmLbYSxUYfKS_las5OpwDKi8_vpezcEoHhfD3Ep9cnSJPra9OR8z69AkfduFqzcckM8l9gy431-domTR0NKTkp9CLaKsxLMyR-TMUsaDMd4jAL7Pjb2rWfjnf9SELHXS9o8YECMsHgDviMyLAA46tB_K3oLkzUp_NR-b5b-miboowwWmR6k8V3KBaxTLYRBerzSEEDIQQQA5aWKFouqms3W7F-9kbS-jU3jo9MPm39l9_1rkiIQzGrnpnUMeDlApSnS6lNqeav-LjEYdI04io357I9Z3J0y1DWtbgCSeGSVyiS2szHCL-ELvdUGkc_i6dUD8nF3vYu8nl-_SCF4IKcSTaEBl7JBGSe7t1RVB4AP0p3-aDcbl5exWsA-P9qKQZKBHYB1Vm5FIJPEyuzLTImYl8tqh41Ha45BInKGWydQxYAz5BqoTLBwakEa7i_6rP8EIuHJ2aOXVOROR4AFg2FixbIVzaaOcD3sidsWzTOemgv-YgEF6P0MhM1hJbGgkFtu13XIUyMtPQ-AbrYaC2B4CaDN3OacArQss3XA2gQclq0W3cY4sFgEVB8wod88GTRyzxDIq9SmJsz4Sfn9cG9nKUbychX4K6wT8mN-kiS7uEiN9GVlin_cFNkN_jG55Aod76yXf3014kozZSOvEnqz0HicAXbdb87lXJu4BUACyxwjgDzt9CcLllaVnsTyuPJEWomEiV-o_79hNHh6jRmlKEKDq69lRIPR8tL_wZCY5k21R_bJA_dgTJFYRIZNtqpcrOg05c_xKeTI5XcQ8CttpZpNbs-2DeKfDYnN9kMxfUP53lppgmvrIF2sOA1o9IqDn05LrYY076HNJAuUPSavpok_pvika3-udO5sXg1A4xGmfOAWDgmFDQNOYgIQZIm5Mvvx1yUSE5E9am0M492ZMCQEv5km9vSK09ad9V1UsPgOzi_JYBats20jccWbCebxYtcxjs81Ayl7S17nkS39JveirxQ0EaO0WyngVm8xwGKgKe31_klr-L1WJLEf1kXNeKXiLcAAcLazFewRXVpbRm5LUsHPAl0GyZifwRtvStcJUFwNqmLfdZqizOO-G045X-izz_U9e9s6V4rnkOtaSD3Ep3UMIei3c5GVvE_e0qzOCoWud4cvQ_Q8K1qA7Oao1glho4cn_q6uLQY-xxfwjroJ732PtygtmaGCY3x6NEvdXVoNLLQBs1M4MMYzcTY2QZctq2isJTwWvLC_FOy7oI3eGJN5hNpJj4GFoHVAG3YDOkBXa8o63PpSzFQ4wHeMZmfGedgftcE9IRV579JDfECPUfvDCGKmmI9Fr1p4dT-OSjpUNWXEtNEkeBZwh_H7zGNu8Mj0jZpX7BKOJTVWYycZAd9JGCzNaVV7D1VYWMMg4Dy7vqic7BDPEBwoaIRQQQABdej4JRwn30JOCTEvnzjqH8DDYVIeRt9dR4NdJWqjV_GRLqqIVZZC5Q0us9wJZEjmWB9X4EEsFTWJdDrtRcrqkul580hAiDoNR5ztMROUNECb0XRA2p61mYXDUR9doBjnR6dC1bPJ6R8aFx_T4dXli3Sd3xfPfUjg1DZmTt2DkyEghv706F2e5wWV1ql27ssKOKHIDCpeY4ykuwDW-jlV9nxHrhSxNjYSamyo8vjSYOmgB4a99_zZJijbOeEfoEa6z1MldEQV8D_bvZG4jhot_J1kbvd2htI-D1ig5zGck7U9GWfzMLWPEgAwtH7sU0BJrUhajWWb_ayLGx-ihmhietMTdxS9SdIaCv-FpdsK3hk30eI1sk6094TjLXzkN7yuggVk6LgXmwiv6itdznXOdDrFSkYz87WNqtZ0947G-REIZtFOuOxCw99Krw40VIrfgokVG8D6Umm8FecdRQV9hUfXC8hZvL-AEu8DW0m7qEgxmUFTsCb_zzKr4GK9CAvgc1KenOMmMk1kffX_Ecy56X4x-Ba8AooLalj5IxbnliPURYVnMgHURmvs7R1BDxZJNfJ4B38kqPbi7QnFTvavSp007NoQSMMdSUfrhF0oRYPIypoyHsTdPn8waylY_-bq1xC8Jqzwte_5aawjlVVGwegw04F_AeysPnPu73a0WvUtCkAKckDLlio7YZjR-Lw059ZTGtBQi8UVaEkQi-LzWA-K9USgGD-JFfrSDY56nmjWdlYm7ZlBuDvMpaaHi848ItlbneKyp4PKyYKERsL8SeyTB2FxfHTdFxeBZDLmpzqjC34B-yUpkwfBGEfTK2kG-cdHAXNOfrfZUkp7fqmne2r1hH3cJlFO-RCatXgyADyTXbZNSsvQZBMtQS2icxjfzDeQbla4_NLxduzY4cycgQeFNCJMtSUHbkvWs1G80cHg-6Nh1o7jHzNwWZpMFqEY4StOFEaCYIuNFIAhqAwDqriYcS6XsA5HSyTIBP-DDPCkxoWqm6t9-ynJLOXetg-QPa4VB6xcf6ov_39DH8ErTRf2u7PNxrfd_6Q7SK8FoROgSiPEhCP4zyCY4j-3OKaFP2WC5vUtm08HAqJfm_TdCDRyfdDE8l2eCe5eGru2vsHU2TNDEGgdDW3hrE6NUNhbqRmgnah2AXc-8wGl1lBmzdS0LBF8eh8w6seXwCFkuSV6ugZ_x26ciQeF1tXdtcN2gbBA3x3LYr46lGfxiwRlX4gBx0okHHjfRD4PXwPQPtPq2RCxIjetIfSh0pxnjUlNtBWPz3QaSpCMB7yKpaYDThHzg5WhQQVBfSsyZub4GfP3AuL69xiE0fuchVAkPPypfhVf1Xj85EDANpp5Z8UsZSMrecK4Y1NXNJNe470cAq5DnAy8&cid=CAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12bf4a94a12f884561b2fad68b81e6e931b57880d7dffd1ec6ff14f5eb0e9bc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11391
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A150 		42 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dx6Vow5aXg2X_D2U5rraQnvANMeuBZ_6-GCzCXoQPkerGl-WTj4yhK23id0jMbS8kwhTXGgBSPKNMP3wBBDb4CLIDbFrijwlvEpuxctyxnZcgAMwI
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame A150 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1076429961&gdpr=&gdpr_consent=&w=970&h=250&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%26sig%3DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%26cry%3D1%26dbm_d%3DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%26adurl%3D&e=0&ord=1617996152951599&z=0
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
80.252.91.53 Amsterdam, Netherlands, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
01ce9078339e0b847b50899a774d0688d777017fcff9d128cc20fb21944aa5f2

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:33 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=UTF-8
Content-Length
6389
Expires
Sun, 05-Jun-2005 22:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame A150 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A150 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame A150 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:54 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 49F7 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQif_jARjht-CjATAB&v=APEucNWxOPV7LnVob-qOkygECkSvISxNb4vwnmgFXDFnhBlLxCOhZtLaJJlZmcb5bxFsBnhPLZ_tbrqroL1lKNBQykAV7xknaCUFqZOqQ7S2jb7wxW0s52yDh8yhNyUnvOsB_uUkHlrKMeWZ9sHF4gmxQhCwIjALU2-16iB8ZbtKKAU7o8CqeHU3ecgEB70yc8nQCtGBpcOs9oQMQRM6eOiCbQztoOBChA
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLan3wEQif_jARjht-CjATAB&v=APEucNWxOPV7LnVob-qOkygECkSvISxNb4vwnmgFXDFnhBlLxCOhZtLaJJlZmcb5bxFsBnhPLZ_tbrqroL1lKNBQykAV7xknaCUFqZOqQ7S2jb7wxW0s52yDh8yhNyUnvOsB_uUkHlrKMeWZ9sHF4gmxQhCwIjALU2-16iB8ZbtKKAU7o8CqeHU3ecgEB70yc8nQCtGBpcOs9oQMQRM6eOiCbQztoOBChA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmhe_FSrffSSRkO1Tr-SNc2as70fKBAWFs6FkDg19khsBggfO-Vjr7usqS7xRE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 09 Apr 2021 19:22:33 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame C667 		56 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9YePat8F5GcvWkUQ9_6a_zLLR0MABbC3MoZe1umeQc9eE4OqBzMsBSYs5GRFkTifoBUXg9nGKAjTCs1q4Hn0OViy3ktQWPkkrkKc9BHImzpf85uSmE7e3QmqMqDxOXzPxHWlc34dT0BZTDPftvoZ4RO5E6A&dbm_d=AKAmf-AZCmVAjDKfQTjuxUd67snAjQY-fqenr2SadxczQHEnCSBbG1zHegq3aHN7adVHoxO1eyVgUfS3K_uIcIH49bciGiPg5YOG3EfOGbaCyIDZDr13vEpAR6947ZsHREh_egeo4aYtvpTHAywAWPU0xJFpRrL7nOuw0x0DMLroJuaRtNzuxFxPVM8llXKd6b0az1kknXMg0CHEOxYoPJ-huqfKvVgj3MfX5Jr5NGVautRxMoAVbzhzWTcC0CSH_8wn4cU1cZcYgnE4FbEOxUFD9MBkb9id8l947OH46IaSnjh-5z8NoWBYOuFgSCezcnSbQJoiUl_iqrq83jW1Lkh2yYjIxeLisFwQLrIz5Lf226yBhs1uGoAqn-pOFNn2neL4hrYeCRe78O58ltUOerfRNYoXe-OD6Pr8EA6FeZW3xEYto7mI6DDDif-PNO5w6ntE-KrB-BppE-LSSl6FJkf7rNkHQ7pKJxwgYrRfiZi1L2Al5KpX8Z_z4Gau9LOlJG698cfJONp0wMqIgrl0_TLrB9gvpRp3NmCrGCpQqOvHq1HT-dYZptL_BCjLir18-fA6oYQ1zb53xIxNq0iTiKGvg-pOBQG1pEnapDHyxplDPBKGkx7Eb5n7gG1lWXNvNeJy8cRwK324StarISvCzUd29bqOJsI2aidjcRs1_buFGT8eII65QScy5zUj1NQmX3LzWBm97pAZjYg6FbMhgjGYSY8oc-XIKr552sSNnkgnbd8KvhPYfvUD37Bn3BrbkGm5SS93lKewptSFKFFJv9DKdW-9AN-rr-QRlFBTIZnaOWXYZBnh9MaC5YsLcj-gSR_g1zacEhfngjAqVGr-3BAFOD6i_qRc85FPbxgqJcvL_5WLKSimG_ph7eDTTN3Hhnb2KyDnQ4bf47gcxH6MqXlSmz8knnQw2u33CpARHRlnFXC2N03R0HaBzcGUSic4ckzsXROykFQS67r_QzmTiCJSwZoooxLqz7SqjfzmBG-cGumc2jzxFccEScCSK8ZDaOQecYN69esupoL-lyIEF7TYXXNkHFbUYAqrCoQT3THLRu2vmO3IkemZOEJCLLHLnhDK1fFpgW65akZyHXWpxWyS0kBZ5VkGGZiLEO0IP8jbT25wC9e9XQcZpTNwQYJV2euv7TuTqlBKmngh3RlvZdYUNGe-PimXUGjjdxGbqF3GdQQxkHVQZRWpxXN1lt5TBn60wdeS-rKopLBesF8u5HJ8UI2hlHS4QfDIYXCu5nWd2pqQ2CgLvdb9oEps09N-V-6QraCjJDbg4reNZnVv4VgaEiIXIPpqxPe4Atc6ZlULMKzGs7vgaTJw22JOobgcQ1wLILdJpTh-MjGcrMDXmWYbr5Nt-cUtpypgJRuxdZGHHC9NEFbV86o1XIAacurQ3p-QubqyQxVYNYVc_41rr7Oe3nNFLC0Unu8kSY_b9MO-iGqQgXssR6yTH7Z2F9uVodb8ij-OquxDK4YhJ0bkiE79gjpzZX5AwnHGMoMYdDAgP_TLPo7E59WDi3d_GZ0lNGTZq8slKt6o84sSoQpw3uFQ9hJT0PFZ3lL6zx_HkQCxWWkmOCx4WK_E_7cimUTF0z5PxWc7kNeH1jWyRsOQLzQQSAUpFARTtgbXZMbhvWqvB3sWjsDWq9K77oJ5MRLQVE7sUDnSJp5BGqAp-FXQOLTyIbx_l5VM9P7XWseGwllRqeih0Hs2QA2dBXgaEiYJLyXOfzAhRyzNaIgyI0egiFJF3cN8tGP2zxPDDvdPNTjh6TzCQDdKjO1myvIroniHyKoBvA2OJlZKSryCQfv4NBQTeFxCvNhCpH4xusp53ixWDIayPrtb3eigACSUEvnOgQwEyA7z7C_VJEDN8eoFrvwYGJLS5cQorU1a9_Ao3xldDOsfyLwuI8tEs7cbeYLfK_5CEaRWH5dlzbnq431YDWI67apWzySLyI3y13PcwGTFw9zQ1bOdcn7jdFxs8QBzBqXlULQMrj1K-zQ6Fhk9MsdNxFhPbkTUgzj8KjA5oY4xFZfMUhttDJXci7d3fVFVy5RlESMNhJGIkPjFtQkyb2Bqa_qIFbXKIrDKcbEs3a8TwRYyqkN9NoUw8BKJq0J89dS81OkQun7Ax-K0fWMJ5fZJ_sXKGkZAteDoyYHCHIxzLT7fcsKYkmBUnoHPbPf7m92nYoT5RtF-jZaFXBrHEz_OA4ulCNiyhCskluIHy6xU3SDxtKRcimqU7vrmY467x6GZnr6r0lT0mSbroauqYiB0vhPvoxqK7pATO9caAgJqI-ZFkip6GGqSkOLOd3BrPWP2-KWQWp8aX_2THISBlcptjE9EHHmz9hBNOKuCuba1OxFUD2JInQxuwTj48TgdQOj2lMu2QVnAnTZyPR5_k6d7XqzvB_fxhqOtnvnncvmTNvYe1IQUSceHvnEz8FGQanEnMPaxH9iaEIJtBA0rkWEk-1ShAVWAT9dL0qpFsYWR_vJgXiMVXnRMlmRsGL1YZcSOIzNcbbVFT1S4GZg0E9qEm4Pr3aWH1k8rUykTO721YjnCQhToUjMMhYeO57feJpeo_tgujSl9adWN2rUXHxRi8GwRlKCrViB6Py2UrcjAAlZL-eb_FnuEh98e3urX_milIosl0zomatntHOb16t5Wb1Docer67KwovuXW-MmT1VqmNUGzk_ES6gWNht0l5OQ9xOgT6lZkywTU52W2E1JmcdHYNbSowVvxqyU90gm6gwa8s4bfiBEKw0qlBgoB7IjHERDfz_O5B7Uftp0QKP2MrkKhXOFo-1VHF-Blda8_3Z0Vf_rfiwYsP9pfZ6zVTgzK9L-7lujifqiTtYWf78gK6fGRElVKHHe4CQu-n_KtRsldoeNHUNdaKCs303Ylui3sfOFDFSFPP3ZjuOy8tXCYAkmqQR2AcjEBtCG_IaHSMZL2EEWlG9Tg0h7TN9keaI95092rp1V3egDwgaPlMMBb7bdVImwebFexl16Nvo4HFVPrvONfVKZpsliYxzBl48LRM2abUYwF33zjLdMOKgBNJU3wlqJNllVea24lWmaA-Pcoqsalm0M&cid=CAASPeRo46aH9p22baip2McsGk6s-C8wat07-Ruoje1lR1H6J3phYXT3_ruxHGBdKz3rKvla245zUG6Btfqldgw&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6081c0d265461e1d2edfcdd275ac4cfaf1fe3dda511c2946618d0a892c986de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23044
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C667 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DVa9lTjDfCs5wE_VGFhJ3bVSNJcRLcT-YMJ1x_x1CVVjlr8a17FX2Tsj4n5GnAengi-dgfHncsC-zmgWF9lhf3zgDusPf0H8pWuo41okSXw3A1Jko
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame C667 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C667 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame C667 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:54 GMT
l
www.google.com/ads/measurement/ Frame C667 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVeJYdzN1jAaoOIMgUCimWWchlBp6LcyxWMg2LTMyaFxMaaJa3G0MmvgOBxRXCXG8P0TGW
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pubads_impl_2021040804.js
securepubads.g.doubleclick.net/gpt/ Frame 764A 		296 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 19:24:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106480
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:33 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CE66 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNXfbRDCtCNDneV-MGOe9aES_Rmg_WAyb3V6dmQJp-nBuxa8_DOZLZ64lghvkZ6fQKhYpQVls88d5LCqrU2vbhY5Ja8abjsXR3rstaJm3l6LYD-UIpMDoR1UkkaQAVfxvhRG2KiY4S9Nzjjk2UQZIwcLxO1EFei7H8xKxbpluaLeEKfWmLuSzvjqF3qNqd1aNL9PClmgQENQW_YdYFQsOOjPzZffwg
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNXfbRDCtCNDneV-MGOe9aES_Rmg_WAyb3V6dmQJp-nBuxa8_DOZLZ64lghvkZ6fQKhYpQVls88d5LCqrU2vbhY5Ja8abjsXR3rstaJm3l6LYD-UIpMDoR1UkkaQAVfxvhRG2KiY4S9Nzjjk2UQZIwcLxO1EFei7H8xKxbpluaLeEKfWmLuSzvjqF3qNqd1aNL9PClmgQENQW_YdYFQsOOjPzZffwg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmhe_FSrffSSRkO1Tr-SNc2as70fKBAWFs6FkDg19khsBggfO-Vjr7usqS7xRE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 09 Apr 2021 19:22:33 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame ECC9 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6Uv8B0G5GtXo2IWlMZ9YyM20eKLXPcNpdlRJKCyP1EGqUlqAGCeO3ltleEJ70uwCThgzl-f47y_Kjvwz6dYCn6xe8XeLsxuMb2cZsQSfEd9k1TnGRZKnKRjcmygRjSzrZ6q3kdu7cYl-CXCgkefeUpDSuSQ&dbm_d=AKAmf-BGAJBpXB5q8WUDKZsRQRCnnCY6YmxHw0F_b_naMH1oczEnB_Tex0T_MENqjwqsi_XdIvF5PMZ14D0tZSGzSSspywhSEQLolGtKhh5WosTkn97V8G1w6L6jgpQgwVeOP0wHq-oX1kAY0kRf79F_UGtAAJCNp8xEkl3EsumHgEXxXAKLJh27wyvyE3igzzwzBvn5XQO0ZY3tr2f1V2jvic3cmmHeBrLi2CVPxag_u_j0HV0_lLLP6v2hfSWKU-twbAqBMSWKWye6fi-xURZc9__8bx_UZbQbJo9sNQDAWj9vG9Nhl7ZEloYVRm4wxrvEXmyDGFZIWsIxJtMeIbEGch_q1i6_sMT3qajYAFr4jfiRkXF7fGzONsf1rL0uC2gV5tgqd3u5HAs_uVzUUcSmA2VEhRzB3Cok48XYAt-6fscewYPmz9DGvizd0deb4Luzp0_5uNJqUbsnOhGwLYNJMbZlCLl9EgiblcxoxYzmuXKxvvnZ4XvpPg08I6ul9LReC2qDitW1NJaGYOMb9LClZo2o09BA6MCWQVaiLUcv3n_5Yyo5W1LG_FNDik2ZtAEYSW0tPoOHNO5wD09T6ssnNZJ5vr8JmVPCwJxSxZU_4C6Kgqbx2PNxu9f0HMyBtEmlr1YlXs1TxffS6Ez4SqdveXEMSmPq5-sxO6SoBTZlZBza_RDuQHd6OM138CwIigvjLTymg3ookgltSHTREnFU1vOk8GcLUVJpFSm8KeCpi5h6oVG8S-OfTj5_sxfT4cLwYGKlBQQtGAQl-D1vjQsgHPO2UrTRYTnqGqrNUwI0kM_xALijY0uThn91K4ttWO3QH_Hcr5JjTTGAsu0hTiKBdvqYkPdueT6hsTy95CNwERk2evMTARzSWU6U1KhChTPWNh66mbGHEMdqkoejlIE4J-taJL6N3wLvRsaUAuQh4BhbWzKfVkpktptd8U9kmxnHH3snYFV5Pd6wAbzfrLrnH6hJuNc4czUHdDaIBXiAskWR8qAW0yXbrrHIMVSVGV_80fWlL0qOnqlWzdlG3pQdmJwMn6AeFlNZqxAMXOhTrt7lrF_Zb3n_Dy7RUyw0OlPSh72yb2DQdkyKPicohCP3Cq7-hEwMmCewlEHCPWBcasgqdoCdig7dOFE1NglcIJ9B3J1Na3CbQg73Xr0fW-rk6hrUokSzT-v25GNBJJZFDgLai2npULxTkJyZEwJID7La9DUmvHT3hAzyBLkCKkLDSalS0RvlBETdlZk9O16Ncb-Xx5wkYZ6dL9r8r3jnC6uVRCqsuqK0Z5gLIFBs5T8SHppmhRDEYHRXZ4bNbj0e2U428uDV5QnN23aiV_WlnEFjElB5Oobhe9uApvtRTfsRGl3Tz08mH7UjfoXG3kKxuX3nki7pGNZuwmCMHfoMwE2zviqvcAutKjivYS-pD4MqXC-zaLVwcRhC-6gFvTHR2v3DZJJ0y3wHxa7BONDNtn1Lz6z-5YduoCg12-OoDedHPFLsXPfWC_fq2xxu0BsceX9j-kkW1PYf5nef8RHFb_lk4rXw2smsA8VcA068VDG3l0QXO7U23ieNVsKzrLxVTLlEnBZ61WvAmZNxbZ4lS2YBnc1haO1NqyNLcTMqsUsLD3JuafgzIipKHwnJfVkwcWi4hbCY8Om1T9o0qh6tGtpnWYFUuRTTHMMK3pivvlhmG_ppdIIlwXVDBq6hDKzRmTw0MN-ydH0qvKgTuFRzFoeHmtzj3-NXNLloqV_GGnJVzU44pv2yi6FhzadUydlH-vlahIMeRztJL_GIpQnQefu-db2Ab8ErZFo6eCy9nwHP5xo7SO4UCXrddNP84Iib_epQ3r0FfRqOTBFXtYjW8AgndZY4fqbpHYmsTN3QRDQBmeT6gFKBRA4ZWIGvcUQu2n0dLzFvskJYvBC89AYLFEo_0gzIcaLZhtiieF7kfiuyrfhEtv_BogIR4gvgfjIJbIicmLaHlF85KAWmvh_VH3NiPmOrt0HTEeHyVBDlQC4FTJs4GCuCqPMn6OXo6PHaSm45l-dGa8JqmRQYy_XF7gR4Lci5A1Tzr4Bx9DiZXTEdMIqKtqN-0UJnfuu6UvW8kRRCvVjzwGKBcenw4gmEcLxBVWrlHW3tSZ16f-jjQKTzAEgh_CUGrnPShN73LQMFpp6KmcwSWq68V8Nq5umIj_pfummj7F3c32UqeUkbQ9U5JyU3Bwm7X68xjLDcS_9Zu7sadkZPUQ3SOuNi-IN1Egoyw9Ir20v0oCsyGsfzLmWANnIItwJNsJkdx4JwgCH-hiC97fmMyxiLfbBS_AXpCtRjvWnhCneguKSUC6mN_r5vId2mxK00WJxogmixH0DSEAMzZRIm4RLhAq2X1gdZOmCevJWzfCRMCdi_3IUXJOPriPlEh4ypJBitvdMSSUIkbevGYI7GXrF7SRznoKoGMlZdl2pGKLuksx1rcAzgEQ55csjLpjyiiyL16eDOD50hZ-ESuTgcXPDC2fXyJonUvlXFOprqU4LN30OkS2Srbxb4zv5LfRjIlZiEFaLES3xPMdx3TZT4-zuZRVlRjH0fWGVEiXyExdJHoTv9fQs9_W5UU1IX-FZXoVL8sIXJ6_QZNvh0-NdRheKbawRqAnl3ZhsfnF-ooq4cSAsUON2EFECQt1ZcIigstenUA8kFN8-Co7XCJqNkQf_ihz8ee9OrnKaRZof5qWDx3nQTIuhaJetmQoIiP2hD3JhZs3o-FVXvY3VhyFx_7ioJzmi-T11D8Bedch2wZmaOGqzkvmzD3Heh6ETMhw4OVoJmcTk5yloXdZEB0EKxJqONyEONADhXp31QnhllhSDaofyeJu0GG1Rsr7_hH_7YBcF9lh4kzYeG7Yd-kEJZ6H1PwjRi8EWLUgRbmdokFqG1vAXoe_rhMSv_dd1rWQJ8SSWXfLvLc6H2VSIxlI1UPhe2zWAERWa8-gc6i1MAKUe44AR_9QFOSizkAWnSsbdBUqCe5gUH-wwvzGKgiPnQVrXnMiDutgSvuFrPdfjzb4gT77PAaV9NEM4GXlv0eM3l2M0eOH5t38UniGJy00tXBdvBRPjyj60bNhyW-Xom_Ih_&cid=CAASPeRoY6OWGOH2kEcOv5md_u9ZraaOMwa_nFch7f3YtRjAVRQJHpFSSysnMJsad_eKTNMa5PmlcAqyTLZ-sZs&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7f51dd9baef0d730ea3a2e5b808626fdbde8cdebf3a7551c9e66861cce03385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24879
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ECC9 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CX9JZ8m0G6KJMXPRAbsIZkuB1ss5ERFg2o4bTdMnvREI4auNv40HPadfp4-xHeNGKrcE-0e9GJR64QMri5KQGDFmW5Qu8FjRhvCNZYLgIQcEdEjhc
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame ECC9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ECC9 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame ECC9 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:54 GMT
l
www.google.com/ads/measurement/ Frame ECC9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeEqyphGT8niEO7K-B5xder5mILgwJ7uHZ3Iwod-xj0Ed3Wr8zPooQ8RtQRPThstd5l7I_
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 7291 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44ca6f52d583281516e3a7dfb6ac8ad7ebd053ce2456f413be44f6c13576de6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame C0A5 		640 B
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNUbwhjI18W5qLlShLU47rp8vfDy_UYrk-fnlD7IL9oZVuGTxiOj8lkqvPhVUYWqWnageud6_SQjtcbKpHbGyOaakmupFgLEPsg-J5w1zmzsw_ybdm1URaTApMCOebU1jZb3YhngqTmoW68F9bklBQz5ZV7y7ryubYvc821zNSiJXQnpbnz9UyKrqiVlJSiBn6-JWHX_xZ8dT1_ZpbuKRx4tSVlDqA
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNUbwhjI18W5qLlShLU47rp8vfDy_UYrk-fnlD7IL9oZVuGTxiOj8lkqvPhVUYWqWnageud6_SQjtcbKpHbGyOaakmupFgLEPsg-J5w1zmzsw_ybdm1URaTApMCOebU1jZb3YhngqTmoW68F9bklBQz5ZV7y7ryubYvc821zNSiJXQnpbnz9UyKrqiVlJSiBn6-JWHX_xZ8dT1_ZpbuKRx4tSVlDqA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmhe_FSrffSSRkO1Tr-SNc2as70fKBAWFs6FkDg19khsBggfO-Vjr7usqS7xRE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 09 Apr 2021 19:22:34 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 2248 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCetNuuQDSXiPW_Tdho4pDddIegiJhxSWJx2rsdJd98GRSCMPc8LE6rFzzO0qiPtoiEeqtHSWtHZMPH-lCqp5nrYDd8i0gvf2TXRz0oQ4XL9K8CP67bxxw6wioVjMsU2TfBlgfXuFcmaxcGzfKdKKqe9sxQA&dbm_d=AKAmf-DmoohGJ2Bk5D6hnbI807MFfIs4zpOhBCEHfButWve0HDTlBTuOCorY8FKyp7wUtQzDY8S04mlWUJc0P2drdjQoJ09-PhCbilN3pUpZuBHDysYdN3uMsAyl0yfy0F89sR9CSZZCWRKqJlUCM9nVcSEtBU80aJHoVS2jaRZMTUvyNtrUc0obhZW2RkdXeCnV0ve8r77VWo9qiTCbRZ49JKGjCBnPsl-2ZClD1b_sq7yN-fvVaDxO9QOW4h7QjFcVU9EL_HMryyPxI67FEwWE2bNJdzpR3mfYdHJU-ZzPV6WcDT2y9xE_pzZPuyJcFGJgDIvf8jxhfdXQ7FoXdIPEqmmpDGCo-UNLHM7LXdjNCVmQmkIlchrXzHvFClcruZ1rjBgl5n81TyzjOnYby3-zNmyduGoNpmZb9x0zYuqkECF9Ud97-oiYZ_4lkWrFbEoeJW_T66fcjJ6qruw-BRux4f7d1oTT10L3eyuX7vQ3WRLiS9fB-cWI8dxts2pO10N5DMUfbxQcm6nGpkYs-m-92ppjahEzgkla1o2AoyqY42Cn8_vkCjd7VFYBcebzQsDhyQPgw7jVlIy6yABzyzqqOwcJ_kfX-DTatXvBU1v7LeqlnkfBfqoTwzpSnjoniTA90Q4zL4WzXB5YjJHpFuTPreq8mDDJO8bVCR9NstJWLMjjp3JaDRozzrYugFwewy9p5UzlbG4TsP_rqnOpjvsVn9xJKuuJGuZifmH9qcCGklgbrvpVAWV3NLS5keFJqgHGZyNBM_BkHCamJ681J7M9-RSGXc-M3ypEvPFG82huNUyh63ttfPdnR6ZJ4FcFlLlxqyFmeqNiIyQBwz40kPhaJSIqcOHQkjJv33zj4eXJ2rLjQNZYfGKV_bG1mLzlkmCM4TVakHG26BTGRvkmUlPmHg-Z20hEk-v936tI192sa8cNbuLjQHl_rvBy1bkNktQEExIqXifklv94K7tDaO-HhtrD4iHa2jcvuKNF015zFsZV5xb50hA3e_CDK6suySM25KEpY-asjKhk9p8ameMHQ0NmMOkKZTcjmVvgotAaBYO2-EEvDm0lIeyqlPlZy1RbOqGAB7aHlZUZCltC-6MO_2VOWuJ8O5lU8RKNdF3gMI7FPAeOnn2MxtOjGzS-_3f7wVIWIFfgU5qYNGMLxvZ4aiCg5CjFva9PUArAuuHUdVuaq8AHN2Q56MkyOguGiNExW5pgVTY6KNX7CwlcNa9BJQ-sl6RL53iIH2GxxhE2RFyt4hG_eabUe8tFgINB293FxOqTCwJgv-gH9evRlAsXPeADkF7Ll7KTbYPbcZ0tnbpxXR8wLt9WR7qheEGHrhVdx7yip4mQPjEFi1Uzifs8yIiIydPBjCYJE5djyVGHhZXqecI-q18zkVxQzyMrzFeakiFIn4jfmtWTU31sIkPD9fRDsoWMqs97z2TMK1JhemCMkK5Q3vSQEkPVPGNLnuoKS8l8uMYQ8_eQKHoXLKY9gU53ECZEkpSfwOBZQ34zNTEeokt4Oi40fkeE1VsZKbhLDqYhYzNfskKLJkZn9QkI-8fhWPi6ia9tH-4DWye2UvqXQZ5zYKFpJYYz_EeaB93xfz-enYqgl_DYja6akOHOHRqM16G5k7poqiZGnhFLDZGsCTVmeulYUnTWTq31QUwinveKNhZ-A4mkaI5m4JJFCBxRq6_w8fv6bM4eIRJzjAnM1-Ct8dpCxTNi0PhqMEx49BXEVXAD8dT8u6mf4FBYW0VMZBYA7y9z-3TfRvyZ6yBcry5Vk6Fgvzx1jkigpLPMy7Z5K0e0MSiYQ6gGp0KMoq9IpvWfaVbmkJQPTr1vD23f_hYfaHRBdsNUzHYn8_WZmh-X1yGYJQXauxFD8JTb2cKXFMQetr-JgHzCT5jACehR9Ili6W9GK4gBemcAw6nINsbhtN5xzxhgjBgPqd20gLbZCXPbDTAeP8XU3iifasLz1SoSNSSuReuxmZrRzJqHAW2hINQRExX5-C_Q45Xaz-aR10RAhVGwpPbALamNjhEIjV0FmTeqeyY46vqsxeQlpn6U6-uDNi9hxdgAzP-uetCLNIpdNipO8BQqOYDzrPt8p5j2I0PjdUTzpNZWsOMw80qJho2P2hpyWT5OPQ31zhthg0jJW8UpOEoi9l91OisauUrRNEMi-Fj4XTZxkmcB0xDGBcTyIlpiHrJC4LBC5ILRoAldaCV6mim-tdOyc7goL0aNVNgNeIkAyA33bHsgowwjCNJhz00jAN9Zw7MuNBI7oW2ONdl9VVO6bS_9f2yg3OrhjyhbdhtNowmm6E8ltXMM8Sd5o4-EDw5ThpzikYhXkGYSrxzCeE7Pctwu1xBuEblV_3cQNJ7kFMGyVpa0nzYneqRk3gRjDYUAimTDNZ3JU6Lc-I5m6jCKFXMwKTEMuLSQ1oY_y0x6ksO20tT3fbYfqF1NRYvtrq0CZ0Wq-GQKcVpbl5cFwSN49gKYvI6ZcK2JPHCoaYU5wpZK2CjvMzsFOV8GwcLyzXRtVI8MmY_c-8e31vvjPtNELuZZ9_ZcPk2fOM6KLzCEkKAU_TZNKiE9F7LgzRyoiP9eqAy5QUBRtuZndkvNzOSbrMs-jl0hlJLFVZ_qtFKSReUoPOZWi6B4QTCmTD1SzecMWpVUePb6KcBvnVlmnI-1wCRm-rOEonGY_K1cpTyB3obhboO8hNweCA0AlBJlV8BcXFaz0A3jxmQNNAPD7Gqy3FdKbHeZJc-TFT2OyApQMHfS7GB5-0_ci3zo8ka0g7ZtBd0QApannQdmcaLQu5D8defyhCT8iKrrjPxSlXvZt814qar7ob0OFZMdVHoGrOneQCeMeSE0DSjyiLu3wcT1Yo6mnLDgEmv4zdx3XFQtZxS_fCQSB8Sfo15si3ynDBkLZkSXEGSDeG_mmjsE74yWZVcMPhecsaSMw5-g9BOKfowV8e8I50kepSyWjzDdLGxXBReibnFmex7w7upISG2pJELS31-F9K_NaS2C2vPWL7665TcPncLssjglDCOSrzZIiWlljnigUgsPoVcG0MMdwRhTrdjoiEq9Tfo&cid=CAASPeRoWWjFPd4aU05I7JjcNX4H-l-SHy2E3mLsNe14EGxloj3Q6SO4MgTtm_ulpiDBl3vZxCiyh1kXOltB7Cc&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
351a16c4ade64bd6d66f3529431a75c482c1b784f332c05e5a09cbefa8287eee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24925
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2248 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ai20XcFcsxH_AXE2UWwddvM1s4oE7BvZ75baIkIbVMpbiarMCkICxuX7r0RL4fFZTAqfTJU0Nz64iaOYzGQBkIhIHyl386lY8QVIFSUVD6WohiosM
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 2248 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2248 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 2248 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7291 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuudkPUiQeBT1wjpoPZR2uKbCf7Dc4TTmF2K_If019pMB2AIkjyA_LonrK1UPMtm4uDXc40hBao7sfY6VR2LGQIRX0bH9UbWxPkJyMSpL1M-7xvOfFAkGN7bTYhekuTi7-dBFwfreQGKyBMZ3pkEd7r5LJaIItnkAwc4oskzO4HbrbNRj5qpZOfX6cRc3i2vMq4Nr-yhfysXsX2WCduzitE3I1GNDOSpII8hm7zMvVUjvnyIsHlmdMNFyi7lCbdKrLF2D2b-Qlpco7ukP_93UEUTpfcl125W3p_Q1zQ7LH64LpwYXcVV7jFEd-8HcTW38ugebcHMbmNbg&sai=AMfl-YR_6bcYMMQ7kVy9pqC6vdXU8CYRkWzAHqNDlQ_ZI76J1fj72D1Uj_2t-G6RX-2Z6m_901BnRBbNsJfo5rXujsLYoAUcj3YUFyzPlrKpM_If1I64kvJvaJ7qxZAxrhw&sig=Cg0ArKJSzO7wW4PFTpkQEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 09 Apr 2021 19:22:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame A150 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BM4rzPm9uZfYfx7XkCZV7Qk0W4YGqVrXTcwYtW1-iAoJmAxDvkZbg14_51xvM_LajEnhuNdmmDMaaXo5evt_t9p7IaBROR5-2VNqAXkB4f-285ZPmgNt2Pm3QE_hp6rYG9bFDq1O21tlEaCsEJgvE8m3492A&cry=1&dbm_d=AKAmf-D0XVWZvaailV14l_2r3rrhg45fNvLACwVf83l3mjNdi6XTbL2DhyJWSly4V-v0JcMgmhkHkS4erMyXsSyPpNtYW7CvaqgExtD8MRHC-Nz2yJxasUuDIRhu-LlsOGRGhZlvNnjoAE9iVZzMwzTN4BSNhHpDOhvB-emEMMttwKhzd7kQZtutYzI5WCb1L8xBk5Mdr7Fhkzx0nmRjtYmxJZnO_JhfqPEyRGrPCSLtOFUV9X0AiN807S4iI0wtXcfcylGp7TLqLVd5osjFkAjgc4-dpmnCs-FAvzgq5IBrqZ-S-MgpNeIJ3u6JNRcjFsXoXQis0_YiUNuwIGVcmun92cR0onsP4x63PlpjPE9Umn91y6GiLPekCcr5aV0DlXpp9XYhF6cE31thVLdvtxGZquanR6xpuCNjc4BuxmCtQ_BmXmHn4k1CxqbEFcvkmTlsgUYNpIYAtuhqRl2Unc1Ppw0AI_nCvdtzKbtB0FU1sSkl8iaHymwSHh19ck5Q7hPOw5REHFMEdwjhmGOkqi_RyKnl0pVthID7uRHrkIRnYZRGgPQ6ndkd-ETN-bBLblv3Z66UdnEalphgeFg4P1gLg9BSOzo4SWCDB5c5BO90oruXk8wTE8I7Y5wRDT09eaFOknPSfcjaON1nDs57UCRMQ8iJQB5u3G3JryPHXWyfgZXbdziS8QL1QGsUAv2-dXyLA_aK_SubTwECzNciI0ZxXGTET-bNx9GIz8T1KF0ArPjAP_rqKUKPpWCbyU39TowFRhxTubaHTyLpgaN6YygX7i28uTCnV21nkJAnA4O4YqtyynSoKIKUmVXEaeBBYmjinim8f2vPnZ-q_ufYuzXK2Xcmg9L8FEvT9uFwBwc0jd8OTU0xme8pkRemtUD1cNZyEsM5wPAG_pYuYVwjsI6gLuVLnUy3ogzLSpnSh45R5ShgcwySMDMIRQ7iM_n2vhPwq1QG0foeqm-YzQlenhmLbYSxUYfKS_las5OpwDKi8_vpezcEoHhfD3Ep9cnSJPra9OR8z69AkfduFqzcckM8l9gy431-domTR0NKTkp9CLaKsxLMyR-TMUsaDMd4jAL7Pjb2rWfjnf9SELHXS9o8YECMsHgDviMyLAA46tB_K3oLkzUp_NR-b5b-miboowwWmR6k8V3KBaxTLYRBerzSEEDIQQQA5aWKFouqms3W7F-9kbS-jU3jo9MPm39l9_1rkiIQzGrnpnUMeDlApSnS6lNqeav-LjEYdI04io357I9Z3J0y1DWtbgCSeGSVyiS2szHCL-ELvdUGkc_i6dUD8nF3vYu8nl-_SCF4IKcSTaEBl7JBGSe7t1RVB4AP0p3-aDcbl5exWsA-P9qKQZKBHYB1Vm5FIJPEyuzLTImYl8tqh41Ha45BInKGWydQxYAz5BqoTLBwakEa7i_6rP8EIuHJ2aOXVOROR4AFg2FixbIVzaaOcD3sidsWzTOemgv-YgEF6P0MhM1hJbGgkFtu13XIUyMtPQ-AbrYaC2B4CaDN3OacArQss3XA2gQclq0W3cY4sFgEVB8wod88GTRyzxDIq9SmJsz4Sfn9cG9nKUbychX4K6wT8mN-kiS7uEiN9GVlin_cFNkN_jG55Aod76yXf3014kozZSOvEnqz0HicAXbdb87lXJu4BUACyxwjgDzt9CcLllaVnsTyuPJEWomEiV-o_79hNHh6jRmlKEKDq69lRIPR8tL_wZCY5k21R_bJA_dgTJFYRIZNtqpcrOg05c_xKeTI5XcQ8CttpZpNbs-2DeKfDYnN9kMxfUP53lppgmvrIF2sOA1o9IqDn05LrYY076HNJAuUPSavpok_pvika3-udO5sXg1A4xGmfOAWDgmFDQNOYgIQZIm5Mvvx1yUSE5E9am0M492ZMCQEv5km9vSK09ad9V1UsPgOzi_JYBats20jccWbCebxYtcxjs81Ayl7S17nkS39JveirxQ0EaO0WyngVm8xwGKgKe31_klr-L1WJLEf1kXNeKXiLcAAcLazFewRXVpbRm5LUsHPAl0GyZifwRtvStcJUFwNqmLfdZqizOO-G045X-izz_U9e9s6V4rnkOtaSD3Ep3UMIei3c5GVvE_e0qzOCoWud4cvQ_Q8K1qA7Oao1glho4cn_q6uLQY-xxfwjroJ732PtygtmaGCY3x6NEvdXVoNLLQBs1M4MMYzcTY2QZctq2isJTwWvLC_FOy7oI3eGJN5hNpJj4GFoHVAG3YDOkBXa8o63PpSzFQ4wHeMZmfGedgftcE9IRV579JDfECPUfvDCGKmmI9Fr1p4dT-OSjpUNWXEtNEkeBZwh_H7zGNu8Mj0jZpX7BKOJTVWYycZAd9JGCzNaVV7D1VYWMMg4Dy7vqic7BDPEBwoaIRQQQABdej4JRwn30JOCTEvnzjqH8DDYVIeRt9dR4NdJWqjV_GRLqqIVZZC5Q0us9wJZEjmWB9X4EEsFTWJdDrtRcrqkul580hAiDoNR5ztMROUNECb0XRA2p61mYXDUR9doBjnR6dC1bPJ6R8aFx_T4dXli3Sd3xfPfUjg1DZmTt2DkyEghv706F2e5wWV1ql27ssKOKHIDCpeY4ykuwDW-jlV9nxHrhSxNjYSamyo8vjSYOmgB4a99_zZJijbOeEfoEa6z1MldEQV8D_bvZG4jhot_J1kbvd2htI-D1ig5zGck7U9GWfzMLWPEgAwtH7sU0BJrUhajWWb_ayLGx-ihmhietMTdxS9SdIaCv-FpdsK3hk30eI1sk6094TjLXzkN7yuggVk6LgXmwiv6itdznXOdDrFSkYz87WNqtZ0947G-REIZtFOuOxCw99Krw40VIrfgokVG8D6Umm8FecdRQV9hUfXC8hZvL-AEu8DW0m7qEgxmUFTsCb_zzKr4GK9CAvgc1KenOMmMk1kffX_Ecy56X4x-Ba8AooLalj5IxbnliPURYVnMgHURmvs7R1BDxZJNfJ4B38kqPbi7QnFTvavSp007NoQSMMdSUfrhF0oRYPIypoyHsTdPn8waylY_-bq1xC8Jqzwte_5aawjlVVGwegw04F_AeysPnPu73a0WvUtCkAKckDLlio7YZjR-Lw059ZTGtBQi8UVaEkQi-LzWA-K9USgGD-JFfrSDY56nmjWdlYm7ZlBuDvMpaaHi848ItlbneKyp4PKyYKERsL8SeyTB2FxfHTdFxeBZDLmpzqjC34B-yUpkwfBGEfTK2kG-cdHAXNOfrfZUkp7fqmne2r1hH3cJlFO-RCatXgyADyTXbZNSsvQZBMtQS2icxjfzDeQbla4_NLxduzY4cycgQeFNCJMtSUHbkvWs1G80cHg-6Nh1o7jHzNwWZpMFqEY4StOFEaCYIuNFIAhqAwDqriYcS6XsA5HSyTIBP-DDPCkxoWqm6t9-ynJLOXetg-QPa4VB6xcf6ov_39DH8ErTRf2u7PNxrfd_6Q7SK8FoROgSiPEhCP4zyCY4j-3OKaFP2WC5vUtm08HAqJfm_TdCDRyfdDE8l2eCe5eGru2vsHU2TNDEGgdDW3hrE6NUNhbqRmgnah2AXc-8wGl1lBmzdS0LBF8eh8w6seXwCFkuSV6ugZ_x26ciQeF1tXdtcN2gbBA3x3LYr46lGfxiwRlX4gBx0okHHjfRD4PXwPQPtPq2RCxIjetIfSh0pxnjUlNtBWPz3QaSpCMB7yKpaYDThHzg5WhQQVBfSsyZub4GfP3AuL69xiE0fuchVAkPPypfhVf1Xj85EDANpp5Z8UsZSMrecK4Y1NXNJNe470cAq5DnAy8&cid=CAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
server
cafe
etag
10238838524035937739
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A150 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BM4rzPm9uZfYfx7XkCZV7Qk0W4YGqVrXTcwYtW1-iAoJmAxDvkZbg14_51xvM_LajEnhuNdmmDMaaXo5evt_t9p7IaBROR5-2VNqAXkB4f-285ZPmgNt2Pm3QE_hp6rYG9bFDq1O21tlEaCsEJgvE8m3492A&cry=1&dbm_d=AKAmf-D0XVWZvaailV14l_2r3rrhg45fNvLACwVf83l3mjNdi6XTbL2DhyJWSly4V-v0JcMgmhkHkS4erMyXsSyPpNtYW7CvaqgExtD8MRHC-Nz2yJxasUuDIRhu-LlsOGRGhZlvNnjoAE9iVZzMwzTN4BSNhHpDOhvB-emEMMttwKhzd7kQZtutYzI5WCb1L8xBk5Mdr7Fhkzx0nmRjtYmxJZnO_JhfqPEyRGrPCSLtOFUV9X0AiN807S4iI0wtXcfcylGp7TLqLVd5osjFkAjgc4-dpmnCs-FAvzgq5IBrqZ-S-MgpNeIJ3u6JNRcjFsXoXQis0_YiUNuwIGVcmun92cR0onsP4x63PlpjPE9Umn91y6GiLPekCcr5aV0DlXpp9XYhF6cE31thVLdvtxGZquanR6xpuCNjc4BuxmCtQ_BmXmHn4k1CxqbEFcvkmTlsgUYNpIYAtuhqRl2Unc1Ppw0AI_nCvdtzKbtB0FU1sSkl8iaHymwSHh19ck5Q7hPOw5REHFMEdwjhmGOkqi_RyKnl0pVthID7uRHrkIRnYZRGgPQ6ndkd-ETN-bBLblv3Z66UdnEalphgeFg4P1gLg9BSOzo4SWCDB5c5BO90oruXk8wTE8I7Y5wRDT09eaFOknPSfcjaON1nDs57UCRMQ8iJQB5u3G3JryPHXWyfgZXbdziS8QL1QGsUAv2-dXyLA_aK_SubTwECzNciI0ZxXGTET-bNx9GIz8T1KF0ArPjAP_rqKUKPpWCbyU39TowFRhxTubaHTyLpgaN6YygX7i28uTCnV21nkJAnA4O4YqtyynSoKIKUmVXEaeBBYmjinim8f2vPnZ-q_ufYuzXK2Xcmg9L8FEvT9uFwBwc0jd8OTU0xme8pkRemtUD1cNZyEsM5wPAG_pYuYVwjsI6gLuVLnUy3ogzLSpnSh45R5ShgcwySMDMIRQ7iM_n2vhPwq1QG0foeqm-YzQlenhmLbYSxUYfKS_las5OpwDKi8_vpezcEoHhfD3Ep9cnSJPra9OR8z69AkfduFqzcckM8l9gy431-domTR0NKTkp9CLaKsxLMyR-TMUsaDMd4jAL7Pjb2rWfjnf9SELHXS9o8YECMsHgDviMyLAA46tB_K3oLkzUp_NR-b5b-miboowwWmR6k8V3KBaxTLYRBerzSEEDIQQQA5aWKFouqms3W7F-9kbS-jU3jo9MPm39l9_1rkiIQzGrnpnUMeDlApSnS6lNqeav-LjEYdI04io357I9Z3J0y1DWtbgCSeGSVyiS2szHCL-ELvdUGkc_i6dUD8nF3vYu8nl-_SCF4IKcSTaEBl7JBGSe7t1RVB4AP0p3-aDcbl5exWsA-P9qKQZKBHYB1Vm5FIJPEyuzLTImYl8tqh41Ha45BInKGWydQxYAz5BqoTLBwakEa7i_6rP8EIuHJ2aOXVOROR4AFg2FixbIVzaaOcD3sidsWzTOemgv-YgEF6P0MhM1hJbGgkFtu13XIUyMtPQ-AbrYaC2B4CaDN3OacArQss3XA2gQclq0W3cY4sFgEVB8wod88GTRyzxDIq9SmJsz4Sfn9cG9nKUbychX4K6wT8mN-kiS7uEiN9GVlin_cFNkN_jG55Aod76yXf3014kozZSOvEnqz0HicAXbdb87lXJu4BUACyxwjgDzt9CcLllaVnsTyuPJEWomEiV-o_79hNHh6jRmlKEKDq69lRIPR8tL_wZCY5k21R_bJA_dgTJFYRIZNtqpcrOg05c_xKeTI5XcQ8CttpZpNbs-2DeKfDYnN9kMxfUP53lppgmvrIF2sOA1o9IqDn05LrYY076HNJAuUPSavpok_pvika3-udO5sXg1A4xGmfOAWDgmFDQNOYgIQZIm5Mvvx1yUSE5E9am0M492ZMCQEv5km9vSK09ad9V1UsPgOzi_JYBats20jccWbCebxYtcxjs81Ayl7S17nkS39JveirxQ0EaO0WyngVm8xwGKgKe31_klr-L1WJLEf1kXNeKXiLcAAcLazFewRXVpbRm5LUsHPAl0GyZifwRtvStcJUFwNqmLfdZqizOO-G045X-izz_U9e9s6V4rnkOtaSD3Ep3UMIei3c5GVvE_e0qzOCoWud4cvQ_Q8K1qA7Oao1glho4cn_q6uLQY-xxfwjroJ732PtygtmaGCY3x6NEvdXVoNLLQBs1M4MMYzcTY2QZctq2isJTwWvLC_FOy7oI3eGJN5hNpJj4GFoHVAG3YDOkBXa8o63PpSzFQ4wHeMZmfGedgftcE9IRV579JDfECPUfvDCGKmmI9Fr1p4dT-OSjpUNWXEtNEkeBZwh_H7zGNu8Mj0jZpX7BKOJTVWYycZAd9JGCzNaVV7D1VYWMMg4Dy7vqic7BDPEBwoaIRQQQABdej4JRwn30JOCTEvnzjqH8DDYVIeRt9dR4NdJWqjV_GRLqqIVZZC5Q0us9wJZEjmWB9X4EEsFTWJdDrtRcrqkul580hAiDoNR5ztMROUNECb0XRA2p61mYXDUR9doBjnR6dC1bPJ6R8aFx_T4dXli3Sd3xfPfUjg1DZmTt2DkyEghv706F2e5wWV1ql27ssKOKHIDCpeY4ykuwDW-jlV9nxHrhSxNjYSamyo8vjSYOmgB4a99_zZJijbOeEfoEa6z1MldEQV8D_bvZG4jhot_J1kbvd2htI-D1ig5zGck7U9GWfzMLWPEgAwtH7sU0BJrUhajWWb_ayLGx-ihmhietMTdxS9SdIaCv-FpdsK3hk30eI1sk6094TjLXzkN7yuggVk6LgXmwiv6itdznXOdDrFSkYz87WNqtZ0947G-REIZtFOuOxCw99Krw40VIrfgokVG8D6Umm8FecdRQV9hUfXC8hZvL-AEu8DW0m7qEgxmUFTsCb_zzKr4GK9CAvgc1KenOMmMk1kffX_Ecy56X4x-Ba8AooLalj5IxbnliPURYVnMgHURmvs7R1BDxZJNfJ4B38kqPbi7QnFTvavSp007NoQSMMdSUfrhF0oRYPIypoyHsTdPn8waylY_-bq1xC8Jqzwte_5aawjlVVGwegw04F_AeysPnPu73a0WvUtCkAKckDLlio7YZjR-Lw059ZTGtBQi8UVaEkQi-LzWA-K9USgGD-JFfrSDY56nmjWdlYm7ZlBuDvMpaaHi848ItlbneKyp4PKyYKERsL8SeyTB2FxfHTdFxeBZDLmpzqjC34B-yUpkwfBGEfTK2kG-cdHAXNOfrfZUkp7fqmne2r1hH3cJlFO-RCatXgyADyTXbZNSsvQZBMtQS2icxjfzDeQbla4_NLxduzY4cycgQeFNCJMtSUHbkvWs1G80cHg-6Nh1o7jHzNwWZpMFqEY4StOFEaCYIuNFIAhqAwDqriYcS6XsA5HSyTIBP-DDPCkxoWqm6t9-ynJLOXetg-QPa4VB6xcf6ov_39DH8ErTRf2u7PNxrfd_6Q7SK8FoROgSiPEhCP4zyCY4j-3OKaFP2WC5vUtm08HAqJfm_TdCDRyfdDE8l2eCe5eGru2vsHU2TNDEGgdDW3hrE6NUNhbqRmgnah2AXc-8wGl1lBmzdS0LBF8eh8w6seXwCFkuSV6ugZ_x26ciQeF1tXdtcN2gbBA3x3LYr46lGfxiwRlX4gBx0okHHjfRD4PXwPQPtPq2RCxIjetIfSh0pxnjUlNtBWPz3QaSpCMB7yKpaYDThHzg5WhQQVBfSsyZub4GfP3AuL69xiE0fuchVAkPPypfhVf1Xj85EDANpp5Z8UsZSMrecK4Y1NXNJNe470cAq5DnAy8&cid=CAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27374
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:46:20 GMT
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 46BE 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27374
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 11:46:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/ Frame 46BE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgXI7iCJ7bNaQKvcS1_pA1E3uLZlvg1JEfYlYe5hA8H12ENJ10kTP9WRGcqMsHDFEr2uL96ceotet0pCarBscrAdh7o7Ic_rsAu3xKgosLr44A_br3JwcwvYYEESF1IgtqmHEQMOYi5SOR7XKkxsX9x8nUxQ&dbm_d=AKAmf-BDkh0MzEzNrME2l8hHUxocDDUhqjmoSaXOiFMThk1nGFuPfz3FTfuQI74cOmWFkyF0dZu1IzeQKahs0zqEoNrJhVIvJaHRlwf7vWdZldhQqc06mpKeK1tEf9Hxkxb3i0uLxcPQfn2G9ivG1XN-YeFU_PZRxtgEjmN47JSIpTNXKSAUEgvkQoCk7pOkB_NmU-Ku97U2BiWof-S9gMpUsmNhl0iilmUCAAaQMD7og4X00hPvPCihdOt1YR3aQoa9nDW3Eeznrry5q0S6tdl1gpaCB-G9Jvekyli1gbsG70VEiOW2SuXyRA1DvKucuRS-U6Arifk1-526zjp_mr2XooNYvFvtVlQUEGklVYc_rIr6xtfBSzG5UQS4mZfqZrojtveTZ4hnmzJXVvkbfZh9e6-GOQjQ9EWs9K0o-4AxOf1RpkYTUlJUU8Dwd6ZP3LOyjoHCTKP4xnmHHIM-Ejn6-jDBqiTUAUO0V5eBn3TiGQGA_N-tEBIrg_zgaMPeGYw5yAq1UGCG2JjHbXg3H63vqckHCFyIiveD0VO2PmwOLu4Xunuud7tWJFpCah81mGhotdpsVk74h9RF00q-A-LIrxiNaDX9MQ4Ym3m5NER-qQHeVeRXyqgXz1Lh1ZzQUHml99vnzHGLroyQEm-8vyb2JV0_rYonIL_F4JAzCCzHTpJuDuLXpncD_bi3qmAkjxnhUEABc1Urko7L5V2kAv3DGNw2EzNH1QCcPSYBEgT6XL373G_GYAEvPQsvqSi0VlVvkYKzVvBab5aDE4kIQQ7uRp8Oh9kif3A56WaU-Q2rgfya8YyzEYFXsRxGKQIKQ3sAzGd-VDiw4DWwEG44WLIvVig8MJV4Tv97qxZqi3c8uys841hGAhtC6lfG4cJm76LVS_qMWABFAqx00n9M3p6C6FdczoyDG4ArXkyvbftHRi-B-KVLBQQLaw5ajsWUY9RzJoCRg4T4JmfCxNCjUPMa30v-hwRb15nHxJaQqcR6W8J3Ly5HoskbDsYfcsU3QwAVYKsmBEmnUrtsVNX9Oz7uqiD5_65FPFsyu0_wDuJoCwjcBJ4ZQaWdyu9NkvvTSnNnOxvthtULjkKTSwOKm_4FZcAstyAa2e3yEX7wpGmIXpYFSQm2xhi_Y9Wbw2uR6_6HjrBT6xKmNvfUyWFuFxXyWbNNWIGALryuCvV5PE_E-UVNO5pv5WaApdnMWb5jJJgWLkU71LuxRpVBw91nYCSCakbZebGnbvfBvCiXN6X7gF8wzygLFuQwmOGtCrqoAgTHBx32lfP9XCXjNXiPOTSKFvBSPh5gMRP87kbHstidFaQtXJK8GaBbmaXyteOnQqfNZGn8JQ18D23zz9jrFoK-L9dzmepNAQfVPLxEbn9c-5f-SYiBKp795g0z9GE5G2J5nqcuD1UqQPorff6N1Ta9sCZBpkLwCXfZCCaTabxD6YK67LYC__JhyrBi3_WKxgKC1qq8iqv5PQisf9WGrQI1mYxkoQiEyLzGKKvol1RMwqmYMugvKL9B1LcbLq474sNL-n2mvTBN2S6cJDnfnmI7jtHMxERExz6_BWIoqXnmbKJWSYWpIXukDuJLgkyMyWfwh6H6UYqecp4f_FoAXuDz87tedMYzZH3go-QZtXW0dBGhopbK7eMbcVif0VcaxtKMCf6lAQZQWNdAyUXSjhh7f9upZUOdQVLihKZBH1xzsNtZ3O6hcTetQBNC-nrvlPTU0TKJGYijPzhwCSpktPM5hPL9RIWmMXXE-iW3MYFnXFx7mbzccqoAu7YwXPHwi0bgcse7jI8gaxfrnuYtJgEi3xPMlK3cEm1Pcs8vPFe6C-x2Hs82elid_6FuOk-OhA5Xq8g0-Mrt-m1XVmCYEro9G2kC8AAxjqZN5vlnlsOws4pkYExBX3S069m5TmlQxCMnwG_joOmA_l5XisuSO9GEX8sPp37Pow0xYgdnvaTVVNnjZGs6udWp2oTQ_ffu_gPcfd19R7WgmZ5KfZBDscAEKRDsBXG6KEKXSJI2aRZoMOck8QbOsxoZq1eu2ZJfZkKxRFkytyGm9yEWwwZSoMxMpvgFd1So3G_Izx_aiPyHkCdx83sogsgDA2NEPU8dNFUKg25ar2QRtUAXg75nr-Ujn_refG1i5p_ciU1BrUdBexMV1nRqFwIG9LAUkiclzYXGvoOkbjEYyu4lXzYP4rtTbGNsW4s2pY9upKvqqZ-0DwHE-EQ2VvZLdfRHL71iuqeAGFZU6jXHdRinaRC_anyxQe_1AAvM2Ph7vjbTREziWZ3BPUy20Diwv-1Tn8cTP4ewGV4ayHZmGhFRJy46v2cwDRGyPozCnMwh1UYydhVv8QrUzXLWx4WdUhNffC1ElhMUlGK8mfldy3nev6HshUxTyUBroCfEbp9z4CI9K7A7XvNTqI7SaVyW8j5NhPum6aqPLzMd6OwQD6PwbS8YfXck9SuD-Jz4x3MI88X1kWJ92EVpntzFMaruZp61-aTUiwEKDoMpxy7CtSZaHn-tn_5MOJYhSyS3PdffqaU_-RJuOk61v_oQUXgsgQYCfEtrXet_2DpWBSG8C1Lx1lpk2KdayJ8ySan4cekHQuSndHXQq9BNXZ9GjlogmxWmUNxNCcQXJA6e1VuX_lRZYmsBU4bWf5oX0ocTVVoxVvs4rx3Z4-WwhQMyfr33iYGypdwVBjRQXXvymwPtjow1vjfplw_IfSdxyrABrIOvPYwcfMwBNlxYmzkGEQdYJ4isENnQk9g9ZZDcVswXtFaaSFLxJKubOH7LAJUGhxzxknuWoa0i4GaKrTGpiKN34ldmFme4wOCCIHloqgy2Vjo_zcFE9BBdrgw8SZjKz1EfrDK96nSm2gzVDNImWNPdBW8HrHjaoCO133ukA_fX1NSsgqe_TuPPcf0YQI9eltmYNvAunPoIPqeunj1OGKeLJAObGlKXyKAeTe3BBBFuZ0NK-ILdR6aAV93hrdD3zkFupJ4cGNcoM64hUZKbwPK1sQSqzdbUqIljPpT1qcaYpP_mDWx7tvIrL7Gx1et2iF7scyI6xWEWe9PHpxdN80Q&cid=CAASPeRou0CdPlOVOSFtXcjXS7iBiIRY7o5olB4AD4bzq462fw71h6ekI5qz0PwCu4BLGffqIk9Sx0AVHp04LOg&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:30 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 46BE 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgXI7iCJ7bNaQKvcS1_pA1E3uLZlvg1JEfYlYe5hA8H12ENJ10kTP9WRGcqMsHDFEr2uL96ceotet0pCarBscrAdh7o7Ic_rsAu3xKgosLr44A_br3JwcwvYYEESF1IgtqmHEQMOYi5SOR7XKkxsX9x8nUxQ&dbm_d=AKAmf-BDkh0MzEzNrME2l8hHUxocDDUhqjmoSaXOiFMThk1nGFuPfz3FTfuQI74cOmWFkyF0dZu1IzeQKahs0zqEoNrJhVIvJaHRlwf7vWdZldhQqc06mpKeK1tEf9Hxkxb3i0uLxcPQfn2G9ivG1XN-YeFU_PZRxtgEjmN47JSIpTNXKSAUEgvkQoCk7pOkB_NmU-Ku97U2BiWof-S9gMpUsmNhl0iilmUCAAaQMD7og4X00hPvPCihdOt1YR3aQoa9nDW3Eeznrry5q0S6tdl1gpaCB-G9Jvekyli1gbsG70VEiOW2SuXyRA1DvKucuRS-U6Arifk1-526zjp_mr2XooNYvFvtVlQUEGklVYc_rIr6xtfBSzG5UQS4mZfqZrojtveTZ4hnmzJXVvkbfZh9e6-GOQjQ9EWs9K0o-4AxOf1RpkYTUlJUU8Dwd6ZP3LOyjoHCTKP4xnmHHIM-Ejn6-jDBqiTUAUO0V5eBn3TiGQGA_N-tEBIrg_zgaMPeGYw5yAq1UGCG2JjHbXg3H63vqckHCFyIiveD0VO2PmwOLu4Xunuud7tWJFpCah81mGhotdpsVk74h9RF00q-A-LIrxiNaDX9MQ4Ym3m5NER-qQHeVeRXyqgXz1Lh1ZzQUHml99vnzHGLroyQEm-8vyb2JV0_rYonIL_F4JAzCCzHTpJuDuLXpncD_bi3qmAkjxnhUEABc1Urko7L5V2kAv3DGNw2EzNH1QCcPSYBEgT6XL373G_GYAEvPQsvqSi0VlVvkYKzVvBab5aDE4kIQQ7uRp8Oh9kif3A56WaU-Q2rgfya8YyzEYFXsRxGKQIKQ3sAzGd-VDiw4DWwEG44WLIvVig8MJV4Tv97qxZqi3c8uys841hGAhtC6lfG4cJm76LVS_qMWABFAqx00n9M3p6C6FdczoyDG4ArXkyvbftHRi-B-KVLBQQLaw5ajsWUY9RzJoCRg4T4JmfCxNCjUPMa30v-hwRb15nHxJaQqcR6W8J3Ly5HoskbDsYfcsU3QwAVYKsmBEmnUrtsVNX9Oz7uqiD5_65FPFsyu0_wDuJoCwjcBJ4ZQaWdyu9NkvvTSnNnOxvthtULjkKTSwOKm_4FZcAstyAa2e3yEX7wpGmIXpYFSQm2xhi_Y9Wbw2uR6_6HjrBT6xKmNvfUyWFuFxXyWbNNWIGALryuCvV5PE_E-UVNO5pv5WaApdnMWb5jJJgWLkU71LuxRpVBw91nYCSCakbZebGnbvfBvCiXN6X7gF8wzygLFuQwmOGtCrqoAgTHBx32lfP9XCXjNXiPOTSKFvBSPh5gMRP87kbHstidFaQtXJK8GaBbmaXyteOnQqfNZGn8JQ18D23zz9jrFoK-L9dzmepNAQfVPLxEbn9c-5f-SYiBKp795g0z9GE5G2J5nqcuD1UqQPorff6N1Ta9sCZBpkLwCXfZCCaTabxD6YK67LYC__JhyrBi3_WKxgKC1qq8iqv5PQisf9WGrQI1mYxkoQiEyLzGKKvol1RMwqmYMugvKL9B1LcbLq474sNL-n2mvTBN2S6cJDnfnmI7jtHMxERExz6_BWIoqXnmbKJWSYWpIXukDuJLgkyMyWfwh6H6UYqecp4f_FoAXuDz87tedMYzZH3go-QZtXW0dBGhopbK7eMbcVif0VcaxtKMCf6lAQZQWNdAyUXSjhh7f9upZUOdQVLihKZBH1xzsNtZ3O6hcTetQBNC-nrvlPTU0TKJGYijPzhwCSpktPM5hPL9RIWmMXXE-iW3MYFnXFx7mbzccqoAu7YwXPHwi0bgcse7jI8gaxfrnuYtJgEi3xPMlK3cEm1Pcs8vPFe6C-x2Hs82elid_6FuOk-OhA5Xq8g0-Mrt-m1XVmCYEro9G2kC8AAxjqZN5vlnlsOws4pkYExBX3S069m5TmlQxCMnwG_joOmA_l5XisuSO9GEX8sPp37Pow0xYgdnvaTVVNnjZGs6udWp2oTQ_ffu_gPcfd19R7WgmZ5KfZBDscAEKRDsBXG6KEKXSJI2aRZoMOck8QbOsxoZq1eu2ZJfZkKxRFkytyGm9yEWwwZSoMxMpvgFd1So3G_Izx_aiPyHkCdx83sogsgDA2NEPU8dNFUKg25ar2QRtUAXg75nr-Ujn_refG1i5p_ciU1BrUdBexMV1nRqFwIG9LAUkiclzYXGvoOkbjEYyu4lXzYP4rtTbGNsW4s2pY9upKvqqZ-0DwHE-EQ2VvZLdfRHL71iuqeAGFZU6jXHdRinaRC_anyxQe_1AAvM2Ph7vjbTREziWZ3BPUy20Diwv-1Tn8cTP4ewGV4ayHZmGhFRJy46v2cwDRGyPozCnMwh1UYydhVv8QrUzXLWx4WdUhNffC1ElhMUlGK8mfldy3nev6HshUxTyUBroCfEbp9z4CI9K7A7XvNTqI7SaVyW8j5NhPum6aqPLzMd6OwQD6PwbS8YfXck9SuD-Jz4x3MI88X1kWJ92EVpntzFMaruZp61-aTUiwEKDoMpxy7CtSZaHn-tn_5MOJYhSyS3PdffqaU_-RJuOk61v_oQUXgsgQYCfEtrXet_2DpWBSG8C1Lx1lpk2KdayJ8ySan4cekHQuSndHXQq9BNXZ9GjlogmxWmUNxNCcQXJA6e1VuX_lRZYmsBU4bWf5oX0ocTVVoxVvs4rx3Z4-WwhQMyfr33iYGypdwVBjRQXXvymwPtjow1vjfplw_IfSdxyrABrIOvPYwcfMwBNlxYmzkGEQdYJ4isENnQk9g9ZZDcVswXtFaaSFLxJKubOH7LAJUGhxzxknuWoa0i4GaKrTGpiKN34ldmFme4wOCCIHloqgy2Vjo_zcFE9BBdrgw8SZjKz1EfrDK96nSm2gzVDNImWNPdBW8HrHjaoCO133ukA_fX1NSsgqe_TuPPcf0YQI9eltmYNvAunPoIPqeunj1OGKeLJAObGlKXyKAeTe3BBBFuZ0NK-ILdR6aAV93hrdD3zkFupJ4cGNcoM64hUZKbwPK1sQSqzdbUqIljPpT1qcaYpP_mDWx7tvIrL7Gx1et2iF7scyI6xWEWe9PHpxdN80Q&cid=CAASPeRou0CdPlOVOSFtXcjXS7iBiIRY7o5olB4AD4bzq462fw71h6ekI5qz0PwCu4BLGffqIk9Sx0AVHp04LOg&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
server
cafe
etag
10238838524035937739
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:27 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame C667 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27374
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 11:46:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/ Frame C667 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9YePat8F5GcvWkUQ9_6a_zLLR0MABbC3MoZe1umeQc9eE4OqBzMsBSYs5GRFkTifoBUXg9nGKAjTCs1q4Hn0OViy3ktQWPkkrkKc9BHImzpf85uSmE7e3QmqMqDxOXzPxHWlc34dT0BZTDPftvoZ4RO5E6A&dbm_d=AKAmf-AZCmVAjDKfQTjuxUd67snAjQY-fqenr2SadxczQHEnCSBbG1zHegq3aHN7adVHoxO1eyVgUfS3K_uIcIH49bciGiPg5YOG3EfOGbaCyIDZDr13vEpAR6947ZsHREh_egeo4aYtvpTHAywAWPU0xJFpRrL7nOuw0x0DMLroJuaRtNzuxFxPVM8llXKd6b0az1kknXMg0CHEOxYoPJ-huqfKvVgj3MfX5Jr5NGVautRxMoAVbzhzWTcC0CSH_8wn4cU1cZcYgnE4FbEOxUFD9MBkb9id8l947OH46IaSnjh-5z8NoWBYOuFgSCezcnSbQJoiUl_iqrq83jW1Lkh2yYjIxeLisFwQLrIz5Lf226yBhs1uGoAqn-pOFNn2neL4hrYeCRe78O58ltUOerfRNYoXe-OD6Pr8EA6FeZW3xEYto7mI6DDDif-PNO5w6ntE-KrB-BppE-LSSl6FJkf7rNkHQ7pKJxwgYrRfiZi1L2Al5KpX8Z_z4Gau9LOlJG698cfJONp0wMqIgrl0_TLrB9gvpRp3NmCrGCpQqOvHq1HT-dYZptL_BCjLir18-fA6oYQ1zb53xIxNq0iTiKGvg-pOBQG1pEnapDHyxplDPBKGkx7Eb5n7gG1lWXNvNeJy8cRwK324StarISvCzUd29bqOJsI2aidjcRs1_buFGT8eII65QScy5zUj1NQmX3LzWBm97pAZjYg6FbMhgjGYSY8oc-XIKr552sSNnkgnbd8KvhPYfvUD37Bn3BrbkGm5SS93lKewptSFKFFJv9DKdW-9AN-rr-QRlFBTIZnaOWXYZBnh9MaC5YsLcj-gSR_g1zacEhfngjAqVGr-3BAFOD6i_qRc85FPbxgqJcvL_5WLKSimG_ph7eDTTN3Hhnb2KyDnQ4bf47gcxH6MqXlSmz8knnQw2u33CpARHRlnFXC2N03R0HaBzcGUSic4ckzsXROykFQS67r_QzmTiCJSwZoooxLqz7SqjfzmBG-cGumc2jzxFccEScCSK8ZDaOQecYN69esupoL-lyIEF7TYXXNkHFbUYAqrCoQT3THLRu2vmO3IkemZOEJCLLHLnhDK1fFpgW65akZyHXWpxWyS0kBZ5VkGGZiLEO0IP8jbT25wC9e9XQcZpTNwQYJV2euv7TuTqlBKmngh3RlvZdYUNGe-PimXUGjjdxGbqF3GdQQxkHVQZRWpxXN1lt5TBn60wdeS-rKopLBesF8u5HJ8UI2hlHS4QfDIYXCu5nWd2pqQ2CgLvdb9oEps09N-V-6QraCjJDbg4reNZnVv4VgaEiIXIPpqxPe4Atc6ZlULMKzGs7vgaTJw22JOobgcQ1wLILdJpTh-MjGcrMDXmWYbr5Nt-cUtpypgJRuxdZGHHC9NEFbV86o1XIAacurQ3p-QubqyQxVYNYVc_41rr7Oe3nNFLC0Unu8kSY_b9MO-iGqQgXssR6yTH7Z2F9uVodb8ij-OquxDK4YhJ0bkiE79gjpzZX5AwnHGMoMYdDAgP_TLPo7E59WDi3d_GZ0lNGTZq8slKt6o84sSoQpw3uFQ9hJT0PFZ3lL6zx_HkQCxWWkmOCx4WK_E_7cimUTF0z5PxWc7kNeH1jWyRsOQLzQQSAUpFARTtgbXZMbhvWqvB3sWjsDWq9K77oJ5MRLQVE7sUDnSJp5BGqAp-FXQOLTyIbx_l5VM9P7XWseGwllRqeih0Hs2QA2dBXgaEiYJLyXOfzAhRyzNaIgyI0egiFJF3cN8tGP2zxPDDvdPNTjh6TzCQDdKjO1myvIroniHyKoBvA2OJlZKSryCQfv4NBQTeFxCvNhCpH4xusp53ixWDIayPrtb3eigACSUEvnOgQwEyA7z7C_VJEDN8eoFrvwYGJLS5cQorU1a9_Ao3xldDOsfyLwuI8tEs7cbeYLfK_5CEaRWH5dlzbnq431YDWI67apWzySLyI3y13PcwGTFw9zQ1bOdcn7jdFxs8QBzBqXlULQMrj1K-zQ6Fhk9MsdNxFhPbkTUgzj8KjA5oY4xFZfMUhttDJXci7d3fVFVy5RlESMNhJGIkPjFtQkyb2Bqa_qIFbXKIrDKcbEs3a8TwRYyqkN9NoUw8BKJq0J89dS81OkQun7Ax-K0fWMJ5fZJ_sXKGkZAteDoyYHCHIxzLT7fcsKYkmBUnoHPbPf7m92nYoT5RtF-jZaFXBrHEz_OA4ulCNiyhCskluIHy6xU3SDxtKRcimqU7vrmY467x6GZnr6r0lT0mSbroauqYiB0vhPvoxqK7pATO9caAgJqI-ZFkip6GGqSkOLOd3BrPWP2-KWQWp8aX_2THISBlcptjE9EHHmz9hBNOKuCuba1OxFUD2JInQxuwTj48TgdQOj2lMu2QVnAnTZyPR5_k6d7XqzvB_fxhqOtnvnncvmTNvYe1IQUSceHvnEz8FGQanEnMPaxH9iaEIJtBA0rkWEk-1ShAVWAT9dL0qpFsYWR_vJgXiMVXnRMlmRsGL1YZcSOIzNcbbVFT1S4GZg0E9qEm4Pr3aWH1k8rUykTO721YjnCQhToUjMMhYeO57feJpeo_tgujSl9adWN2rUXHxRi8GwRlKCrViB6Py2UrcjAAlZL-eb_FnuEh98e3urX_milIosl0zomatntHOb16t5Wb1Docer67KwovuXW-MmT1VqmNUGzk_ES6gWNht0l5OQ9xOgT6lZkywTU52W2E1JmcdHYNbSowVvxqyU90gm6gwa8s4bfiBEKw0qlBgoB7IjHERDfz_O5B7Uftp0QKP2MrkKhXOFo-1VHF-Blda8_3Z0Vf_rfiwYsP9pfZ6zVTgzK9L-7lujifqiTtYWf78gK6fGRElVKHHe4CQu-n_KtRsldoeNHUNdaKCs303Ylui3sfOFDFSFPP3ZjuOy8tXCYAkmqQR2AcjEBtCG_IaHSMZL2EEWlG9Tg0h7TN9keaI95092rp1V3egDwgaPlMMBb7bdVImwebFexl16Nvo4HFVPrvONfVKZpsliYxzBl48LRM2abUYwF33zjLdMOKgBNJU3wlqJNllVea24lWmaA-Pcoqsalm0M&cid=CAASPeRo46aH9p22baip2McsGk6s-C8wat07-Ruoje1lR1H6J3phYXT3_ruxHGBdKz3rKvla245zUG6Btfqldgw&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:30 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame C667 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9YePat8F5GcvWkUQ9_6a_zLLR0MABbC3MoZe1umeQc9eE4OqBzMsBSYs5GRFkTifoBUXg9nGKAjTCs1q4Hn0OViy3ktQWPkkrkKc9BHImzpf85uSmE7e3QmqMqDxOXzPxHWlc34dT0BZTDPftvoZ4RO5E6A&dbm_d=AKAmf-AZCmVAjDKfQTjuxUd67snAjQY-fqenr2SadxczQHEnCSBbG1zHegq3aHN7adVHoxO1eyVgUfS3K_uIcIH49bciGiPg5YOG3EfOGbaCyIDZDr13vEpAR6947ZsHREh_egeo4aYtvpTHAywAWPU0xJFpRrL7nOuw0x0DMLroJuaRtNzuxFxPVM8llXKd6b0az1kknXMg0CHEOxYoPJ-huqfKvVgj3MfX5Jr5NGVautRxMoAVbzhzWTcC0CSH_8wn4cU1cZcYgnE4FbEOxUFD9MBkb9id8l947OH46IaSnjh-5z8NoWBYOuFgSCezcnSbQJoiUl_iqrq83jW1Lkh2yYjIxeLisFwQLrIz5Lf226yBhs1uGoAqn-pOFNn2neL4hrYeCRe78O58ltUOerfRNYoXe-OD6Pr8EA6FeZW3xEYto7mI6DDDif-PNO5w6ntE-KrB-BppE-LSSl6FJkf7rNkHQ7pKJxwgYrRfiZi1L2Al5KpX8Z_z4Gau9LOlJG698cfJONp0wMqIgrl0_TLrB9gvpRp3NmCrGCpQqOvHq1HT-dYZptL_BCjLir18-fA6oYQ1zb53xIxNq0iTiKGvg-pOBQG1pEnapDHyxplDPBKGkx7Eb5n7gG1lWXNvNeJy8cRwK324StarISvCzUd29bqOJsI2aidjcRs1_buFGT8eII65QScy5zUj1NQmX3LzWBm97pAZjYg6FbMhgjGYSY8oc-XIKr552sSNnkgnbd8KvhPYfvUD37Bn3BrbkGm5SS93lKewptSFKFFJv9DKdW-9AN-rr-QRlFBTIZnaOWXYZBnh9MaC5YsLcj-gSR_g1zacEhfngjAqVGr-3BAFOD6i_qRc85FPbxgqJcvL_5WLKSimG_ph7eDTTN3Hhnb2KyDnQ4bf47gcxH6MqXlSmz8knnQw2u33CpARHRlnFXC2N03R0HaBzcGUSic4ckzsXROykFQS67r_QzmTiCJSwZoooxLqz7SqjfzmBG-cGumc2jzxFccEScCSK8ZDaOQecYN69esupoL-lyIEF7TYXXNkHFbUYAqrCoQT3THLRu2vmO3IkemZOEJCLLHLnhDK1fFpgW65akZyHXWpxWyS0kBZ5VkGGZiLEO0IP8jbT25wC9e9XQcZpTNwQYJV2euv7TuTqlBKmngh3RlvZdYUNGe-PimXUGjjdxGbqF3GdQQxkHVQZRWpxXN1lt5TBn60wdeS-rKopLBesF8u5HJ8UI2hlHS4QfDIYXCu5nWd2pqQ2CgLvdb9oEps09N-V-6QraCjJDbg4reNZnVv4VgaEiIXIPpqxPe4Atc6ZlULMKzGs7vgaTJw22JOobgcQ1wLILdJpTh-MjGcrMDXmWYbr5Nt-cUtpypgJRuxdZGHHC9NEFbV86o1XIAacurQ3p-QubqyQxVYNYVc_41rr7Oe3nNFLC0Unu8kSY_b9MO-iGqQgXssR6yTH7Z2F9uVodb8ij-OquxDK4YhJ0bkiE79gjpzZX5AwnHGMoMYdDAgP_TLPo7E59WDi3d_GZ0lNGTZq8slKt6o84sSoQpw3uFQ9hJT0PFZ3lL6zx_HkQCxWWkmOCx4WK_E_7cimUTF0z5PxWc7kNeH1jWyRsOQLzQQSAUpFARTtgbXZMbhvWqvB3sWjsDWq9K77oJ5MRLQVE7sUDnSJp5BGqAp-FXQOLTyIbx_l5VM9P7XWseGwllRqeih0Hs2QA2dBXgaEiYJLyXOfzAhRyzNaIgyI0egiFJF3cN8tGP2zxPDDvdPNTjh6TzCQDdKjO1myvIroniHyKoBvA2OJlZKSryCQfv4NBQTeFxCvNhCpH4xusp53ixWDIayPrtb3eigACSUEvnOgQwEyA7z7C_VJEDN8eoFrvwYGJLS5cQorU1a9_Ao3xldDOsfyLwuI8tEs7cbeYLfK_5CEaRWH5dlzbnq431YDWI67apWzySLyI3y13PcwGTFw9zQ1bOdcn7jdFxs8QBzBqXlULQMrj1K-zQ6Fhk9MsdNxFhPbkTUgzj8KjA5oY4xFZfMUhttDJXci7d3fVFVy5RlESMNhJGIkPjFtQkyb2Bqa_qIFbXKIrDKcbEs3a8TwRYyqkN9NoUw8BKJq0J89dS81OkQun7Ax-K0fWMJ5fZJ_sXKGkZAteDoyYHCHIxzLT7fcsKYkmBUnoHPbPf7m92nYoT5RtF-jZaFXBrHEz_OA4ulCNiyhCskluIHy6xU3SDxtKRcimqU7vrmY467x6GZnr6r0lT0mSbroauqYiB0vhPvoxqK7pATO9caAgJqI-ZFkip6GGqSkOLOd3BrPWP2-KWQWp8aX_2THISBlcptjE9EHHmz9hBNOKuCuba1OxFUD2JInQxuwTj48TgdQOj2lMu2QVnAnTZyPR5_k6d7XqzvB_fxhqOtnvnncvmTNvYe1IQUSceHvnEz8FGQanEnMPaxH9iaEIJtBA0rkWEk-1ShAVWAT9dL0qpFsYWR_vJgXiMVXnRMlmRsGL1YZcSOIzNcbbVFT1S4GZg0E9qEm4Pr3aWH1k8rUykTO721YjnCQhToUjMMhYeO57feJpeo_tgujSl9adWN2rUXHxRi8GwRlKCrViB6Py2UrcjAAlZL-eb_FnuEh98e3urX_milIosl0zomatntHOb16t5Wb1Docer67KwovuXW-MmT1VqmNUGzk_ES6gWNht0l5OQ9xOgT6lZkywTU52W2E1JmcdHYNbSowVvxqyU90gm6gwa8s4bfiBEKw0qlBgoB7IjHERDfz_O5B7Uftp0QKP2MrkKhXOFo-1VHF-Blda8_3Z0Vf_rfiwYsP9pfZ6zVTgzK9L-7lujifqiTtYWf78gK6fGRElVKHHe4CQu-n_KtRsldoeNHUNdaKCs303Ylui3sfOFDFSFPP3ZjuOy8tXCYAkmqQR2AcjEBtCG_IaHSMZL2EEWlG9Tg0h7TN9keaI95092rp1V3egDwgaPlMMBb7bdVImwebFexl16Nvo4HFVPrvONfVKZpsliYxzBl48LRM2abUYwF33zjLdMOKgBNJU3wlqJNllVea24lWmaA-Pcoqsalm0M&cid=CAASPeRo46aH9p22baip2McsGk6s-C8wat07-Ruoje1lR1H6J3phYXT3_ruxHGBdKz3rKvla245zUG6Btfqldgw&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
server
cafe
etag
10238838524035937739
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:27 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/654467/53133099/ Frame ECC9 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/654467/53133099/skeleton.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.211.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-211-247.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0e534bedd8f44847e6cb2242b1a792a39b444af08458ff646361da20095afdd4

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
gzip
x-server-name
app27.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame ECC9 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27374
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 11:46:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/ Frame ECC9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6Uv8B0G5GtXo2IWlMZ9YyM20eKLXPcNpdlRJKCyP1EGqUlqAGCeO3ltleEJ70uwCThgzl-f47y_Kjvwz6dYCn6xe8XeLsxuMb2cZsQSfEd9k1TnGRZKnKRjcmygRjSzrZ6q3kdu7cYl-CXCgkefeUpDSuSQ&dbm_d=AKAmf-BGAJBpXB5q8WUDKZsRQRCnnCY6YmxHw0F_b_naMH1oczEnB_Tex0T_MENqjwqsi_XdIvF5PMZ14D0tZSGzSSspywhSEQLolGtKhh5WosTkn97V8G1w6L6jgpQgwVeOP0wHq-oX1kAY0kRf79F_UGtAAJCNp8xEkl3EsumHgEXxXAKLJh27wyvyE3igzzwzBvn5XQO0ZY3tr2f1V2jvic3cmmHeBrLi2CVPxag_u_j0HV0_lLLP6v2hfSWKU-twbAqBMSWKWye6fi-xURZc9__8bx_UZbQbJo9sNQDAWj9vG9Nhl7ZEloYVRm4wxrvEXmyDGFZIWsIxJtMeIbEGch_q1i6_sMT3qajYAFr4jfiRkXF7fGzONsf1rL0uC2gV5tgqd3u5HAs_uVzUUcSmA2VEhRzB3Cok48XYAt-6fscewYPmz9DGvizd0deb4Luzp0_5uNJqUbsnOhGwLYNJMbZlCLl9EgiblcxoxYzmuXKxvvnZ4XvpPg08I6ul9LReC2qDitW1NJaGYOMb9LClZo2o09BA6MCWQVaiLUcv3n_5Yyo5W1LG_FNDik2ZtAEYSW0tPoOHNO5wD09T6ssnNZJ5vr8JmVPCwJxSxZU_4C6Kgqbx2PNxu9f0HMyBtEmlr1YlXs1TxffS6Ez4SqdveXEMSmPq5-sxO6SoBTZlZBza_RDuQHd6OM138CwIigvjLTymg3ookgltSHTREnFU1vOk8GcLUVJpFSm8KeCpi5h6oVG8S-OfTj5_sxfT4cLwYGKlBQQtGAQl-D1vjQsgHPO2UrTRYTnqGqrNUwI0kM_xALijY0uThn91K4ttWO3QH_Hcr5JjTTGAsu0hTiKBdvqYkPdueT6hsTy95CNwERk2evMTARzSWU6U1KhChTPWNh66mbGHEMdqkoejlIE4J-taJL6N3wLvRsaUAuQh4BhbWzKfVkpktptd8U9kmxnHH3snYFV5Pd6wAbzfrLrnH6hJuNc4czUHdDaIBXiAskWR8qAW0yXbrrHIMVSVGV_80fWlL0qOnqlWzdlG3pQdmJwMn6AeFlNZqxAMXOhTrt7lrF_Zb3n_Dy7RUyw0OlPSh72yb2DQdkyKPicohCP3Cq7-hEwMmCewlEHCPWBcasgqdoCdig7dOFE1NglcIJ9B3J1Na3CbQg73Xr0fW-rk6hrUokSzT-v25GNBJJZFDgLai2npULxTkJyZEwJID7La9DUmvHT3hAzyBLkCKkLDSalS0RvlBETdlZk9O16Ncb-Xx5wkYZ6dL9r8r3jnC6uVRCqsuqK0Z5gLIFBs5T8SHppmhRDEYHRXZ4bNbj0e2U428uDV5QnN23aiV_WlnEFjElB5Oobhe9uApvtRTfsRGl3Tz08mH7UjfoXG3kKxuX3nki7pGNZuwmCMHfoMwE2zviqvcAutKjivYS-pD4MqXC-zaLVwcRhC-6gFvTHR2v3DZJJ0y3wHxa7BONDNtn1Lz6z-5YduoCg12-OoDedHPFLsXPfWC_fq2xxu0BsceX9j-kkW1PYf5nef8RHFb_lk4rXw2smsA8VcA068VDG3l0QXO7U23ieNVsKzrLxVTLlEnBZ61WvAmZNxbZ4lS2YBnc1haO1NqyNLcTMqsUsLD3JuafgzIipKHwnJfVkwcWi4hbCY8Om1T9o0qh6tGtpnWYFUuRTTHMMK3pivvlhmG_ppdIIlwXVDBq6hDKzRmTw0MN-ydH0qvKgTuFRzFoeHmtzj3-NXNLloqV_GGnJVzU44pv2yi6FhzadUydlH-vlahIMeRztJL_GIpQnQefu-db2Ab8ErZFo6eCy9nwHP5xo7SO4UCXrddNP84Iib_epQ3r0FfRqOTBFXtYjW8AgndZY4fqbpHYmsTN3QRDQBmeT6gFKBRA4ZWIGvcUQu2n0dLzFvskJYvBC89AYLFEo_0gzIcaLZhtiieF7kfiuyrfhEtv_BogIR4gvgfjIJbIicmLaHlF85KAWmvh_VH3NiPmOrt0HTEeHyVBDlQC4FTJs4GCuCqPMn6OXo6PHaSm45l-dGa8JqmRQYy_XF7gR4Lci5A1Tzr4Bx9DiZXTEdMIqKtqN-0UJnfuu6UvW8kRRCvVjzwGKBcenw4gmEcLxBVWrlHW3tSZ16f-jjQKTzAEgh_CUGrnPShN73LQMFpp6KmcwSWq68V8Nq5umIj_pfummj7F3c32UqeUkbQ9U5JyU3Bwm7X68xjLDcS_9Zu7sadkZPUQ3SOuNi-IN1Egoyw9Ir20v0oCsyGsfzLmWANnIItwJNsJkdx4JwgCH-hiC97fmMyxiLfbBS_AXpCtRjvWnhCneguKSUC6mN_r5vId2mxK00WJxogmixH0DSEAMzZRIm4RLhAq2X1gdZOmCevJWzfCRMCdi_3IUXJOPriPlEh4ypJBitvdMSSUIkbevGYI7GXrF7SRznoKoGMlZdl2pGKLuksx1rcAzgEQ55csjLpjyiiyL16eDOD50hZ-ESuTgcXPDC2fXyJonUvlXFOprqU4LN30OkS2Srbxb4zv5LfRjIlZiEFaLES3xPMdx3TZT4-zuZRVlRjH0fWGVEiXyExdJHoTv9fQs9_W5UU1IX-FZXoVL8sIXJ6_QZNvh0-NdRheKbawRqAnl3ZhsfnF-ooq4cSAsUON2EFECQt1ZcIigstenUA8kFN8-Co7XCJqNkQf_ihz8ee9OrnKaRZof5qWDx3nQTIuhaJetmQoIiP2hD3JhZs3o-FVXvY3VhyFx_7ioJzmi-T11D8Bedch2wZmaOGqzkvmzD3Heh6ETMhw4OVoJmcTk5yloXdZEB0EKxJqONyEONADhXp31QnhllhSDaofyeJu0GG1Rsr7_hH_7YBcF9lh4kzYeG7Yd-kEJZ6H1PwjRi8EWLUgRbmdokFqG1vAXoe_rhMSv_dd1rWQJ8SSWXfLvLc6H2VSIxlI1UPhe2zWAERWa8-gc6i1MAKUe44AR_9QFOSizkAWnSsbdBUqCe5gUH-wwvzGKgiPnQVrXnMiDutgSvuFrPdfjzb4gT77PAaV9NEM4GXlv0eM3l2M0eOH5t38UniGJy00tXBdvBRPjyj60bNhyW-Xom_Ih_&cid=CAASPeRoY6OWGOH2kEcOv5md_u9ZraaOMwa_nFch7f3YtRjAVRQJHpFSSysnMJsad_eKTNMa5PmlcAqyTLZ-sZs&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:30 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame ECC9 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6Uv8B0G5GtXo2IWlMZ9YyM20eKLXPcNpdlRJKCyP1EGqUlqAGCeO3ltleEJ70uwCThgzl-f47y_Kjvwz6dYCn6xe8XeLsxuMb2cZsQSfEd9k1TnGRZKnKRjcmygRjSzrZ6q3kdu7cYl-CXCgkefeUpDSuSQ&dbm_d=AKAmf-BGAJBpXB5q8WUDKZsRQRCnnCY6YmxHw0F_b_naMH1oczEnB_Tex0T_MENqjwqsi_XdIvF5PMZ14D0tZSGzSSspywhSEQLolGtKhh5WosTkn97V8G1w6L6jgpQgwVeOP0wHq-oX1kAY0kRf79F_UGtAAJCNp8xEkl3EsumHgEXxXAKLJh27wyvyE3igzzwzBvn5XQO0ZY3tr2f1V2jvic3cmmHeBrLi2CVPxag_u_j0HV0_lLLP6v2hfSWKU-twbAqBMSWKWye6fi-xURZc9__8bx_UZbQbJo9sNQDAWj9vG9Nhl7ZEloYVRm4wxrvEXmyDGFZIWsIxJtMeIbEGch_q1i6_sMT3qajYAFr4jfiRkXF7fGzONsf1rL0uC2gV5tgqd3u5HAs_uVzUUcSmA2VEhRzB3Cok48XYAt-6fscewYPmz9DGvizd0deb4Luzp0_5uNJqUbsnOhGwLYNJMbZlCLl9EgiblcxoxYzmuXKxvvnZ4XvpPg08I6ul9LReC2qDitW1NJaGYOMb9LClZo2o09BA6MCWQVaiLUcv3n_5Yyo5W1LG_FNDik2ZtAEYSW0tPoOHNO5wD09T6ssnNZJ5vr8JmVPCwJxSxZU_4C6Kgqbx2PNxu9f0HMyBtEmlr1YlXs1TxffS6Ez4SqdveXEMSmPq5-sxO6SoBTZlZBza_RDuQHd6OM138CwIigvjLTymg3ookgltSHTREnFU1vOk8GcLUVJpFSm8KeCpi5h6oVG8S-OfTj5_sxfT4cLwYGKlBQQtGAQl-D1vjQsgHPO2UrTRYTnqGqrNUwI0kM_xALijY0uThn91K4ttWO3QH_Hcr5JjTTGAsu0hTiKBdvqYkPdueT6hsTy95CNwERk2evMTARzSWU6U1KhChTPWNh66mbGHEMdqkoejlIE4J-taJL6N3wLvRsaUAuQh4BhbWzKfVkpktptd8U9kmxnHH3snYFV5Pd6wAbzfrLrnH6hJuNc4czUHdDaIBXiAskWR8qAW0yXbrrHIMVSVGV_80fWlL0qOnqlWzdlG3pQdmJwMn6AeFlNZqxAMXOhTrt7lrF_Zb3n_Dy7RUyw0OlPSh72yb2DQdkyKPicohCP3Cq7-hEwMmCewlEHCPWBcasgqdoCdig7dOFE1NglcIJ9B3J1Na3CbQg73Xr0fW-rk6hrUokSzT-v25GNBJJZFDgLai2npULxTkJyZEwJID7La9DUmvHT3hAzyBLkCKkLDSalS0RvlBETdlZk9O16Ncb-Xx5wkYZ6dL9r8r3jnC6uVRCqsuqK0Z5gLIFBs5T8SHppmhRDEYHRXZ4bNbj0e2U428uDV5QnN23aiV_WlnEFjElB5Oobhe9uApvtRTfsRGl3Tz08mH7UjfoXG3kKxuX3nki7pGNZuwmCMHfoMwE2zviqvcAutKjivYS-pD4MqXC-zaLVwcRhC-6gFvTHR2v3DZJJ0y3wHxa7BONDNtn1Lz6z-5YduoCg12-OoDedHPFLsXPfWC_fq2xxu0BsceX9j-kkW1PYf5nef8RHFb_lk4rXw2smsA8VcA068VDG3l0QXO7U23ieNVsKzrLxVTLlEnBZ61WvAmZNxbZ4lS2YBnc1haO1NqyNLcTMqsUsLD3JuafgzIipKHwnJfVkwcWi4hbCY8Om1T9o0qh6tGtpnWYFUuRTTHMMK3pivvlhmG_ppdIIlwXVDBq6hDKzRmTw0MN-ydH0qvKgTuFRzFoeHmtzj3-NXNLloqV_GGnJVzU44pv2yi6FhzadUydlH-vlahIMeRztJL_GIpQnQefu-db2Ab8ErZFo6eCy9nwHP5xo7SO4UCXrddNP84Iib_epQ3r0FfRqOTBFXtYjW8AgndZY4fqbpHYmsTN3QRDQBmeT6gFKBRA4ZWIGvcUQu2n0dLzFvskJYvBC89AYLFEo_0gzIcaLZhtiieF7kfiuyrfhEtv_BogIR4gvgfjIJbIicmLaHlF85KAWmvh_VH3NiPmOrt0HTEeHyVBDlQC4FTJs4GCuCqPMn6OXo6PHaSm45l-dGa8JqmRQYy_XF7gR4Lci5A1Tzr4Bx9DiZXTEdMIqKtqN-0UJnfuu6UvW8kRRCvVjzwGKBcenw4gmEcLxBVWrlHW3tSZ16f-jjQKTzAEgh_CUGrnPShN73LQMFpp6KmcwSWq68V8Nq5umIj_pfummj7F3c32UqeUkbQ9U5JyU3Bwm7X68xjLDcS_9Zu7sadkZPUQ3SOuNi-IN1Egoyw9Ir20v0oCsyGsfzLmWANnIItwJNsJkdx4JwgCH-hiC97fmMyxiLfbBS_AXpCtRjvWnhCneguKSUC6mN_r5vId2mxK00WJxogmixH0DSEAMzZRIm4RLhAq2X1gdZOmCevJWzfCRMCdi_3IUXJOPriPlEh4ypJBitvdMSSUIkbevGYI7GXrF7SRznoKoGMlZdl2pGKLuksx1rcAzgEQ55csjLpjyiiyL16eDOD50hZ-ESuTgcXPDC2fXyJonUvlXFOprqU4LN30OkS2Srbxb4zv5LfRjIlZiEFaLES3xPMdx3TZT4-zuZRVlRjH0fWGVEiXyExdJHoTv9fQs9_W5UU1IX-FZXoVL8sIXJ6_QZNvh0-NdRheKbawRqAnl3ZhsfnF-ooq4cSAsUON2EFECQt1ZcIigstenUA8kFN8-Co7XCJqNkQf_ihz8ee9OrnKaRZof5qWDx3nQTIuhaJetmQoIiP2hD3JhZs3o-FVXvY3VhyFx_7ioJzmi-T11D8Bedch2wZmaOGqzkvmzD3Heh6ETMhw4OVoJmcTk5yloXdZEB0EKxJqONyEONADhXp31QnhllhSDaofyeJu0GG1Rsr7_hH_7YBcF9lh4kzYeG7Yd-kEJZ6H1PwjRi8EWLUgRbmdokFqG1vAXoe_rhMSv_dd1rWQJ8SSWXfLvLc6H2VSIxlI1UPhe2zWAERWa8-gc6i1MAKUe44AR_9QFOSizkAWnSsbdBUqCe5gUH-wwvzGKgiPnQVrXnMiDutgSvuFrPdfjzb4gT77PAaV9NEM4GXlv0eM3l2M0eOH5t38UniGJy00tXBdvBRPjyj60bNhyW-Xom_Ih_&cid=CAASPeRoY6OWGOH2kEcOv5md_u9ZraaOMwa_nFch7f3YtRjAVRQJHpFSSysnMJsad_eKTNMa5PmlcAqyTLZ-sZs&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
server
cafe
etag
10238838524035937739
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame B60A 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banjarmasin.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 09 Apr 2021 16:11:50 GMT
expires
Sat, 09 Apr 2022 16:11:50 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11444
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
skeleton.js
fw.adsafeprotected.com/rjss/st/654467/53133099/ Frame 2248 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/654467/53133099/skeleton.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.211.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-211-247.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
47d5ce6935a6267bd1fff30eb4648bbf887affd6ee5a954b08cb0196744be480

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
gzip
x-server-name
app17.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 2248 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27374
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 11:46:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/ Frame 2248 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCetNuuQDSXiPW_Tdho4pDddIegiJhxSWJx2rsdJd98GRSCMPc8LE6rFzzO0qiPtoiEeqtHSWtHZMPH-lCqp5nrYDd8i0gvf2TXRz0oQ4XL9K8CP67bxxw6wioVjMsU2TfBlgfXuFcmaxcGzfKdKKqe9sxQA&dbm_d=AKAmf-DmoohGJ2Bk5D6hnbI807MFfIs4zpOhBCEHfButWve0HDTlBTuOCorY8FKyp7wUtQzDY8S04mlWUJc0P2drdjQoJ09-PhCbilN3pUpZuBHDysYdN3uMsAyl0yfy0F89sR9CSZZCWRKqJlUCM9nVcSEtBU80aJHoVS2jaRZMTUvyNtrUc0obhZW2RkdXeCnV0ve8r77VWo9qiTCbRZ49JKGjCBnPsl-2ZClD1b_sq7yN-fvVaDxO9QOW4h7QjFcVU9EL_HMryyPxI67FEwWE2bNJdzpR3mfYdHJU-ZzPV6WcDT2y9xE_pzZPuyJcFGJgDIvf8jxhfdXQ7FoXdIPEqmmpDGCo-UNLHM7LXdjNCVmQmkIlchrXzHvFClcruZ1rjBgl5n81TyzjOnYby3-zNmyduGoNpmZb9x0zYuqkECF9Ud97-oiYZ_4lkWrFbEoeJW_T66fcjJ6qruw-BRux4f7d1oTT10L3eyuX7vQ3WRLiS9fB-cWI8dxts2pO10N5DMUfbxQcm6nGpkYs-m-92ppjahEzgkla1o2AoyqY42Cn8_vkCjd7VFYBcebzQsDhyQPgw7jVlIy6yABzyzqqOwcJ_kfX-DTatXvBU1v7LeqlnkfBfqoTwzpSnjoniTA90Q4zL4WzXB5YjJHpFuTPreq8mDDJO8bVCR9NstJWLMjjp3JaDRozzrYugFwewy9p5UzlbG4TsP_rqnOpjvsVn9xJKuuJGuZifmH9qcCGklgbrvpVAWV3NLS5keFJqgHGZyNBM_BkHCamJ681J7M9-RSGXc-M3ypEvPFG82huNUyh63ttfPdnR6ZJ4FcFlLlxqyFmeqNiIyQBwz40kPhaJSIqcOHQkjJv33zj4eXJ2rLjQNZYfGKV_bG1mLzlkmCM4TVakHG26BTGRvkmUlPmHg-Z20hEk-v936tI192sa8cNbuLjQHl_rvBy1bkNktQEExIqXifklv94K7tDaO-HhtrD4iHa2jcvuKNF015zFsZV5xb50hA3e_CDK6suySM25KEpY-asjKhk9p8ameMHQ0NmMOkKZTcjmVvgotAaBYO2-EEvDm0lIeyqlPlZy1RbOqGAB7aHlZUZCltC-6MO_2VOWuJ8O5lU8RKNdF3gMI7FPAeOnn2MxtOjGzS-_3f7wVIWIFfgU5qYNGMLxvZ4aiCg5CjFva9PUArAuuHUdVuaq8AHN2Q56MkyOguGiNExW5pgVTY6KNX7CwlcNa9BJQ-sl6RL53iIH2GxxhE2RFyt4hG_eabUe8tFgINB293FxOqTCwJgv-gH9evRlAsXPeADkF7Ll7KTbYPbcZ0tnbpxXR8wLt9WR7qheEGHrhVdx7yip4mQPjEFi1Uzifs8yIiIydPBjCYJE5djyVGHhZXqecI-q18zkVxQzyMrzFeakiFIn4jfmtWTU31sIkPD9fRDsoWMqs97z2TMK1JhemCMkK5Q3vSQEkPVPGNLnuoKS8l8uMYQ8_eQKHoXLKY9gU53ECZEkpSfwOBZQ34zNTEeokt4Oi40fkeE1VsZKbhLDqYhYzNfskKLJkZn9QkI-8fhWPi6ia9tH-4DWye2UvqXQZ5zYKFpJYYz_EeaB93xfz-enYqgl_DYja6akOHOHRqM16G5k7poqiZGnhFLDZGsCTVmeulYUnTWTq31QUwinveKNhZ-A4mkaI5m4JJFCBxRq6_w8fv6bM4eIRJzjAnM1-Ct8dpCxTNi0PhqMEx49BXEVXAD8dT8u6mf4FBYW0VMZBYA7y9z-3TfRvyZ6yBcry5Vk6Fgvzx1jkigpLPMy7Z5K0e0MSiYQ6gGp0KMoq9IpvWfaVbmkJQPTr1vD23f_hYfaHRBdsNUzHYn8_WZmh-X1yGYJQXauxFD8JTb2cKXFMQetr-JgHzCT5jACehR9Ili6W9GK4gBemcAw6nINsbhtN5xzxhgjBgPqd20gLbZCXPbDTAeP8XU3iifasLz1SoSNSSuReuxmZrRzJqHAW2hINQRExX5-C_Q45Xaz-aR10RAhVGwpPbALamNjhEIjV0FmTeqeyY46vqsxeQlpn6U6-uDNi9hxdgAzP-uetCLNIpdNipO8BQqOYDzrPt8p5j2I0PjdUTzpNZWsOMw80qJho2P2hpyWT5OPQ31zhthg0jJW8UpOEoi9l91OisauUrRNEMi-Fj4XTZxkmcB0xDGBcTyIlpiHrJC4LBC5ILRoAldaCV6mim-tdOyc7goL0aNVNgNeIkAyA33bHsgowwjCNJhz00jAN9Zw7MuNBI7oW2ONdl9VVO6bS_9f2yg3OrhjyhbdhtNowmm6E8ltXMM8Sd5o4-EDw5ThpzikYhXkGYSrxzCeE7Pctwu1xBuEblV_3cQNJ7kFMGyVpa0nzYneqRk3gRjDYUAimTDNZ3JU6Lc-I5m6jCKFXMwKTEMuLSQ1oY_y0x6ksO20tT3fbYfqF1NRYvtrq0CZ0Wq-GQKcVpbl5cFwSN49gKYvI6ZcK2JPHCoaYU5wpZK2CjvMzsFOV8GwcLyzXRtVI8MmY_c-8e31vvjPtNELuZZ9_ZcPk2fOM6KLzCEkKAU_TZNKiE9F7LgzRyoiP9eqAy5QUBRtuZndkvNzOSbrMs-jl0hlJLFVZ_qtFKSReUoPOZWi6B4QTCmTD1SzecMWpVUePb6KcBvnVlmnI-1wCRm-rOEonGY_K1cpTyB3obhboO8hNweCA0AlBJlV8BcXFaz0A3jxmQNNAPD7Gqy3FdKbHeZJc-TFT2OyApQMHfS7GB5-0_ci3zo8ka0g7ZtBd0QApannQdmcaLQu5D8defyhCT8iKrrjPxSlXvZt814qar7ob0OFZMdVHoGrOneQCeMeSE0DSjyiLu3wcT1Yo6mnLDgEmv4zdx3XFQtZxS_fCQSB8Sfo15si3ynDBkLZkSXEGSDeG_mmjsE74yWZVcMPhecsaSMw5-g9BOKfowV8e8I50kepSyWjzDdLGxXBReibnFmex7w7upISG2pJELS31-F9K_NaS2C2vPWL7665TcPncLssjglDCOSrzZIiWlljnigUgsPoVcG0MMdwRhTrdjoiEq9Tfo&cid=CAASPeRoWWjFPd4aU05I7JjcNX4H-l-SHy2E3mLsNe14EGxloj3Q6SO4MgTtm_ulpiDBl3vZxCiyh1kXOltB7Cc&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:30 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 2248 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCetNuuQDSXiPW_Tdho4pDddIegiJhxSWJx2rsdJd98GRSCMPc8LE6rFzzO0qiPtoiEeqtHSWtHZMPH-lCqp5nrYDd8i0gvf2TXRz0oQ4XL9K8CP67bxxw6wioVjMsU2TfBlgfXuFcmaxcGzfKdKKqe9sxQA&dbm_d=AKAmf-DmoohGJ2Bk5D6hnbI807MFfIs4zpOhBCEHfButWve0HDTlBTuOCorY8FKyp7wUtQzDY8S04mlWUJc0P2drdjQoJ09-PhCbilN3pUpZuBHDysYdN3uMsAyl0yfy0F89sR9CSZZCWRKqJlUCM9nVcSEtBU80aJHoVS2jaRZMTUvyNtrUc0obhZW2RkdXeCnV0ve8r77VWo9qiTCbRZ49JKGjCBnPsl-2ZClD1b_sq7yN-fvVaDxO9QOW4h7QjFcVU9EL_HMryyPxI67FEwWE2bNJdzpR3mfYdHJU-ZzPV6WcDT2y9xE_pzZPuyJcFGJgDIvf8jxhfdXQ7FoXdIPEqmmpDGCo-UNLHM7LXdjNCVmQmkIlchrXzHvFClcruZ1rjBgl5n81TyzjOnYby3-zNmyduGoNpmZb9x0zYuqkECF9Ud97-oiYZ_4lkWrFbEoeJW_T66fcjJ6qruw-BRux4f7d1oTT10L3eyuX7vQ3WRLiS9fB-cWI8dxts2pO10N5DMUfbxQcm6nGpkYs-m-92ppjahEzgkla1o2AoyqY42Cn8_vkCjd7VFYBcebzQsDhyQPgw7jVlIy6yABzyzqqOwcJ_kfX-DTatXvBU1v7LeqlnkfBfqoTwzpSnjoniTA90Q4zL4WzXB5YjJHpFuTPreq8mDDJO8bVCR9NstJWLMjjp3JaDRozzrYugFwewy9p5UzlbG4TsP_rqnOpjvsVn9xJKuuJGuZifmH9qcCGklgbrvpVAWV3NLS5keFJqgHGZyNBM_BkHCamJ681J7M9-RSGXc-M3ypEvPFG82huNUyh63ttfPdnR6ZJ4FcFlLlxqyFmeqNiIyQBwz40kPhaJSIqcOHQkjJv33zj4eXJ2rLjQNZYfGKV_bG1mLzlkmCM4TVakHG26BTGRvkmUlPmHg-Z20hEk-v936tI192sa8cNbuLjQHl_rvBy1bkNktQEExIqXifklv94K7tDaO-HhtrD4iHa2jcvuKNF015zFsZV5xb50hA3e_CDK6suySM25KEpY-asjKhk9p8ameMHQ0NmMOkKZTcjmVvgotAaBYO2-EEvDm0lIeyqlPlZy1RbOqGAB7aHlZUZCltC-6MO_2VOWuJ8O5lU8RKNdF3gMI7FPAeOnn2MxtOjGzS-_3f7wVIWIFfgU5qYNGMLxvZ4aiCg5CjFva9PUArAuuHUdVuaq8AHN2Q56MkyOguGiNExW5pgVTY6KNX7CwlcNa9BJQ-sl6RL53iIH2GxxhE2RFyt4hG_eabUe8tFgINB293FxOqTCwJgv-gH9evRlAsXPeADkF7Ll7KTbYPbcZ0tnbpxXR8wLt9WR7qheEGHrhVdx7yip4mQPjEFi1Uzifs8yIiIydPBjCYJE5djyVGHhZXqecI-q18zkVxQzyMrzFeakiFIn4jfmtWTU31sIkPD9fRDsoWMqs97z2TMK1JhemCMkK5Q3vSQEkPVPGNLnuoKS8l8uMYQ8_eQKHoXLKY9gU53ECZEkpSfwOBZQ34zNTEeokt4Oi40fkeE1VsZKbhLDqYhYzNfskKLJkZn9QkI-8fhWPi6ia9tH-4DWye2UvqXQZ5zYKFpJYYz_EeaB93xfz-enYqgl_DYja6akOHOHRqM16G5k7poqiZGnhFLDZGsCTVmeulYUnTWTq31QUwinveKNhZ-A4mkaI5m4JJFCBxRq6_w8fv6bM4eIRJzjAnM1-Ct8dpCxTNi0PhqMEx49BXEVXAD8dT8u6mf4FBYW0VMZBYA7y9z-3TfRvyZ6yBcry5Vk6Fgvzx1jkigpLPMy7Z5K0e0MSiYQ6gGp0KMoq9IpvWfaVbmkJQPTr1vD23f_hYfaHRBdsNUzHYn8_WZmh-X1yGYJQXauxFD8JTb2cKXFMQetr-JgHzCT5jACehR9Ili6W9GK4gBemcAw6nINsbhtN5xzxhgjBgPqd20gLbZCXPbDTAeP8XU3iifasLz1SoSNSSuReuxmZrRzJqHAW2hINQRExX5-C_Q45Xaz-aR10RAhVGwpPbALamNjhEIjV0FmTeqeyY46vqsxeQlpn6U6-uDNi9hxdgAzP-uetCLNIpdNipO8BQqOYDzrPt8p5j2I0PjdUTzpNZWsOMw80qJho2P2hpyWT5OPQ31zhthg0jJW8UpOEoi9l91OisauUrRNEMi-Fj4XTZxkmcB0xDGBcTyIlpiHrJC4LBC5ILRoAldaCV6mim-tdOyc7goL0aNVNgNeIkAyA33bHsgowwjCNJhz00jAN9Zw7MuNBI7oW2ONdl9VVO6bS_9f2yg3OrhjyhbdhtNowmm6E8ltXMM8Sd5o4-EDw5ThpzikYhXkGYSrxzCeE7Pctwu1xBuEblV_3cQNJ7kFMGyVpa0nzYneqRk3gRjDYUAimTDNZ3JU6Lc-I5m6jCKFXMwKTEMuLSQ1oY_y0x6ksO20tT3fbYfqF1NRYvtrq0CZ0Wq-GQKcVpbl5cFwSN49gKYvI6ZcK2JPHCoaYU5wpZK2CjvMzsFOV8GwcLyzXRtVI8MmY_c-8e31vvjPtNELuZZ9_ZcPk2fOM6KLzCEkKAU_TZNKiE9F7LgzRyoiP9eqAy5QUBRtuZndkvNzOSbrMs-jl0hlJLFVZ_qtFKSReUoPOZWi6B4QTCmTD1SzecMWpVUePb6KcBvnVlmnI-1wCRm-rOEonGY_K1cpTyB3obhboO8hNweCA0AlBJlV8BcXFaz0A3jxmQNNAPD7Gqy3FdKbHeZJc-TFT2OyApQMHfS7GB5-0_ci3zo8ka0g7ZtBd0QApannQdmcaLQu5D8defyhCT8iKrrjPxSlXvZt814qar7ob0OFZMdVHoGrOneQCeMeSE0DSjyiLu3wcT1Yo6mnLDgEmv4zdx3XFQtZxS_fCQSB8Sfo15si3ynDBkLZkSXEGSDeG_mmjsE74yWZVcMPhecsaSMw5-g9BOKfowV8e8I50kepSyWjzDdLGxXBReibnFmex7w7upISG2pJELS31-F9K_NaS2C2vPWL7665TcPncLssjglDCOSrzZIiWlljnigUgsPoVcG0MMdwRhTrdjoiEq9Tfo&cid=CAASPeRoWWjFPd4aU05I7JjcNX4H-l-SHy2E3mLsNe14EGxloj3Q6SO4MgTtm_ulpiDBl3vZxCiyh1kXOltB7Cc&rfl=1%2Chttps%253A%252F%252Fbanjarmasin.tribunnews.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
server
cafe
etag
10238838524035937739
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 19:21:27 GMT
integrator.js
adservice.google.at/adsid/ Frame 764A 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.at/adsid/integrator.js?domain=banjarmasin.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 764A 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=banjarmasin.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 764A 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3576236887614438&correlator=3243497110765769&output=ldjh&impl=fif&eid=31060550%2C31060770%2C31060413%2C31060654%2C44739387&vrg=2021040804&ptt=17&sc=1&sfv=1-0-38&ecs=20210409&iu_parts=3407884%2CUreka_Supply_tribunnews.com_Outstream_1x1_280820&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D201ecd4fbaa81c2f-22164e5d7aa7008f%3AT%3D1617996152%3AS%3DALNI_MZzCgTNlu0nTbT2SPoF-lJ4HdWy6w&cdm=banjarmasin.tribunnews.com&bc=31&abxe=1&lmt=1617996154&dt=1617996154345&dlt=1617996153641&idt=642&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3937531387&ucis=yumtqriyia&ifi=1&ifk=292538325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&top=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=557921315.1617996154&ga_sid=1617996154&ga_hid=443840296&ga_fc=false&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
3a9ab580fc7d2d6695e9b17f0a28a63aff43f89fa27276eb6e6250486b509307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4274
x-xss-protection
0
google-lineitem-id
5605352326
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138338383160
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bf72ea5a466a086148209f1979b033f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 764A 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://bf72ea5a466a086148209f1979b033f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 764A 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame E61A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjZIRDakScYl5baogEwAQ&v=APEucNXkg4b216Uc6b65tMmTHiU0Is-JVcU4XCl6ASzbuOlspFTIkUqNgIWMSpSpYf079ylNUJtmzxPjqNhxaXBwEKwUqLSkXtJFHqyEvm3E9odN8MRXvmVBeLIZMdk-qkK96UfbFWcQ_NbxAxBkN4x-6HfAJlCv5D5_B5ZUdk88qnHn_7Nnn7NUXd2ot3eban2z_xr_2eoVc7nfjG01iNwQHcn2U625rA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 09 Apr 2021 19:22:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E61A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHCpeuvK1Rg-.pMBeR2.IQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjZIRDakScYl5baogEwAQ&v=APEucNXkg4b216Uc6b65tMmTHiU0Is-JVcU4XCl6ASzbuOlspFTIkUqNgIWMSpSpYf079ylNUJtmzxPjqNhxaXBwEKwUqLSkXtJFHqyEvm3E9odN8MRXvmVBeLIZMdk-qkK96UfbFWcQ_NbxAxBkN4x-6HfAJlCv5D5_B5ZUdk88qnHn_7Nnn7NUXd2ot3eban2z_xr_2eoVc7nfjG01iNwQHcn2U625rA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 09 Apr 2021 19:22:35 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E61A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjZIRDakScYl5baogEwAQ&v=APEucNXkg4b216Uc6b65tMmTHiU0Is-JVcU4XCl6ASzbuOlspFTIkUqNgIWMSpSpYf079ylNUJtmzxPjqNhxaXBwEKwUqLSkXtJFHqyEvm3E9odN8MRXvmVBeLIZMdk-qkK96UfbFWcQ_NbxAxBkN4x-6HfAJlCv5D5_B5ZUdk88qnHn_7Nnn7NUXd2ot3eban2z_xr_2eoVc7nfjG01iNwQHcn2U625rA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:34 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid
02176725-2c3e-4a2b-a9ba-6a3df85c3193
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E61A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjZIRDakScYl5baogEwAQ&v=APEucNXkg4b216Uc6b65tMmTHiU0Is-JVcU4XCl6ASzbuOlspFTIkUqNgIWMSpSpYf079ylNUJtmzxPjqNhxaXBwEKwUqLSkXtJFHqyEvm3E9odN8MRXvmVBeLIZMdk-qkK96UfbFWcQ_NbxAxBkN4x-6HfAJlCv5D5_B5ZUdk88qnHn_7Nnn7NUXd2ot3eban2z_xr_2eoVc7nfjG01iNwQHcn2U625rA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:34 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.86:80
AN-X-Request-Uuid
5456a158-0c7d-4418-99ea-d9b90a64028c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1B05
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQif_jARi4oKpsMAE&v=APEucNXflUP6L4X7ZUiSe448542vygF50LrCe1TU2IEt0P1vuPc0Y7I9FtIjMrS1lZlpOdQq4tqLZ2LSApp29y87tb4HycFL3RGKxfdXIGNBjNth11_poIOX6nLudX18Kl3bmZdd9rVme7T7v-7S-VCQTK3Mbu5ZMFpjPiZarsVX6JOM3PLR06IN4c1bCUOYXGSoi8w7Fr-cFwWwERwuZ2eqkJpFHc5Guw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 09 Apr 2021 19:22:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1B05
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHCpeuvK1Rg-.pMBeR2.IQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQif_jARi4oKpsMAE&v=APEucNXflUP6L4X7ZUiSe448542vygF50LrCe1TU2IEt0P1vuPc0Y7I9FtIjMrS1lZlpOdQq4tqLZ2LSApp29y87tb4HycFL3RGKxfdXIGNBjNth11_poIOX6nLudX18Kl3bmZdd9rVme7T7v-7S-VCQTK3Mbu5ZMFpjPiZarsVX6JOM3PLR06IN4c1bCUOYXGSoi8w7Fr-cFwWwERwuZ2eqkJpFHc5Guw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 09 Apr 2021 19:22:35 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1B05
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQif_jARi4oKpsMAE&v=APEucNXflUP6L4X7ZUiSe448542vygF50LrCe1TU2IEt0P1vuPc0Y7I9FtIjMrS1lZlpOdQq4tqLZ2LSApp29y87tb4HycFL3RGKxfdXIGNBjNth11_poIOX6nLudX18Kl3bmZdd9rVme7T7v-7S-VCQTK3Mbu5ZMFpjPiZarsVX6JOM3PLR06IN4c1bCUOYXGSoi8w7Fr-cFwWwERwuZ2eqkJpFHc5Guw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:34 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.46:80
AN-X-Request-Uuid
02e4b6a2-381a-43cd-9702-191fc4a1dded
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1B05
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQif_jARi4oKpsMAE&v=APEucNXflUP6L4X7ZUiSe448542vygF50LrCe1TU2IEt0P1vuPc0Y7I9FtIjMrS1lZlpOdQq4tqLZ2LSApp29y87tb4HycFL3RGKxfdXIGNBjNth11_poIOX6nLudX18Kl3bmZdd9rVme7T7v-7S-VCQTK3Mbu5ZMFpjPiZarsVX6JOM3PLR06IN4c1bCUOYXGSoi8w7Fr-cFwWwERwuZ2eqkJpFHc5Guw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:34 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.80:80
AN-X-Request-Uuid
4d9e76a6-df0c-43c0-a2a0-ccea081e64f5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 49F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQif_jARjht-CjATAB&v=APEucNWxOPV7LnVob-qOkygECkSvISxNb4vwnmgFXDFnhBlLxCOhZtLaJJlZmcb5bxFsBnhPLZ_tbrqroL1lKNBQykAV7xknaCUFqZOqQ7S2jb7wxW0s52yDh8yhNyUnvOsB_uUkHlrKMeWZ9sHF4gmxQhCwIjALU2-16iB8ZbtKKAU7o8CqeHU3ecgEB70yc8nQCtGBpcOs9oQMQRM6eOiCbQztoOBChA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 09 Apr 2021 19:22:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 49F7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHCpeuvK1Rg-.pMBeR2.IQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQif_jARjht-CjATAB&v=APEucNWxOPV7LnVob-qOkygECkSvISxNb4vwnmgFXDFnhBlLxCOhZtLaJJlZmcb5bxFsBnhPLZ_tbrqroL1lKNBQykAV7xknaCUFqZOqQ7S2jb7wxW0s52yDh8yhNyUnvOsB_uUkHlrKMeWZ9sHF4gmxQhCwIjALU2-16iB8ZbtKKAU7o8CqeHU3ecgEB70yc8nQCtGBpcOs9oQMQRM6eOiCbQztoOBChA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 09 Apr 2021 19:22:35 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 49F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQif_jARjht-CjATAB&v=APEucNWxOPV7LnVob-qOkygECkSvISxNb4vwnmgFXDFnhBlLxCOhZtLaJJlZmcb5bxFsBnhPLZ_tbrqroL1lKNBQykAV7xknaCUFqZOqQ7S2jb7wxW0s52yDh8yhNyUnvOsB_uUkHlrKMeWZ9sHF4gmxQhCwIjALU2-16iB8ZbtKKAU7o8CqeHU3ecgEB70yc8nQCtGBpcOs9oQMQRM6eOiCbQztoOBChA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:34 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.137:80
AN-X-Request-Uuid
56db8f89-7255-48af-9906-34af6c5c2fb4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 49F7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQif_jARjht-CjATAB&v=APEucNWxOPV7LnVob-qOkygECkSvISxNb4vwnmgFXDFnhBlLxCOhZtLaJJlZmcb5bxFsBnhPLZ_tbrqroL1lKNBQykAV7xknaCUFqZOqQ7S2jb7wxW0s52yDh8yhNyUnvOsB_uUkHlrKMeWZ9sHF4gmxQhCwIjALU2-16iB8ZbtKKAU7o8CqeHU3ecgEB70yc8nQCtGBpcOs9oQMQRM6eOiCbQztoOBChA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:34 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid
d5fb739b-4587-47eb-9278-01c587a84607
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CE66
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNXfbRDCtCNDneV-MGOe9aES_Rmg_WAyb3V6dmQJp-nBuxa8_DOZLZ64lghvkZ6fQKhYpQVls88d5LCqrU2vbhY5Ja8abjsXR3rstaJm3l6LYD-UIpMDoR1UkkaQAVfxvhRG2KiY4S9Nzjjk2UQZIwcLxO1EFei7H8xKxbpluaLeEKfWmLuSzvjqF3qNqd1aNL9PClmgQENQW_YdYFQsOOjPzZffwg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 09 Apr 2021 19:22:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CE66
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHCpeuvK1Rg-.pMBeR2.IQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNXfbRDCtCNDneV-MGOe9aES_Rmg_WAyb3V6dmQJp-nBuxa8_DOZLZ64lghvkZ6fQKhYpQVls88d5LCqrU2vbhY5Ja8abjsXR3rstaJm3l6LYD-UIpMDoR1UkkaQAVfxvhRG2KiY4S9Nzjjk2UQZIwcLxO1EFei7H8xKxbpluaLeEKfWmLuSzvjqF3qNqd1aNL9PClmgQENQW_YdYFQsOOjPzZffwg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 09 Apr 2021 19:22:35 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxCuOzn2mSDbdJ_IlmPT40&google_cver=1&google_hm=2&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
324
Expires
Fri, 09 Apr 2021 19:22:35 GMT
setuid
ib.adnxs.com/ Frame CE66
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNXfbRDCtCNDneV-MGOe9aES_Rmg_WAyb3V6dmQJp-nBuxa8_DOZLZ64lghvkZ6fQKhYpQVls88d5LCqrU2vbhY5Ja8abjsXR3rstaJm3l6LYD-UIpMDoR1UkkaQAVfxvhRG2KiY4S9Nzjjk2UQZIwcLxO1EFei7H8xKxbpluaLeEKfWmLuSzvjqF3qNqd1aNL9PClmgQENQW_YdYFQsOOjPzZffwg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:34 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.49:80
AN-X-Request-Uuid
774a7158-60c7-4b19-8d5d-f1ca52eb9407
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELzgVqI6IigOkGiIuet-yfw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CE66
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNXfbRDCtCNDneV-MGOe9aES_Rmg_WAyb3V6dmQJp-nBuxa8_DOZLZ64lghvkZ6fQKhYpQVls88d5LCqrU2vbhY5Ja8abjsXR3rstaJm3l6LYD-UIpMDoR1UkkaQAVfxvhRG2KiY4S9Nzjjk2UQZIwcLxO1EFei7H8xKxbpluaLeEKfWmLuSzvjqF3qNqd1aNL9PClmgQENQW_YdYFQsOOjPzZffwg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:34 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.180:80
AN-X-Request-Uuid
8868733c-a656-49f6-824f-126144536587
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5MjA4MjI3NDUzMDY5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C0A5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM5xC1E2BYmQQtDiVIdryG8&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM5xC1E2BYmQQtDiVIdryG8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNUbwhjI18W5qLlShLU47rp8vfDy_UYrk-fnlD7IL9oZVuGTxiOj8lkqvPhVUYWqWnageud6_SQjtcbKpHbGyOaakmupFgLEPsg-J5w1zmzsw_ybdm1URaTApMCOebU1jZb3YhngqTmoW68F9bklBQz5ZV7y7ryubYvc821zNSiJXQnpbnz9UyKrqiVlJSiBn6-JWHX_xZ8dT1_ZpbuKRx4tSVlDqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM5xC1E2BYmQQtDiVIdryG8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C0A5
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjZiMTY1ZGUtYmYxNi0yMmNlLWQ0YzgtOTFhYjMwYWQ2YmVh
170 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjZiMTY1ZGUtYmYxNi0yMmNlLWQ0YzgtOTFhYjMwYWQ2YmVh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNUbwhjI18W5qLlShLU47rp8vfDy_UYrk-fnlD7IL9oZVuGTxiOj8lkqvPhVUYWqWnageud6_SQjtcbKpHbGyOaakmupFgLEPsg-J5w1zmzsw_ybdm1URaTApMCOebU1jZb3YhngqTmoW68F9bklBQz5ZV7y7ryubYvc821zNSiJXQnpbnz9UyKrqiVlJSiBn6-JWHX_xZ8dT1_ZpbuKRx4tSVlDqA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
gzip
server
OXGW/16.205.50
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjZiMTY1ZGUtYmYxNi0yMmNlLWQ0YzgtOTFhYjMwYWQ2YmVh
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame C0A5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEMG-fXkfWNR77r1Y-O7T-EQ&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEMG-fXkfWNR77r1Y-O7T-EQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNUbwhjI18W5qLlShLU47rp8vfDy_UYrk-fnlD7IL9oZVuGTxiOj8lkqvPhVUYWqWnageud6_SQjtcbKpHbGyOaakmupFgLEPsg-J5w1zmzsw_ybdm1URaTApMCOebU1jZb3YhngqTmoW68F9bklBQz5ZV7y7ryubYvc821zNSiJXQnpbnz9UyKrqiVlJSiBn6-JWHX_xZ8dT1_ZpbuKRx4tSVlDqA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 09 Apr 2021 19:22:34 GMT
server
akka-http/10.1.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEMG-fXkfWNR77r1Y-O7T-EQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C0A5
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDc3NDczNjQtYmQ2OS00ZmIxLWJkMzktNDMxNzIyNjcxZDQ5
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDc3NDczNjQtYmQ2OS00ZmIxLWJkMzktNDMxNzIyNjcxZDQ5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQjK2PAhjB_PeeATAB&v=APEucNUbwhjI18W5qLlShLU47rp8vfDy_UYrk-fnlD7IL9oZVuGTxiOj8lkqvPhVUYWqWnageud6_SQjtcbKpHbGyOaakmupFgLEPsg-J5w1zmzsw_ybdm1URaTApMCOebU1jZb3YhngqTmoW68F9bklBQz5ZV7y7ryubYvc821zNSiJXQnpbnz9UyKrqiVlJSiBn6-JWHX_xZ8dT1_ZpbuKRx4tSVlDqA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:34 GMT
server
akka-http/10.1.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDc3NDczNjQtYmQ2OS00ZmIxLWJkMzktNDMxNzIyNjcxZDQ5
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 09 Apr 2021 19:22:34 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A532 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 09 Apr 2021 11:47:57 GMT
expires
Sat, 09 Apr 2022 11:47:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
27277
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 94DF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYOvxLScX9dnxqoHgTQPbmAa4j_laNQbHHiaxi3Uiazxsu_qm-mOJ1GxiSkOyOwAgyJeLcr7i5xjoaOuRlxhPL20uOFsLhgHqdOoDibPNyvEyEnMv0-fgi1CIW9kONS8sIaSFl7qxqfNv2m7p7iQqltz2fT5xmLH2HOIlZ6BoMkLjKakurxOdSSemmX2ABf9tmnsKQhvTchekcCEaLjdklF5dPdZ3FDKHj3uDCFMy20I_svmQ0VBvO-NncVjh0pCIPKzkg0fYbxUq3gatz_uXaQJJfCvyfpfrZ5xd9-mefaiqJaQlOrjQw-eWXjikpLe1pY_vNflB_y3Aa694VobdeKbk8r-GcTSXs3y2rtEM&sig=Cg0ArKJSzEsFmkBpWMPpEAE&urlfix=1&adurl=
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ani-uk-slider-tribunnews.com-aniview-PC.js
solution.urekamedia.com/tribunnews.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solution.urekamedia.com/tribunnews.com/ani-uk-slider-tribunnews.com-aniview-PC.js
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:853a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693b5cfde4de7d25c072c93b6eac75cc460bed1e360824cb514db4188f1d23cc

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2014
cf-polished
origSize=8911
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0959af1f0700004e79ca836000000001
last-modified
Mon, 01 Feb 2021 03:11:54 GMT
server
cloudflare
etag
W/"22cf-5ba3db743d280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vAPkVcUCl8t0DxrkPvjOUoaIcdaNNyy%2FTl%2FlddPEmB3ocZd9%2FrSfc255R%2FPKxv3b%2B5eGMtCTKFFJDgkZV%2BiNCde53o4pOPVBQFa1yXUXqOhCS%2FKQAfHYvcZ9oXoxVDMpqcAT9A%3D%3D"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
63d61ade7e3b4e79-FRA
cf-bgj
minify
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 94DF 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:34 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 764A 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795245888949"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 764A 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040804&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cc197988eeeaf91a8f34593ac515c798aa5df085d2ca011e489ab29e047bc32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6623
x-xss-protection
0
prod
tra.jixie.io/sync/ 		171 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.jixie.io/sync/prod
Requested by
Host: scripts.jixie.io
URL: https://scripts.jixie.io/jixietracker.min.js?accountid=9262bf2590d558736cac4fff7978fcb1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.67.9.0 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
ba50c6f059f906ab0b261934f633d22da23b4683d60e8a240ab4d059d6d4ef22

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 09 Apr 2021 19:22:34 GMT
Content-Encoding
gzip
X-Powered-By
Express
ETag
ef215640-9968-11eb-8a64-e5269c68079e
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
private
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
prod
tra.jixie.io/sync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tra.jixie.io/sync/prod
Protocol
HTTP/1.1
Server
13.67.9.0 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://banjarmasin.tribunnews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Vary
Origin, Access-Control-Request-Headers
X-Powered-By
Express
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Headers
content-type
Date
Fri, 09 Apr 2021 19:22:34 GMT
ebRichVV.js
secure-ds.serving-sys.com/BurstingCachedScripts//Disp_3_39_0/ Frame A150 		121 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts//Disp_3_39_0/ebRichVV.js
Requested by
Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1076429961&gdpr=&gdpr_consent=&w=970&h=250&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%26sig%3DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%26cry%3D1%26dbm_d%3DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%26adurl%3D&e=0&ord=1617996152951599&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-190.deploy.static.akamaitechnologies.com
Software
/ ARR/3.0
Resource Hash
2182230d8b5738d67101a6e29b1ea5ef03db19c33c7dd2e7f71c5f9f6500db32

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
gzip
last-modified
Mon, 22 Mar 2021 09:08:20 GMT
server
x-powered-by
ARR/3.0
etag
"db553e7fa1ed71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
41365
expires
Mon, 31 Dec 2035 00:00:00 GMT
truncated
/ Frame A150 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c1157aad6564547a0e2524fdc2dea43f74f7a112d34a239b9887e8cf1559fab

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 46BE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27374
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:46:20 GMT
truncated
/ Frame 46BE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ebc3dbfe2ac1a4bcd8afc41939679eb300e1503eff1d602bc13e05312a45809

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/9109151/1617869297867/ Frame F59E 		93 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9109151/1617869297867/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61188ec7c3f93e904a88d6c3b9a7ae3f2d4dbeea1b6470fb59be792305eb04e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9109151/1617869297867/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
20222
date
Fri, 09 Apr 2021 13:44:54 GMT
expires
Sat, 10 Apr 2021 13:44:54 GMT
last-modified
Thu, 08 Apr 2021 08:08:17 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
20260
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame C667 		0
575 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpq7ijOtlA3jzLSrZSqCPiaPR57cOGfwYdnGtOM-bIGIvV1Fdv6tjsaZ9zkZgEQHjLNPzQ8Btd2m-ntzytlPMMzPY5JBm22u-867Stiit5urbFoIrxRmIS-I4M2P-TF0i9HM9sKd31EnhZ6DZ95lpiKMUA6sQUhPSm5XDF3LCTiN9Y6rg8Jm4gxmu5FmCMdjWaySoLWV1UNuRgh-1Q11bBAnE1_qRBtQ_HylFZvlFAITIVSRr269ScVOzlA7WlKFR0NsSGWclM-_eEw5l1FHENTiPEN7mJQ9hPNAZZqBKhe_5SXE4hba6VMtbHEughDqAKFRmQrBnziKdqett-ngkQjDPNFV4iVne4judB6gEDK7l1R-3Ovz_ewzqfiRb5FYEGD9xCQw8mP7WV96uuh91ljRu1lNisvPKr5chQ54pfTHoCvXraObA4M23vjmAaaLqmA6y9jrKuWKwDEzVbMgDkjWBGbMErvWzsMvf7F3P9_kKAo3gfBhoTmHAYZ3yBiiGtLVbjCmkYHFcG4Cj1rp4aIlXJw9WoVu5kuHK0kfWVN9cPJm6EE7rCpENhj-WFVo3IiPLQp3EutJnlDJomrDVlh4Sgtwn_fadziy-Awtsrzv2FGV5t5-jRX37IlQuBx5TKpWdaTqKIRI2lZC3Y1ppQb63suY8dTyNyqFXvByX4HOfXmXlfvIy_QM5jKfPvahmT8EIwT7uJHiOnE_obCp4lbezRVwGWSzVtaELphYlmQnaQwEU6yznoW-ZTPgXKVadOg_nN8nrInb1JJD98uYxjZcOY-5QRlfBRZU33XP-bHjcTvPRvH0cpEui9oUAS0QzW45QjOcj0zulPsOyUoouWFifEjIvmOnf4sWWn9AVuoY3RKDdsxyw8Bim3OcGrRC_w6nTTTYwldR7OX6A9EllkRez4lQ1r4SNl9BCv6eoO72Hv7ASC4j9putoayRJKzxnRro2ZLIomMHgIugkuuLr8MxUptLF-I4T8HNHwthA7V2b4QDRMd2rJKDjM3J0NmZEdZE-NlgeAhMPCTZlBwG6cr1KZKa535qtj7iX9ZIxzqP7sTlyfQdu7bj7G5A_76gbhXOMtDEkpPLLLJDSF_KQY8Awy6R_mMo5QA7VVR1cH-GZ2odfY7FzDOwFwrbCFChwDV-gLcB-ctyqWbSkqNZUO_GshPsLS3fe-Mayz39V6Tclnm4i55Kg6HOCx_iyufo0kq8bQfrbXXMADUgWIvridzvgH4g&sai=AMfl-YRtPluu54AYeZNC2Fv7dC3ArxBMV38CHNYeNkrrALOFm-HywmVb91VwfKl6QAOJ0ZaDna137fpY7CYFrp4dV38xK4Zm3oVxlYCuFTMDN3UyPj8G-Jk8qX5jWFiwzUKcBnrppKpGl1KIDJSxqerSp-nDOypP4JDUoi3vlWuOVrVDMBI--FvyI-dPXblgh34pf7cZ2kNJYFSzFlOd2GFQDsECf5-Em1T0q6UjmpEv2g&sig=Cg0ArKJSzEpKRWBp4R9uEAE&urlfix=1&omid=0&rm=1&ctpt=584&cbvp=1&cstd=579&cisv=r20210406.78508&adurl=
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 09 Apr 2021 19:22:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
main.gr.19.8.188.js
static.adsafeprotected.com/ Frame ECC9 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/654467/53133099/skeleton.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-188-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
gzip
last-modified
Mon, 05 Apr 2021 16:41:54 GMT
server
nginx/1.16.1
etag
W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C667 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27374
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:46:20 GMT
truncated
/ Frame C667 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8832e49ebde4a37066d7a19b4620f4a65eaf150c9c417281d71a7ea5aa0c89db

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
main.gr.19.8.188.js
static.adsafeprotected.com/ Frame 2248 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/654467/53133099/skeleton.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-188-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
gzip
last-modified
Mon, 05 Apr 2021 16:41:54 GMT
server
nginx/1.16.1
etag
W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame ECC9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27374
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:46:20 GMT
truncated
/ Frame ECC9 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23b7262c0e6b8d68e1afd93ba94195c506cf061eba61a32df54e17e0b0fb8ff0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 764A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 09 Apr 2021 19:22:34 GMT
index.html
s0.2mdn.net/sadbundle/4864958390687760384/ Frame 6323 		59 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4864958390687760384/index.html?e=69&leftOffset=0&topOffset=0&c=mSYUOASF4K&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e24d73739053879d73bf3b1c06647e834bc56f4fd0ec7d93e2ce6d11592295ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/sadbundle/4864958390687760384/index.html?e=69&leftOffset=0&topOffset=0&c=mSYUOASF4K&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:34 GMT
expires
Sat, 09 Apr 2022 19:22:34 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 20 Mar 2020 15:24:46 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 46BE 		0
28 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssq_Cdi7HmzMjnfRCQnfx4o8jEVScoHayM1vWsTMF9aN-gzGn0mPH67wGeaVbOQ_LGDhRTw78veXkGpZz2M6pqITjFqqBSKkAKdvN09epoTwwFGyxvoxzUcpm3qwVNPeVsg50_Fkf7629MyAjLSUXWKBn4IxxkltDtisgzdvfqWTkoctPq-Ir4clNhSVn_Is2GrK5RK4IrLkgI0HqJA-zYBqSFv9RNKIXfO5XUJxNermBLviRwxjcZ9JDBZp7XvZ7zEkEGEuErjeIozgR3R_s-cgxyEiMXR7y0UbVXgdUTZzJr5e-WmF087ZhUK2Z0v4yxX9VY4_4WNfFkadblZTkxJpcAFQ9mfqFFKxNlKvw9ef2oQSKXPEg0B4U2cB_2WU1FsHNdHGrAXbmpQ0yQbVlpwEwUZDrmx6QwCzrHp9doYom54trH3oBtmt4bx9Mg58AlsuqIWCAtuWus0wKS1AV3x3ZBzHWq24gyewHJ1fJRjlwEcaFzI7vuv0nr-nUsk-bkro1qF3W541qRiRmiaZ0nzZ9QPaBioLIWGwj5atL4AQ61P1CogQfu3Hra6uYP4mSKPEWmovK7tqnfXbblPKQ-UjCmnaMwD2GYl_k8hkDfcjgjMg-i5NfkCnJne0VytZJO-x4YyTdBel87-F7WNvncmpTpDl3OvE7GVooyvUgbQfE8ft6kdnZ_IFh1RddpdDHOsm94g5xaPg1P1CSf_QCRsDdS3RV7qo1LMKnr3f_UU1lQAA9zlCvqZyBPjWgHp37BJXZXX35GQsgOBL0BBv7UV8r_l6byUeZXD5-Yp3YwhL2byOvexB7Bs2xqNG2_Xd4o2OQdGfWqZb0Zd3Kjl10XzCYkdGxOSuZD462Yv3mcjq-CwrIrp0a0mYtHIVaVlA8H7f_u0As0FgDGeKk5kqF9fweI2-aRZ46ZSqWMIRWcundzH_ReyvuP8CPjXSSsL5fhXfFOaJBDn99n7X9OnKnuG9CepkcQqK_TzKewR_CWdPlipUyv5xksIJ052D4MzP_pUSaekGAvWqktkY4aXcheo4XGbGyVitTbp25BtBcro_DqXnr0DGVxVC7I-bwQniHshiJhAo3W12NEkvOB_Vq3Bcm1IlobZ1UoZk8yW_sFh3B30I5Oo9AaaJfIsKnrwbZHgJNlCCKHNBUG5lHrw_6eoC8X82K2OK1j4tVry7ENdKRJVPNx9Z1oC5uj-W9SFvdDfPpXRoUpZD50VYnbcKVc&sai=AMfl-YQHsvm93I5t2qtUdkAsMLfk6eL4ItWl7FSCP3Dg7Yek7YiNDnMuin1xPDEU8X67-5N4cSTF3o77AYSw4fGhZbqjblsr8iG7EGfkzFapIoyygZfAWXoIAM_zyc_X4QRYPygvenLHYXnAtNaUMzMxczvHXfPWnqNcvJnz1AN8TqkJpJlPavS2nY_Q1c2XaPJDHWIpocaUzqB-9g4TZUFKX4hpOY3DM9QipEaGhnwQkw&sig=Cg0ArKJSzLAgTd3WBzNrEAE&urlfix=1&omid=0&rm=1&ctpt=776&cbvp=1&cstd=757&cisv=r20210406.47164&adurl=
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 09 Apr 2021 19:22:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/ Frame 3FF8 		73 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ff9a368a091c20f658d3286670c910050c3a2a7bd17023b83ac549c6aa16b4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
18189
date
Fri, 09 Apr 2021 13:00:37 GMT
expires
Sat, 10 Apr 2021 13:00:37 GMT
last-modified
Tue, 02 Mar 2021 16:14:54 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
22917
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2248 		0
562 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzqG6kmFEPHs3ZdpHLFlC0Lm2BtxGcxn6Q8GEtPUyZ9ieTLbUgm7DvHVxndyTdPAmgMA_HD_eGasNXgV-aSlVR29VoeC9n0--lVxJTJh2v-J153fscxGt2w_OchcEl43WKDyE3vMsFeBHmy-M6QmJ9_ZJwBJV729Bkz_PUZST5iezc6NOiqKm3Qk82GQbncnbB-5AKgFzR9aeI7kMsd3PKm6V3vc59GsVjyfAjhzD8-9Dgl_9QheiC2kCZ6VrTVzp-7SHK9g-BjFiuUxAXavsTo7DaeAHlrTNGOQ4xJIns8J4Ficrlsg8k4KGbB7FN5FQq0CQb3rZJiMXO6NQQE8S5FcIxfHDILcSt5MW_1rnRGO5s_4uGjrPvq50ftcV8A1Z3Xxmt7oG0YgTh06tlymQ-MXgHHmi464w3u24aunHdDyo0lsByq0bgQoZ-t4V9gvCxRx0dHI0aWEMuHQnZaRmHoFcLylUSly73zVfPMnbraAPECkI6Jk8H1zXufksUMEevgc51JVaXdN6eiPncSMlrCDTKkOsJT9gWOY0rVrWeFGvB8oH_oJmus9wHc5gFkPr3sptwpVpGnGeQf-nbA7TQNsMlglUcFfhme5FAoomT-mMxDDwQzKNMv9495v9l77vBpiMwhgQBacWvxejbL4PA8_wauYOhp4JXSTnAdDggX8EAFkQ9oYTXR6AJhNZkgYZv6LuOhdwYZkbQWQE3aLqA2GULZUdCjUvtdZZ8_KmakJphWC4z4mdGp53ZCcYASDIOCEGl8RRR6FzFvOHck1NNn1yjkoGB_tQxXcIvDt1Ai0IDZX2gZNSTOUhIaf4cYbZDhh5AtBgQczuXYnAFKzqHcTrKUwzuCqDuPAz6BTlNz7U-VxE2Mu4FA8U-GMzxpS_LVbJR7oE_FRP99g06T3NjWeYQIVCqsMp6FxBkQvOJXY_EtP1v8DWYg5xUH4zELY3jXQQtTWiO7NN9tw-x6aIm4HU1mmucqyw_utqDYTZTlIE32yXjkIxZ1adaal7MCoZQJrZqR1AHVqMdO6x4nU4YPCjWZUn0KmdullVbouGwLDNC8sTTJDXSn-z7CTgkhwSRGpZEEDpPmhDe0n2uHix_-HF-za7o-JL1pylHTou1U5BkCQ6-0zT8kckJM7csNgLut5CnCTfMJqPqYpRhYqPdyDmY_5B6LNEjYCwxRqBquPfNlJVChmP8T43s9a04Dqg&sai=AMfl-YSUeOvp0eHe1nPEj8BRjbZWitIp6HVV3mKx8EdzD2PPsxBGQRYCPox8E_FoX6kiIEZrmO2Cfv2qFDiQQOSzoVBzlglXB5mnY9IiKqCbsKS5Kyhg9J6uEEYlTTaXHgjSO2BqEQ4GIGpKJ-RVSw-z65axXbfAFSE_8wQaBnJYOCE6g54dkA_Z_vHy3rlan-hx9e1eVww5XHMnhju8y4RxpJpFfecu6EAakfcrPSg-pA&sig=Cg0ArKJSzFH7gRXpqrVcEAE&urlfix=1&omid=0&rm=1&ctpt=739&cbvp=1&cstd=731&cisv=r20210406.45093&adurl=
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 09 Apr 2021 19:22:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2248 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27375
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:46:20 GMT
truncated
/ Frame 2248 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fef517592e88ffeece27b237207133904ffd02baaa34f8f69e330a798b7b26b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/ Frame 0E59 		73 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ff9a368a091c20f658d3286670c910050c3a2a7bd17023b83ac549c6aa16b4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
18189
date
Fri, 09 Apr 2021 13:00:37 GMT
expires
Sat, 10 Apr 2021 13:00:37 GMT
last-modified
Tue, 02 Mar 2021 16:14:54 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
22918
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame ECC9 		0
28 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst63iic4r6Uvy4VAWl6QPWev1LwymMRia-dKiNdB7m2GxtPdnt7VLkImLyK_REW_19i3HWcQQJWvzngMVSqTs-7ExcscJ8TIiUSf9sTCBFtNM-69XOi34EysO4W0VoH0fcsE2cdk9eSqDBvI9oplKxmE2sw_1YEt-X_2aXL_XVH5zZllOkp9AUrVGtZwEfIWHMtLBT-mYxxDmzq4DQdVAQH4ttzWvTKE8R3w7Tv_u2zA5A7sPp8DSaSRNCBb_rL9uCAFfq9BedDmFgvtE3Nme0Dh_EHBah56mzPBUZ9URW2-TlflY3kddBfEpAUJXO97WbjvnmkzMFMuy48BCBnFgXLUcjgaQ8NBdg2as0fNK3xFcQuK7p0fucPf-kXgVQJL28VvcwBcr8VkVR05WRTXW6tuzEx1ih9YbTpuz_8PTV0jg9vTlw2sSApcqf1ireMSymNAwmJ1d4YaTjo3Tghwb-N4nXO7JADDn5E7Q10V6u3bzo1HWYcziw50y8wD4fRwXu0kip_Zz_71LXCu9AETB8IjozdRT2RpFYles3HOjDzk3887UFaFnl9_UoxhKKjfiF_9dkJI1U8kVLyNGVMu1kms8EJIzbcMQ-0vxuTLZFC1X51VcVUyPcMJ5qQeI5Aj1YRWF70VfnEaOuKzCgiqHSSs81TfHUNBQvKPt9ECsupyUcb9w1EB7iOVKg8Oez5AYskeOScn3-Rkyxq31O27Msm44SSQBss96JbGOy_sZksSmvYsRRaOHL_DpUurAeQXlonD8Bj9GJxQU4nAiko_s0Q6yI7Oe85AX_ovzJQwqVA7xz6BEF55jyk48sCr458_jI215zbwUpdFREwqC6pGY2v-cxMDO_iibE2rRov2tx-tl5egb5bHYfKQo5MQ4uSUy006-FRj-vz2TvWzYNR4MgI81ZIJ_pRlH4NgoogQ_G7YFvd8WUHr2B1OckXlrim7-qbkCO8KtOA6FCJ84EIU-bSwjKNg7GDEbB9ZNrMHh1jrK3q_6bHzICOENIE_Ti6-XQlgJq83NYvLptyewpTwXHCOmXIjqwMUQbWpqFtPM6EaxaXkvF18jCW-vyPuvEw0-VtQ_btzysK03dUbwhMEpb-cnTHjiAWy2f017w1bntlOnTO6ubESJ1ZfHycOZgriCUUworcf2m4h7ud74PodrrcOOl6-FKgXx4_B2w5hyQUMIbE0JEvLUaLAwXMd8Rv73Q&sai=AMfl-YTBKDoVP2NAAjwsFJ-BNYtUtfKRaCM_MT614PUR3C_J2gcRa17jUVHqNu62i3Whors-ZfV6Avn6eVbJHtXca-Le7o_J_LkNWymFfya8e3HracKygTaBv2FQewBrcwzi1AMjCWAwNN8ZJBezJF1LxTfocLOmPJAP0xk7MD84QigZnIbwTUQeRF2kbnR9VRiE6TVRgwwG9kttDQ3nBA57F94zbWPhsgBrUmDZ5QVUzg&sig=Cg0ArKJSzP91Aof9-P2hEAE&urlfix=1&omid=0&rm=1&ctpt=863&cbvp=1&cstd=860&cisv=r20210406.59584&adurl=
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 09 Apr 2021 19:22:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 94DF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVuo-C49HsPDyJ6uP5h_OJM481EoxYohTU68MMaJ_TSBAZDL0qVhMu_iFD-ECxw-5tjvkmMjq7lzcaLiQcIxyC4oPUaGNQEeTu7-aXfWLnOZgJRMpGwbQXo2weBVJ0-3PN1i04gOUPt5eCmR-g2cl5w2iRg2UibPSXQvx2w0Qhwuynpw9XJMEG_WwH85sBX-Inc94Se8RsBKRhLDRX8RGUnM4aFdolFEk4WXPJv5DQdODX8_Q4gCH8qOwACFRfLxGVnd_coxLqJfMCsY7stRwcPUa2ZVZFrssYellsZ5MdIQWMH0XGTgkpbZoXVW0f4r9vJPqT4IKANHewdeernqIrFDjPZFI8ziLUBuBIypeSQg&sig=Cg0ArKJSzDhVxq5nNpWcEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 09 Apr 2021 19:22:35 GMT
player.js
player.aniview.com/script/6.1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: solution.urekamedia.com
URL: https://solution.urekamedia.com/tribunnews.com/ani-uk-slider-tribunnews.com-aniview-PC.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:48b::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1028e6c264ccb5e7a11f656490b6388a0cd366c725dec74a5e66d53e51c9735a

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UyAhP8eAlSPuPkLAtaKRtg35F7gwYFilJAaqz_MC9bL1iWCdSy9QyO9Jg3enoytpxnNMUE2rxFj9MPgNZTPWvJyoF_VrA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9055
last-modified
Wed, 07 Apr 2021 07:13:29 GMT
server
UploadServer
etag
"18e78af20e1909fe2e8dc9110fefe4bb"
vary
Accept-Encoding
x-goog-hash
crc32c=GZLABA==, md5=GOeK8g4ZCf4ujckRD+/kuw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1617779609739277
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9055
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 09 Apr 2021 19:27:35 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5f4c6fa86d070d2ea259d40a&cid=5fc49f47ef635a0437416998&e=playerLoaded&cb=1617996155198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.157.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A37F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 09 Apr 2021 11:47:57 GMT
expires
Sat, 09 Apr 2022 11:47:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
27278
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/ Frame 68CA 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/index.html?v=_2_127_1_0&n=1&isPreview=false&clickTag=https%3A%2F%2Fsecure-ds.serving-sys.com%2FBurstingCachedScripts%2FReportPage_2_12_3_0.html%3FebReportURL%3Dhttps%253A%2F%2Fbs.serving-sys.com%2FServing%2FadServer.bs%253Fcn%253Dbrd%2526PluID%253D0%2526Pos%253D23916470521773436%2526EyeblasterID%253D1083129936%2526sessionid%253D715657777233199579%2526usercookie%253Du2%25253D2971ef0e-5645-41b4-934a-0c65cb2deff0%2526OptOut%253D0%2526di%253D0%2526dg%253D1075977878%2526dgo%253D1075977878%2526gdprpurposes%253D1023%2526ncu%253Dhttps%25253A%25252F%25252Fgoogleads.g.doubleclick.net%25252Fdbm%25252Fclk%25253Fsa%25253DL%252526ai%25253DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%252526ae%25253D1%252526num%25253D1%252526cid%25253DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%252526sig%25253DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%252526client%25253Dca-pub-7784034061253020%252526dbm_c%25253DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%252526cry%25253D1%252526dbm_d%25253DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%252526adurl%25253D%2526ebReferrer%253Dhttps%25253A%25252F%25252F5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com%25252Fsafeframe%25252F1-0-38%25252Fhtml%25252Fcontainer.html%24%24ebImpressionID%3D23916470521773436%24%24ebTURLs%3D%5B%2522https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%26sig%3DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%26cry%3D1%26dbm_d%3DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%26adurl%3D%2522%5D%24%24ctick%3D1617996155266
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Disp_3_39_0/ebRichVV.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-190.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
8f621115383a45836f2a43f4b9b51072c147a6159be3308a1b285d29fe2de310

Request headers

:method
GET
:authority
secure-ds.serving-sys.com
:scheme
https
:path
/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/index.html?v=_2_127_1_0&n=1&isPreview=false&clickTag=https%3A%2F%2Fsecure-ds.serving-sys.com%2FBurstingCachedScripts%2FReportPage_2_12_3_0.html%3FebReportURL%3Dhttps%253A%2F%2Fbs.serving-sys.com%2FServing%2FadServer.bs%253Fcn%253Dbrd%2526PluID%253D0%2526Pos%253D23916470521773436%2526EyeblasterID%253D1083129936%2526sessionid%253D715657777233199579%2526usercookie%253Du2%25253D2971ef0e-5645-41b4-934a-0c65cb2deff0%2526OptOut%253D0%2526di%253D0%2526dg%253D1075977878%2526dgo%253D1075977878%2526gdprpurposes%253D1023%2526ncu%253Dhttps%25253A%25252F%25252Fgoogleads.g.doubleclick.net%25252Fdbm%25252Fclk%25253Fsa%25253DL%252526ai%25253DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%252526ae%25253D1%252526num%25253D1%252526cid%25253DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%252526sig%25253DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%252526client%25253Dca-pub-7784034061253020%252526dbm_c%25253DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%252526cry%25253D1%252526dbm_d%25253DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%252526adurl%25253D%2526ebReferrer%253Dhttps%25253A%25252F%25252F5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com%25252Fsafeframe%25252F1-0-38%25252Fhtml%25252Fcontainer.html%24%24ebImpressionID%3D23916470521773436%24%24ebTURLs%3D%5B%2522https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%26sig%3DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%26cry%3D1%26dbm_d%3DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%26adurl%3D%2522%5D%24%24ctick%3D1617996155266
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u2=2971ef0e-5645-41b4-934a-0c65cb2deff04AC080
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

content-encoding
gzip
content-type
text/html
etag
"3ef564c2355a4bb3fa77cb3f15c59a7d-df"
last-modified
Tue, 30 Mar 2021 08:09:59 GMT
server
ATS/7.1.0
vary
Accept-Encoding
x-amz-id-2
6oxfgF5znNAco5t2dJNQr2fwSzarzWZFKc37VzPrKkM3Ekn6jXV1cU4uJ2LvtoDVU4bU11sUXFA=
x-amz-replication-status
COMPLETED
x-amz-request-id
Q5YR9YM5EB0BAKES
x-amz-version-id
OzC3n4uoMj9IW2ufyFfDjKjz9_.ah.qW
content-length
3896
expires
Mon, 31 Dec 2035 00:00:00 GMT
date
Fri, 09 Apr 2021 19:22:35 GMT
access-control-allow-origin
*
accept-ranges
bytes
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CB56 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 09 Apr 2021 11:47:57 GMT
expires
Sat, 09 Apr 2022 11:47:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
27278
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9FBB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 09 Apr 2021 11:47:57 GMT
expires
Sat, 09 Apr 2022 11:47:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
27278
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame AD0A 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banjarmasin.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 09 Apr 2021 16:11:50 GMT
expires
Sat, 09 Apr 2022 16:11:50 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11445
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
skeleton.js
static.adsafeprotected.com/ Frame 2248
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/654467/53133099/skeleton.js?adsafe_url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5f92aa0201adae38bbe1d91a752fea15.safe...
  • https://static.adsafeprotected.com/skeleton.js
17 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-188-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:35 GMT
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
nginx/1.16.1
age
1837041
etag
"53fab767ecbd3bf07990b10246befbd4"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
17

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:35 GMT
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.1.js
static.adsafeprotected.com/ Frame 4D89 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-188-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:35 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
1652575
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame F59E 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9109151/1617869297867/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9109151/1617869297867/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 12:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25738
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 12:13:37 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6BE7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 09 Apr 2021 11:47:57 GMT
expires
Sat, 09 Apr 2022 11:47:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
27278
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
skeleton.js
static.adsafeprotected.com/ Frame ECC9
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/654467/53133099/skeleton.js?adsafe_url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5f92aa0201adae38bbe1d91a752fea15.safe...
  • https://static.adsafeprotected.com/skeleton.js
17 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-188-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:35 GMT
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
nginx/1.16.1
age
1836115
etag
"53fab767ecbd3bf07990b10246befbd4"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
17

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:35 GMT
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.1.js
static.adsafeprotected.com/ Frame 81E6 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-188-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:35 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
1650264
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
Enabler_01_242.js
s0.2mdn.net/879366/ Frame 6323 		107 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_242.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4864958390687760384/index.html?e=69&leftOffset=0&topOffset=0&c=mSYUOASF4K&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4864958390687760384/index.html?e=69&leftOffset=0&topOffset=0&c=mSYUOASF4K&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 06:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47903
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37452
x-xss-protection
0
last-modified
Thu, 06 Feb 2020 15:49:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 06:04:12 GMT
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 3FF8 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 12:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25738
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 12:13:37 GMT
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 0E59 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 12:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25738
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 12:13:37 GMT
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame A532 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:32:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
85824
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Fri, 08 Apr 2022 19:32:11 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 032B 		334 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:48b::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
af5885715f403edb9be18e3f244de575862229474d957e5bcd75cb5e036bc9ca

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UygzkiRZhNm6y3OKnjuvXZ9HCYGfpTdOjFVpPWpHkJ4sa4Qak8y5PYfCCTwHyxHW_extvlIYIqABGXKE8KWmeQk2lVZgQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
96608
last-modified
Wed, 07 Apr 2021 07:12:37 GMT
server
UploadServer
etag
"bc45349eaf48737219d6f20cf3387e2d"
vary
Accept-Encoding
x-goog-hash
crc32c=83gVGg==, md5=vEU0nq9Ic3IZ1vIM8zh+LQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1617779557398487
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
x-goog-stored-content-length
96608
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 09 Apr 2021 19:27:35 GMT
dt
dt.adsafeprotected.com/ Frame 2248 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=654467&asId=611302d7-fc3b-529d-1429-e3f42783aa2e&tv=%7Bc:9jZiFS,pingTime:-2,time:823,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:598,bdZ:806,beA:1219,beZ:1221,mfA:1723,cmA:1726,inA:1730,inZ:1738,prA:1738,prZ:1767,si:1777,poA:1779,poZ:1804,cmZ:1804,mfZ:1804,loA:1897,loZ:1909,ltA:2041,ltZ:2041%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:300,h:250,t:556%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:826,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:556,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B312~1%5D,as:%5B312~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:su78YtX+11%7C121%7C122%7C123%7C131%7C132%7C133%7C141%7C142%7C143%7C15.654467-53133099%7C151%7C152%7C153%7C16*.654467-53133099%7C161%7C162%7C17%7C181%7C182%7C183%7C19%7C1a%7C1b,idMap:16*,rmeas:1,rend:0,renddet:na,sinceFw:262,readyFired:true%7D&br=u
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.1.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:36 GMT
x-server-name
dt34.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
view
googleads4.g.doubleclick.net/pcs/ Frame C667 		0
60 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpq7ijOtlA3jzLSrZSqCPiaPR57cOGfwYdnGtOM-bIGIvV1Fdv6tjsaZ9zkZgEQHjLNPzQ8Btd2m-ntzytlPMMzPY5JBm22u-867Stiit5urbFoIrxRmIS-I4M2P-TF0i9HM9sKd31EnhZ6DZ95lpiKMUA6sQUhPSm5XDF3LCTiN9Y6rg8Jm4gxmu5FmCMdjWaySoLWV1UNuRgh-1Q11bBAnE1_qRBtQ_HylFZvlFAITIVSRr269ScVOzlA7WlKFR0NsSGWclM-_eEw5l1FHENTiPEN7mJQ9hPNAZZqBKhe_5SXE4hba6VMtbHEughDqAKFRmQrBnziKdqett-ngkQjDPNFV4iVne4judB6gEDK7l1R-3Ovz_ewzqfiRb5FYEGD9xCQw8mP7WV96uuh91ljRu1lNisvPKr5chQ54pfTHoCvXraObA4M23vjmAaaLqmA6y9jrKuWKwDEzVbMgDkjWBGbMErvWzsMvf7F3P9_kKAo3gfBhoTmHAYZ3yBiiGtLVbjCmkYHFcG4Cj1rp4aIlXJw9WoVu5kuHK0kfWVN9cPJm6EE7rCpENhj-WFVo3IiPLQp3EutJnlDJomrDVlh4Sgtwn_fadziy-Awtsrzv2FGV5t5-jRX37IlQuBx5TKpWdaTqKIRI2lZC3Y1ppQb63suY8dTyNyqFXvByX4HOfXmXlfvIy_QM5jKfPvahmT8EIwT7uJHiOnE_obCp4lbezRVwGWSzVtaELphYlmQnaQwEU6yznoW-ZTPgXKVadOg_nN8nrInb1JJD98uYxjZcOY-5QRlfBRZU33XP-bHjcTvPRvH0cpEui9oUAS0QzW45QjOcj0zulPsOyUoouWFifEjIvmOnf4sWWn9AVuoY3RKDdsxyw8Bim3OcGrRC_w6nTTTYwldR7OX6A9EllkRez4lQ1r4SNl9BCv6eoO72Hv7ASC4j9putoayRJKzxnRro2ZLIomMHgIugkuuLr8MxUptLF-I4T8HNHwthA7V2b4QDRMd2rJKDjM3J0NmZEdZE-NlgeAhMPCTZlBwG6cr1KZKa535qtj7iX9ZIxzqP7sTlyfQdu7bj7G5A_76gbhXOMtDEkpPLLLJDSF_KQY8Awy6R_mMo5QA7VVR1cH-GZ2odfY7FzDOwFwrbCFChwDV-gLcB-ctyqWbSkqNZUO_GshPsLS3fe-Mayz39V6Tclnm4i55Kg6HOCx_iyufo0kq8bQfrbXXMADUgWIvridzvgH4g&sai=AMfl-YRtPluu54AYeZNC2Fv7dC3ArxBMV38CHNYeNkrrALOFm-HywmVb91VwfKl6QAOJ0ZaDna137fpY7CYFrp4dV38xK4Zm3oVxlYCuFTMDN3UyPj8G-Jk8qX5jWFiwzUKcBnrppKpGl1KIDJSxqerSp-nDOypP4JDUoi3vlWuOVrVDMBI--FvyI-dPXblgh34pf7cZ2kNJYFSzFlOd2GFQDsECf5-Em1T0q6UjmpEv2g&sig=Cg0ArKJSzEpKRWBp4R9uEAE&urlfix=1&omid=0&rm=1&ctpt=1522&vt=11&dtpt=938&dett=3&cstd=579&cisv=r20210406.78508&adurl=
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame B60A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:32:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
85824
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Fri, 08 Apr 2022 19:32:11 GMT
dt
dt.adsafeprotected.com/ Frame ECC9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=654467&asId=b6dda771-99de-2056-2a9f-9cdc5535b973&tv=%7Bc:9jZiHc,pingTime:-2,time:965,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:635,bdZ:877,beA:1223,beZ:1226,mfA:1974,cmA:1975,inA:1975,inZ:1977,prA:1977,prZ:1990,si:1996,poA:2006,poZ:2013,cmZ:2013,mfZ:2013,loA:2112,loZ:2118,ltA:2187,ltZ:2187%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:300,h:250,t:772%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:965,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:772,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B212~1%5D,as:%5B212~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:su78YtX+11%7C121%7C122%7C123%7C131%7C132%7C133%7C141%7C142%7C143%7C15*.654467-53133099%7C151%7C152%7C153%7C16.654467-53133099%7C161%7C162%7C163%7C164%7C17%7C181%7C182%7C183%7C19%7C1a%7C1b,idMap:15*,rmeas:1,rend:0,renddet:na,sinceFw:181,readyFired:true%7D&br=u
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.1.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:36 GMT
x-server-name
dt36.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 68CA 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/index.html?v=_2_127_1_0&n=1&isPreview=false&clickTag=https%3A%2F%2Fsecure-ds.serving-sys.com%2FBurstingCachedScripts%2FReportPage_2_12_3_0.html%3FebReportURL%3Dhttps%253A%2F%2Fbs.serving-sys.com%2FServing%2FadServer.bs%253Fcn%253Dbrd%2526PluID%253D0%2526Pos%253D23916470521773436%2526EyeblasterID%253D1083129936%2526sessionid%253D715657777233199579%2526usercookie%253Du2%25253D2971ef0e-5645-41b4-934a-0c65cb2deff0%2526OptOut%253D0%2526di%253D0%2526dg%253D1075977878%2526dgo%253D1075977878%2526gdprpurposes%253D1023%2526ncu%253Dhttps%25253A%25252F%25252Fgoogleads.g.doubleclick.net%25252Fdbm%25252Fclk%25253Fsa%25253DL%252526ai%25253DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%252526ae%25253D1%252526num%25253D1%252526cid%25253DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%252526sig%25253DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%252526client%25253Dca-pub-7784034061253020%252526dbm_c%25253DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%252526cry%25253D1%252526dbm_d%25253DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%252526adurl%25253D%2526ebReferrer%253Dhttps%25253A%25252F%25252F5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com%25252Fsafeframe%25252F1-0-38%25252Fhtml%25252Fcontainer.html%24%24ebImpressionID%3D23916470521773436%24%24ebTURLs%3D%5B%2522https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%26sig%3DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%26cry%3D1%26dbm_d%3DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%26adurl%3D%2522%5D%24%24ctick%3D1617996155266
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure-ds.serving-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Apr 2021 19:22:35 GMT
970x250_video.js
secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/ Frame 68CA 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/970x250_video.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/index.html?v=_2_127_1_0&n=1&isPreview=false&clickTag=https%3A%2F%2Fsecure-ds.serving-sys.com%2FBurstingCachedScripts%2FReportPage_2_12_3_0.html%3FebReportURL%3Dhttps%253A%2F%2Fbs.serving-sys.com%2FServing%2FadServer.bs%253Fcn%253Dbrd%2526PluID%253D0%2526Pos%253D23916470521773436%2526EyeblasterID%253D1083129936%2526sessionid%253D715657777233199579%2526usercookie%253Du2%25253D2971ef0e-5645-41b4-934a-0c65cb2deff0%2526OptOut%253D0%2526di%253D0%2526dg%253D1075977878%2526dgo%253D1075977878%2526gdprpurposes%253D1023%2526ncu%253Dhttps%25253A%25252F%25252Fgoogleads.g.doubleclick.net%25252Fdbm%25252Fclk%25253Fsa%25253DL%252526ai%25253DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%252526ae%25253D1%252526num%25253D1%252526cid%25253DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%252526sig%25253DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%252526client%25253Dca-pub-7784034061253020%252526dbm_c%25253DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%252526cry%25253D1%252526dbm_d%25253DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%252526adurl%25253D%2526ebReferrer%253Dhttps%25253A%25252F%25252F5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com%25252Fsafeframe%25252F1-0-38%25252Fhtml%25252Fcontainer.html%24%24ebImpressionID%3D23916470521773436%24%24ebTURLs%3D%5B%2522https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%26sig%3DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%26cry%3D1%26dbm_d%3DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%26adurl%3D%2522%5D%24%24ctick%3D1617996155266
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-190.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
88a02ce551a987804053ffc1adb0ff9f144d2e5b44a2303738090c1c250a9055

Request headers

Referer
https://secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/index.html?v=_2_127_1_0&n=1&isPreview=false&clickTag=https%3A%2F%2Fsecure-ds.serving-sys.com%2FBurstingCachedScripts%2FReportPage_2_12_3_0.html%3FebReportURL%3Dhttps%253A%2F%2Fbs.serving-sys.com%2FServing%2FadServer.bs%253Fcn%253Dbrd%2526PluID%253D0%2526Pos%253D23916470521773436%2526EyeblasterID%253D1083129936%2526sessionid%253D715657777233199579%2526usercookie%253Du2%25253D2971ef0e-5645-41b4-934a-0c65cb2deff0%2526OptOut%253D0%2526di%253D0%2526dg%253D1075977878%2526dgo%253D1075977878%2526gdprpurposes%253D1023%2526ncu%253Dhttps%25253A%25252F%25252Fgoogleads.g.doubleclick.net%25252Fdbm%25252Fclk%25253Fsa%25253DL%252526ai%25253DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%252526ae%25253D1%252526num%25253D1%252526cid%25253DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%252526sig%25253DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%252526client%25253Dca-pub-7784034061253020%252526dbm_c%25253DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%252526cry%25253D1%252526dbm_d%25253DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%252526adurl%25253D%2526ebReferrer%253Dhttps%25253A%25252F%25252F5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com%25252Fsafeframe%25252F1-0-38%25252Fhtml%25252Fcontainer.html%24%24ebImpressionID%3D23916470521773436%24%24ebTURLs%3D%5B%2522https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%26sig%3DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%26cry%3D1%26dbm_d%3DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%26adurl%3D%2522%5D%24%24ctick%3D1617996155266
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FG5EGQnG630AUEMRf2WiTcDIrcc_9NEU
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 08:09:59 GMT
server
ATS/7.1.0
x-amz-request-id
25Q35G2GVR8XGAN4
etag
"924017412d5a1cfd93c7ba1e5dcf3260"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
date
Fri, 09 Apr 2021 19:22:35 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
8843
x-amz-id-2
fq1s88LrVNTpgRQMnxh8BvWjLIfEfcvzldz0RjnxbGR0HiDdJGDCSAn11bvWZkZkpz6hnqVFFFU=
expires
Mon, 31 Dec 2035 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame ECC9 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst63iic4r6Uvy4VAWl6QPWev1LwymMRia-dKiNdB7m2GxtPdnt7VLkImLyK_REW_19i3HWcQQJWvzngMVSqTs-7ExcscJ8TIiUSf9sTCBFtNM-69XOi34EysO4W0VoH0fcsE2cdk9eSqDBvI9oplKxmE2sw_1YEt-X_2aXL_XVH5zZllOkp9AUrVGtZwEfIWHMtLBT-mYxxDmzq4DQdVAQH4ttzWvTKE8R3w7Tv_u2zA5A7sPp8DSaSRNCBb_rL9uCAFfq9BedDmFgvtE3Nme0Dh_EHBah56mzPBUZ9URW2-TlflY3kddBfEpAUJXO97WbjvnmkzMFMuy48BCBnFgXLUcjgaQ8NBdg2as0fNK3xFcQuK7p0fucPf-kXgVQJL28VvcwBcr8VkVR05WRTXW6tuzEx1ih9YbTpuz_8PTV0jg9vTlw2sSApcqf1ireMSymNAwmJ1d4YaTjo3Tghwb-N4nXO7JADDn5E7Q10V6u3bzo1HWYcziw50y8wD4fRwXu0kip_Zz_71LXCu9AETB8IjozdRT2RpFYles3HOjDzk3887UFaFnl9_UoxhKKjfiF_9dkJI1U8kVLyNGVMu1kms8EJIzbcMQ-0vxuTLZFC1X51VcVUyPcMJ5qQeI5Aj1YRWF70VfnEaOuKzCgiqHSSs81TfHUNBQvKPt9ECsupyUcb9w1EB7iOVKg8Oez5AYskeOScn3-Rkyxq31O27Msm44SSQBss96JbGOy_sZksSmvYsRRaOHL_DpUurAeQXlonD8Bj9GJxQU4nAiko_s0Q6yI7Oe85AX_ovzJQwqVA7xz6BEF55jyk48sCr458_jI215zbwUpdFREwqC6pGY2v-cxMDO_iibE2rRov2tx-tl5egb5bHYfKQo5MQ4uSUy006-FRj-vz2TvWzYNR4MgI81ZIJ_pRlH4NgoogQ_G7YFvd8WUHr2B1OckXlrim7-qbkCO8KtOA6FCJ84EIU-bSwjKNg7GDEbB9ZNrMHh1jrK3q_6bHzICOENIE_Ti6-XQlgJq83NYvLptyewpTwXHCOmXIjqwMUQbWpqFtPM6EaxaXkvF18jCW-vyPuvEw0-VtQ_btzysK03dUbwhMEpb-cnTHjiAWy2f017w1bntlOnTO6ubESJ1ZfHycOZgriCUUworcf2m4h7ud74PodrrcOOl6-FKgXx4_B2w5hyQUMIbE0JEvLUaLAwXMd8Rv73Q&sai=AMfl-YTBKDoVP2NAAjwsFJ-BNYtUtfKRaCM_MT614PUR3C_J2gcRa17jUVHqNu62i3Whors-ZfV6Avn6eVbJHtXca-Le7o_J_LkNWymFfya8e3HracKygTaBv2FQewBrcwzi1AMjCWAwNN8ZJBezJF1LxTfocLOmPJAP0xk7MD84QigZnIbwTUQeRF2kbnR9VRiE6TVRgwwG9kttDQ3nBA57F94zbWPhsgBrUmDZ5QVUzg&sig=Cg0ArKJSzP91Aof9-P2hEAE&urlfix=1&omid=0&rm=1&ctpt=1597&vt=11&dtpt=734&dett=3&cstd=860&cisv=r20210406.59584&adurl=
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 2248 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzqG6kmFEPHs3ZdpHLFlC0Lm2BtxGcxn6Q8GEtPUyZ9ieTLbUgm7DvHVxndyTdPAmgMA_HD_eGasNXgV-aSlVR29VoeC9n0--lVxJTJh2v-J153fscxGt2w_OchcEl43WKDyE3vMsFeBHmy-M6QmJ9_ZJwBJV729Bkz_PUZST5iezc6NOiqKm3Qk82GQbncnbB-5AKgFzR9aeI7kMsd3PKm6V3vc59GsVjyfAjhzD8-9Dgl_9QheiC2kCZ6VrTVzp-7SHK9g-BjFiuUxAXavsTo7DaeAHlrTNGOQ4xJIns8J4Ficrlsg8k4KGbB7FN5FQq0CQb3rZJiMXO6NQQE8S5FcIxfHDILcSt5MW_1rnRGO5s_4uGjrPvq50ftcV8A1Z3Xxmt7oG0YgTh06tlymQ-MXgHHmi464w3u24aunHdDyo0lsByq0bgQoZ-t4V9gvCxRx0dHI0aWEMuHQnZaRmHoFcLylUSly73zVfPMnbraAPECkI6Jk8H1zXufksUMEevgc51JVaXdN6eiPncSMlrCDTKkOsJT9gWOY0rVrWeFGvB8oH_oJmus9wHc5gFkPr3sptwpVpGnGeQf-nbA7TQNsMlglUcFfhme5FAoomT-mMxDDwQzKNMv9495v9l77vBpiMwhgQBacWvxejbL4PA8_wauYOhp4JXSTnAdDggX8EAFkQ9oYTXR6AJhNZkgYZv6LuOhdwYZkbQWQE3aLqA2GULZUdCjUvtdZZ8_KmakJphWC4z4mdGp53ZCcYASDIOCEGl8RRR6FzFvOHck1NNn1yjkoGB_tQxXcIvDt1Ai0IDZX2gZNSTOUhIaf4cYbZDhh5AtBgQczuXYnAFKzqHcTrKUwzuCqDuPAz6BTlNz7U-VxE2Mu4FA8U-GMzxpS_LVbJR7oE_FRP99g06T3NjWeYQIVCqsMp6FxBkQvOJXY_EtP1v8DWYg5xUH4zELY3jXQQtTWiO7NN9tw-x6aIm4HU1mmucqyw_utqDYTZTlIE32yXjkIxZ1adaal7MCoZQJrZqR1AHVqMdO6x4nU4YPCjWZUn0KmdullVbouGwLDNC8sTTJDXSn-z7CTgkhwSRGpZEEDpPmhDe0n2uHix_-HF-za7o-JL1pylHTou1U5BkCQ6-0zT8kckJM7csNgLut5CnCTfMJqPqYpRhYqPdyDmY_5B6LNEjYCwxRqBquPfNlJVChmP8T43s9a04Dqg&sai=AMfl-YSUeOvp0eHe1nPEj8BRjbZWitIp6HVV3mKx8EdzD2PPsxBGQRYCPox8E_FoX6kiIEZrmO2Cfv2qFDiQQOSzoVBzlglXB5mnY9IiKqCbsKS5Kyhg9J6uEEYlTTaXHgjSO2BqEQ4GIGpKJ-RVSw-z65axXbfAFSE_8wQaBnJYOCE6g54dkA_Z_vHy3rlan-hx9e1eVww5XHMnhju8y4RxpJpFfecu6EAakfcrPSg-pA&sig=Cg0ArKJSzFH7gRXpqrVcEAE&urlfix=1&omid=0&rm=1&ctpt=1601&vt=11&dtpt=862&dett=3&cstd=731&cisv=r20210406.45093&adurl=
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame A150 		42 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumaaRzMwLAP4eNauBEj4jnyr8AdxceCf8d-s6mdfw3MpaFI8vr-pk4VvnJ86lIohQ_fhgGcCcisnUISVuOIT2ewHaKF4B7npnJEJ6JxnqCFvYThcjz7TlWPcGGmA&sai=AMfl-YReF6odhChgZRGB4BUhObgriVSnXKFqCeMjPEyXUvf9lY4sKVSyzIxIRrTgJ-clr6lXCeD1lBOwkOfh-HEQjQTMEvoadTPLc-i9IGlZYq4tQjzvrIg12rjHtxIIats&sig=Cg0ArKJSzArInvuohQGaEAE&cid=CAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw&id=osdim&mcvt=1097&p=100,315,350,1285&mtos=1097,1097,1097,1097,1097&tos=1097,0,0,0,0&v=20210407&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1552362255&rs=4&met=ce&la=1&cr=0&osd=1&vs=4&rst=1617996153572&dlt=208&rpt=1332&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAirm0D9r36sTD0Cpa0l1MA&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAirm0D9r36sTD0Cpa0l1MA&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:36 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAirm0D9r36sTD0Cpa0l1MA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.209.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-209-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Fri, 09 Apr 2021 19:22:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTU2MDg0ODAtODM2MS00RjY1LUEwMjMtNTI3MTY1MjI5OTlB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:35 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 09 Apr 2021 19:22:34 GMT
X-lat
amspug017:0:314
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Connection
keep-alive
view
googleads4.g.doubleclick.net/pcs/ Frame 46BE 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssq_Cdi7HmzMjnfRCQnfx4o8jEVScoHayM1vWsTMF9aN-gzGn0mPH67wGeaVbOQ_LGDhRTw78veXkGpZz2M6pqITjFqqBSKkAKdvN09epoTwwFGyxvoxzUcpm3qwVNPeVsg50_Fkf7629MyAjLSUXWKBn4IxxkltDtisgzdvfqWTkoctPq-Ir4clNhSVn_Is2GrK5RK4IrLkgI0HqJA-zYBqSFv9RNKIXfO5XUJxNermBLviRwxjcZ9JDBZp7XvZ7zEkEGEuErjeIozgR3R_s-cgxyEiMXR7y0UbVXgdUTZzJr5e-WmF087ZhUK2Z0v4yxX9VY4_4WNfFkadblZTkxJpcAFQ9mfqFFKxNlKvw9ef2oQSKXPEg0B4U2cB_2WU1FsHNdHGrAXbmpQ0yQbVlpwEwUZDrmx6QwCzrHp9doYom54trH3oBtmt4bx9Mg58AlsuqIWCAtuWus0wKS1AV3x3ZBzHWq24gyewHJ1fJRjlwEcaFzI7vuv0nr-nUsk-bkro1qF3W541qRiRmiaZ0nzZ9QPaBioLIWGwj5atL4AQ61P1CogQfu3Hra6uYP4mSKPEWmovK7tqnfXbblPKQ-UjCmnaMwD2GYl_k8hkDfcjgjMg-i5NfkCnJne0VytZJO-x4YyTdBel87-F7WNvncmpTpDl3OvE7GVooyvUgbQfE8ft6kdnZ_IFh1RddpdDHOsm94g5xaPg1P1CSf_QCRsDdS3RV7qo1LMKnr3f_UU1lQAA9zlCvqZyBPjWgHp37BJXZXX35GQsgOBL0BBv7UV8r_l6byUeZXD5-Yp3YwhL2byOvexB7Bs2xqNG2_Xd4o2OQdGfWqZb0Zd3Kjl10XzCYkdGxOSuZD462Yv3mcjq-CwrIrp0a0mYtHIVaVlA8H7f_u0As0FgDGeKk5kqF9fweI2-aRZ46ZSqWMIRWcundzH_ReyvuP8CPjXSSsL5fhXfFOaJBDn99n7X9OnKnuG9CepkcQqK_TzKewR_CWdPlipUyv5xksIJ052D4MzP_pUSaekGAvWqktkY4aXcheo4XGbGyVitTbp25BtBcro_DqXnr0DGVxVC7I-bwQniHshiJhAo3W12NEkvOB_Vq3Bcm1IlobZ1UoZk8yW_sFh3B30I5Oo9AaaJfIsKnrwbZHgJNlCCKHNBUG5lHrw_6eoC8X82K2OK1j4tVry7ENdKRJVPNx9Z1oC5uj-W9SFvdDfPpXRoUpZD50VYnbcKVc&sai=AMfl-YQHsvm93I5t2qtUdkAsMLfk6eL4ItWl7FSCP3Dg7Yek7YiNDnMuin1xPDEU8X67-5N4cSTF3o77AYSw4fGhZbqjblsr8iG7EGfkzFapIoyygZfAWXoIAM_zyc_X4QRYPygvenLHYXnAtNaUMzMxczvHXfPWnqNcvJnz1AN8TqkJpJlPavS2nY_Q1c2XaPJDHWIpocaUzqB-9g4TZUFKX4hpOY3DM9QipEaGhnwQkw&sig=Cg0ArKJSzLAgTd3WBzNrEAE&urlfix=1&omid=0&rm=1&ctpt=1699&vt=11&dtpt=923&dett=3&cstd=757&cisv=r20210406.47164&adurl=
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 19:22:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=banjarmasin.tribunnews.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&apppkg=&fv=3&proto=https&pid=5f4c6fa86d070d2ea259d40a&cid=5fc49f47ef635a0437416998&e=inventory&vi=0&cb=1617996155955
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.157.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
logo_big.png
s0.2mdn.net/9109151/1617869297867/ Frame F59E 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9109151/1617869297867/logo_big.png
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c89503c7cc6addc3d2761da1764e979eaf9bc93ff5ca9c484821958ab1fa0181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9109151/1617869297867/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 13:44:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 08:08:17 GMT
server
sffe
age
20259
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7625
x-xss-protection
0
expires
Sat, 10 Apr 2021 13:44:56 GMT
background2.jpg
s0.2mdn.net/9109151/1617869297867/ Frame F59E 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9109151/1617869297867/background2.jpg
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e51d6f2797b90ca931fa74f3fb2e747c2cf591df7e8d7e330926fff439c82ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9109151/1617869297867/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 13:44:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 08:08:18 GMT
server
sffe
age
20259
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48839
x-xss-protection
0
expires
Sat, 10 Apr 2021 13:44:56 GMT
home24_logo_inverted_copy.png
s0.2mdn.net/9109151/1617869297867/ Frame F59E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9109151/1617869297867/home24_logo_inverted_copy.png
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd28009d3decd8ae75d5392267dbf22b991ddc0d3d2798f1e397318bf5656b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9109151/1617869297867/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 13:44:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 08:08:18 GMT
server
sffe
age
20259
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1656
x-xss-protection
0
expires
Sat, 10 Apr 2021 13:44:56 GMT
products.png
s0.2mdn.net/9109151/1617869297867/ Frame F59E 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9109151/1617869297867/products.png
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5906e1f35219de6584413e0e8e75f2df625bd04d59f9518c8f08afcade47843e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9109151/1617869297867/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 13:44:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 08:08:18 GMT
server
sffe
age
20259
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32699
x-xss-protection
0
expires
Sat, 10 Apr 2021 13:44:56 GMT
cta.png
s0.2mdn.net/9109151/1617869297867/ Frame F59E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9109151/1617869297867/cta.png
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75ae1388e63db6f0db7f03d2f06d970330f4717903fd7e03d8e4b5c04dc191ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9109151/1617869297867/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 13:44:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 08:08:17 GMT
server
sffe
age
20259
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1700
x-xss-protection
0
expires
Sat, 10 Apr 2021 13:44:56 GMT
headline2.png
s0.2mdn.net/9109151/1617869297867/ Frame F59E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9109151/1617869297867/headline2.png
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e3af2ede97eb5043a0a66cc528129367597347ed7795c8fb5d9bdc7c4fd78ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9109151/1617869297867/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 13:44:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 08:08:17 GMT
server
sffe
age
20259
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4960
x-xss-protection
0
expires
Sat, 10 Apr 2021 13:44:56 GMT
headline1.png
s0.2mdn.net/9109151/1617869297867/ Frame F59E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9109151/1617869297867/headline1.png
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fd614b22a01473bf04705b5b1bf254e40184a8ff89b8c4452236ea314e67c75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9109151/1617869297867/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 13:44:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 08:08:18 GMT
server
sffe
age
20259
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3262
x-xss-protection
0
expires
Sat, 10 Apr 2021 13:44:56 GMT
background1.jpg
s0.2mdn.net/9109151/1617869297867/ Frame F59E 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9109151/1617869297867/background1.jpg
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e507dac9ac12a8ea56033ba6de3d0cbb6cc360e9232af3d6cb19fa3e846f65a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9109151/1617869297867/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 13:44:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 08:08:18 GMT
server
sffe
age
20259
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114939
x-xss-protection
0
expires
Sat, 10 Apr 2021 13:44:56 GMT
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame A37F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:32:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
85825
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Fri, 08 Apr 2022 19:32:11 GMT
truncated
/ Frame 68CA 		113 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c4ac745f1e51c2ae8caf0e6947fbac9caaac240022c22fa004bf495401176a3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame C667 		42 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIvxYNPgZ3Xkqm1v_qU3RHY4cGZXXgkczZ833chEN42jmF4kexM7ze8MWClsupY0REiBrt59MzTSy_LMeUEnSYM2Sgy_g_ttggKo9jjKhj23epy-SHx6IFqWDenQ&sai=AMfl-YQh-XY_PIk5UJFPs4ym373d0RWeFeNCN87QNN1NYTnOXFTs0DsO-YC-pREe0-ylIZlivwLUkWb-eHn4m8kzap8yEfbSgYtGSOLyZdcCacIZtMSrh9hHxdPfrVzFKQg&sig=Cg0ArKJSzNk934rjqhL4EAE&cid=CAASPeRo46aH9p22baip2McsGk6s-C8wat07-Ruoje1lR1H6J3phYXT3_ruxHGBdKz3rKvla245zUG6Btfqldgw&id=osdim&mcvt=1125&p=537,1075,1137,1375&mtos=1125,1125,1125,1125,1125&tos=1125,0,0,0,0&v=20210407&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=236898491&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617996153572&dlt=215&rpt=1430&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
go1.aniview.com/api/adserver/tag/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&AV_PUBLISHERID=5f4c6fa86d070d2ea259d40a&AV_CHANNELID=5fc49f47ef635a0437416998&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=banjarmasin.tribunnews.com&AV_DADPOS=3&AV_PLACEMENT=5&v=6.1.1.243&avtoken=155954&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1617996156045
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.145.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d8f923fdf995ed30f5bcdb2981dbdca5bb027f431378ca2a04733cfcddfb0601

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:36 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://banjarmasin.tribunnews.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 29 Mar 2021 05:35:56 GMT
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
Ureka-png--white.png
dmp.urekamedia.com/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.urekamedia.com/Ureka-png--white.png
Requested by
Host: banjarmasin.tribunnews.com
URL: https://banjarmasin.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
125.212.217.46 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
52c93e3062d05ac961d93f0dcb33e826673778109ee29bb1c3ec82e3ccddcde3

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:36 GMT
Last-Modified
Tue, 08 Sep 2020 14:23:45 GMT
Server
nginx/1.10.2
ETag
"5f5793f1-5de9"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24041
Expires
Sun, 09 May 2021 19:22:36 GMT
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame CB56 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:32:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
85825
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Fri, 08 Apr 2022 19:32:11 GMT
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame 9FBB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:32:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
85825
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Fri, 08 Apr 2022 19:32:11 GMT
300x250__1.jpg
s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/ Frame 0E59 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/300x250__1.jpg
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
661a700ebe7938e71c43fc80106c0b6e463386bb18ca8cae9500ca70ad7629e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:00:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 16:14:54 GMT
server
sffe
age
33756
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39588
x-xss-protection
0
expires
Sat, 10 Apr 2021 10:00:00 GMT
300x250_1.jpg
s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/ Frame 0E59 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/300x250_1.jpg
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd867bea8cd376bea60ad18877ae11a0f50a630db7c1e451e38dfde4f222e0ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 05:30:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 16:14:54 GMT
server
sffe
age
49897
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39689
x-xss-protection
0
expires
Sat, 10 Apr 2021 05:30:59 GMT
300x250__1.jpg
s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/ Frame 3FF8 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/300x250__1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
661a700ebe7938e71c43fc80106c0b6e463386bb18ca8cae9500ca70ad7629e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:00:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 16:14:54 GMT
server
sffe
age
33756
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39588
x-xss-protection
0
expires
Sat, 10 Apr 2021 10:00:00 GMT
300x250_1.jpg
s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/ Frame 3FF8 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/300x250_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd867bea8cd376bea60ad18877ae11a0f50a630db7c1e451e38dfde4f222e0ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9329853/378438241635506/SP21_CKJ_FEM_HTML5_300x250-W-1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 05:30:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 16:14:54 GMT
server
sffe
age
49897
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39689
x-xss-protection
0
expires
Sat, 10 Apr 2021 05:30:59 GMT
videoad.mp4
secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/ Frame 68CA 		597 KB
599 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/videoad.mp4
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/index.html?v=_2_127_1_0&n=1&isPreview=false&clickTag=https%3A%2F%2Fsecure-ds.serving-sys.com%2FBurstingCachedScripts%2FReportPage_2_12_3_0.html%3FebReportURL%3Dhttps%253A%2F%2Fbs.serving-sys.com%2FServing%2FadServer.bs%253Fcn%253Dbrd%2526PluID%253D0%2526Pos%253D23916470521773436%2526EyeblasterID%253D1083129936%2526sessionid%253D715657777233199579%2526usercookie%253Du2%25253D2971ef0e-5645-41b4-934a-0c65cb2deff0%2526OptOut%253D0%2526di%253D0%2526dg%253D1075977878%2526dgo%253D1075977878%2526gdprpurposes%253D1023%2526ncu%253Dhttps%25253A%25252F%25252Fgoogleads.g.doubleclick.net%25252Fdbm%25252Fclk%25253Fsa%25253DL%252526ai%25253DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%252526ae%25253D1%252526num%25253D1%252526cid%25253DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%252526sig%25253DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%252526client%25253Dca-pub-7784034061253020%252526dbm_c%25253DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%252526cry%25253D1%252526dbm_d%25253DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%252526adurl%25253D%2526ebReferrer%253Dhttps%25253A%25252F%25252F5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com%25252Fsafeframe%25252F1-0-38%25252Fhtml%25252Fcontainer.html%24%24ebImpressionID%3D23916470521773436%24%24ebTURLs%3D%5B%2522https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%26sig%3DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%26cry%3D1%26dbm_d%3DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%26adurl%3D%2522%5D%24%24ctick%3D1617996155266
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-190.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
a2468a1912e09c093db788416e26a66986e0caa39144ec53e606aa2b5b667fa2

Request headers

Referer
https://secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/index.html?v=_2_127_1_0&n=1&isPreview=false&clickTag=https%3A%2F%2Fsecure-ds.serving-sys.com%2FBurstingCachedScripts%2FReportPage_2_12_3_0.html%3FebReportURL%3Dhttps%253A%2F%2Fbs.serving-sys.com%2FServing%2FadServer.bs%253Fcn%253Dbrd%2526PluID%253D0%2526Pos%253D23916470521773436%2526EyeblasterID%253D1083129936%2526sessionid%253D715657777233199579%2526usercookie%253Du2%25253D2971ef0e-5645-41b4-934a-0c65cb2deff0%2526OptOut%253D0%2526di%253D0%2526dg%253D1075977878%2526dgo%253D1075977878%2526gdprpurposes%253D1023%2526ncu%253Dhttps%25253A%25252F%25252Fgoogleads.g.doubleclick.net%25252Fdbm%25252Fclk%25253Fsa%25253DL%252526ai%25253DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%252526ae%25253D1%252526num%25253D1%252526cid%25253DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%252526sig%25253DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%252526client%25253Dca-pub-7784034061253020%252526dbm_c%25253DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%252526cry%25253D1%252526dbm_d%25253DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%252526adurl%25253D%2526ebReferrer%253Dhttps%25253A%25252F%25252F5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com%25252Fsafeframe%25252F1-0-38%25252Fhtml%25252Fcontainer.html%24%24ebImpressionID%3D23916470521773436%24%24ebTURLs%3D%5B%2522https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%26sig%3DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%26cry%3D1%26dbm_d%3DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%26adurl%3D%2522%5D%24%24ctick%3D1617996155266
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
lL3T5OOU_iET.WyjqhAasLILATfDhUtC
last-modified
Tue, 30 Mar 2021 08:09:59 GMT
server
ATS/7.1.0
x-amz-request-id
4F7J86WSNJ7XN0SR
etag
"5981b5161349486448f015881b5c94f0"
content-type
video/mp4
Content-Range
bytes 0-611296/611297
date
Fri, 09 Apr 2021 19:22:36 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
611297
x-amz-id-2
iSo5NPdV4QtbQK4Hdt1S4AXY1m+pSnbfc9nJmuhqW49zKbzjkonpDbM4/iTsGleYpKxMp/oOlRk=
expires
Mon, 31 Dec 2035 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 46BE 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscdS_6kOz7wM7yD1jufelT7guWxpEQZJ0TPyt9vxf_m-bmWRAhK4168EZB9d4lh49l1f2B06AuDZMlIJS5p5R73_DiwUy6Rl4cGnrQObavonCYVIUlyOI-ojenyQ&sai=AMfl-YR1O71oOCFLar2zCjFezPOMJpWV0aCHZ4sifGLSuTE2r4L7Zr95iqCg8FALhbVUmx_ECiEypcRkULkJhzp7cFMoOOUByLe1OQnXAkcoJsU3iut3MCIRzjb9krQkSGM&sig=Cg0ArKJSzFum8b1geReLEAE&cid=CAASPeRou0CdPlOVOSFtXcjXS7iBiIRY7o5olB4AD4bzq462fw71h6ekI5qz0PwCu4BLGffqIk9Sx0AVHp04LOg&id=osdim&mcvt=1122&p=704,344,744,385&mtos=1122,1122,1122,1122,1122&tos=1122,0,0,0,0&v=20210407&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1409774076&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1617996153567&dlt=209&rpt=1383&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame 6BE7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:32:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
85825
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Fri, 08 Apr 2022 19:32:11 GMT
dt
dt.adsafeprotected.com/ Frame 2248 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=654467&asId=611302d7-fc3b-529d-1429-e3f42783aa2e&tv=%7Bc:9jZiPD,pingTime:-10,time:1428,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1617996156272%7C%7C946df09c187ef552b54b9596f2dfe597%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C42bcfe230418ce3c1868da57704f1f79%7C%7C025ac7de207664a671dffc49c0027a60%7C%7Cc369bfd513473cf496295a2713fbf759%7C%7C2f6e9f8194a13b2459a1700e09bbd7db%7C%7Ccf97376039a4430584a25994c24b6025%7C%7C1614879537,ch:n,im:%7Bpci:%7Btdr:447%7D,imprf:%7Bttecl:1699,ecd:59,tsecr:255%7D%7D%7D
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.1.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:36 GMT
x-server-name
dt29.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame AD0A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:32:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
85825
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Fri, 08 Apr 2022 19:32:11 GMT
prod_studio_01_242_videomodule.js
s0.2mdn.net/879366/ Frame 6323 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_242_videomodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_242.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa806ee163c77ac1fd3e7e235dc9a1417235c399f0a70991720a64b7b41ade27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4864958390687760384/index.html?e=69&leftOffset=0&topOffset=0&c=mSYUOASF4K&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 13:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20577
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4861
x-xss-protection
0
last-modified
Thu, 06 Feb 2020 15:49:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 13:39:39 GMT
file.webm
r3---sn-4g5ednly.c.2mdn.net/videoplayback/id/67f0aacb9b09b7b7/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3729165979/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 6323
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/67f0aacb9b09b7b7/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3729165979/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r3---sn-4g5ednly.c.2mdn.net/videoplayback/id/67f0aacb9b09b7b7/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3729165979/sparams/acao,ctier,expire,id,ip,ipbits,itag...
339 KB
340 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5ednly.c.2mdn.net/videoplayback/id/67f0aacb9b09b7b7/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3729165979/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4BBC0C72D9CBA0A06188D75961F91EAB13F1E614.0E743DCFD6C6016CD1D7226940391E8DB90F9BBC/key/cms1/cms_redirect/yes/mh/4H/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednly/ms/onc/mt/1617995815/mv/m/mvi/3/pl/49/file/file.webm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:67::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
4cc8d53db49d68e0a9d3bbe4a6ca33cf61d3e303fd2d454a3e8703a74c5a73f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 20 Mar 2020 15:25:11 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Content-Range
bytes 0-347608/347609
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
347609
Expires
Fri, 09 Apr 2021 19:22:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:36 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r3---sn-4g5ednly.c.2mdn.net/videoplayback/id/67f0aacb9b09b7b7/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3729165979/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4BBC0C72D9CBA0A06188D75961F91EAB13F1E614.0E743DCFD6C6016CD1D7226940391E8DB90F9BBC/key/cms1/cms_redirect/yes/mh/4H/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednly/ms/onc/mt/1617995815/mv/m/mvi/3/pl/49/file/file.webm
cache-control
no-cache, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
650
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 		168 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&w=400&h=225&time=1617996156&cbb=7996156541
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:36 GMT
Server
Tengine
Content-Type
application/xml
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
168
avpb3.js
player.aniview.com/script/6.1/ Frame 032B 		267 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:48b::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b5474822f2c0ff20ba41097c37b6f27786fbc9311bf5c42d5ddd6bc8cf4981c9

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:36 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzDMHtcRb-ad208b0PCEc0XQsxeJrnqrpFJYWt8juEG3Qc1rqGM1iHiTs5407zrM9KRizROUuFaIer2B_9e00rbfjQq0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
86063
last-modified
Wed, 07 Apr 2021 07:12:09 GMT
server
UploadServer
etag
"e87f8984848d97e4a493eeb1e183de61"
vary
Accept-Encoding
x-goog-hash
crc32c=qbKelw==, md5=6H+JhISNl+Skk+6x4YPeYQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1617779528881507
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
x-goog-stored-content-length
86063
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 09 Apr 2021 19:27:36 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AT&cos=Windows&r=banjarmasin.tribunnews.com&rs=banjarmasin.tribunnews.com&sid=5213&t=1617996156&cip=91.132.139.84&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5f4c6fa86d070d2ea259d40a&test=&aafaid=&proto=https&uid=1617996156391-930951605971-021561-002-008258&cha=0.7&cb=4808718440&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5f4c6fa86d070d2ea259d40a&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5fc49f47ef635a0437416998&ncid=5fc49edb1b134965e620aa8a&pasid=5fc49efbc5291b292419112a&e=request&cb=1617996156545&asid=5fb766e909e8a7781132bf27%2C5f9b871944031e6d1a4fab56%2C5fc4a4b903a6de5b11064bdd%2C5f0e87a3db73b9083a397ae5&ofpr=3%2C1.5%2C0.8%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.157.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
_970x250copy.png
secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/ Frame 68CA 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/_970x250copy.png
Requested by
Host: 5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
URL: https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-190.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
87149fd94893b18ac4ebc8adc4cff6b5b22bcdafa57f96c9803781cdb9e68dea

Request headers

Referer
https://secure-ds.serving-sys.com/resources//PROD/html5/48480/20210330/1075811948/61352909121541837/index.html?v=_2_127_1_0&n=1&isPreview=false&clickTag=https%3A%2F%2Fsecure-ds.serving-sys.com%2FBurstingCachedScripts%2FReportPage_2_12_3_0.html%3FebReportURL%3Dhttps%253A%2F%2Fbs.serving-sys.com%2FServing%2FadServer.bs%253Fcn%253Dbrd%2526PluID%253D0%2526Pos%253D23916470521773436%2526EyeblasterID%253D1083129936%2526sessionid%253D715657777233199579%2526usercookie%253Du2%25253D2971ef0e-5645-41b4-934a-0c65cb2deff0%2526OptOut%253D0%2526di%253D0%2526dg%253D1075977878%2526dgo%253D1075977878%2526gdprpurposes%253D1023%2526ncu%253Dhttps%25253A%25252F%25252Fgoogleads.g.doubleclick.net%25252Fdbm%25252Fclk%25253Fsa%25253DL%252526ai%25253DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%252526ae%25253D1%252526num%25253D1%252526cid%25253DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%252526sig%25253DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%252526client%25253Dca-pub-7784034061253020%252526dbm_c%25253DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%252526cry%25253D1%252526dbm_d%25253DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%252526adurl%25253D%2526ebReferrer%253Dhttps%25253A%25252F%25252F5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com%25252Fsafeframe%25252F1-0-38%25252Fhtml%25252Fcontainer.html%24%24ebImpressionID%3D23916470521773436%24%24ebTURLs%3D%5B%2522https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXGrfeKlwYK-KOo72zQbfsLmQBdG31oNiv-P8qdwN8C4QASDK1uMfYKmwvoDMAaABvo3XwgPIAQmpAklTXB9o9bM-qAMBqgTpAU_QTeFE8dQRxEhmnALWagbKspjxq4vB_72f01aRqHtRf9jBI7kv2GACiT8dOxpmgYyhEZqcTQld96avrec4Igs6mKW5t4ww3bYxJ7drd0UYBeFQXabPSQgv_POHw5o4roqxT8vgr5kxOCv6Ikll5O2QuMA2eWKW6uVRgWdpOggEEi-U_b77_jjtxtd0979JHbh4oBj0nqLMW2N-4GVSkR_-g9MyHBG6vheX0D-Iyb3e1jQu7CMMZKtLgCf95RsJOjljdtSDXnjVh2l9XlYJ8pMFMIjg6hJDTPRUq5tOPDoP2TOJLgZqZRNJwATumOyStQPgBAOQBgGgBk2AB6ryqD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB-ACgOYCwHICwGADAGwE6CFlwvQEwDYEwrYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRogWwpnDM57UjK9WC0_GPQGr4EJvA_Lh81V6Q-GHwjr9EycLMbyt-26A2VgOJ_DigJ7AsjNfM0nBwZLmw%26sig%3DAOD64_3OjMdyCJvOxIOcIx8NRGzOdS7OoQ%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-B-hOicQBi4YDfUt3O7YnQzWMxpLzghAPh96TrOdvvhEkQiJOiXZ2Vcra9-T8XG7cCGnrJvvuTET_p1SylHVZN-4yjRM8ZCRRA_9HwVD1s9d2BSZLRNM3r3bTJ7Tmn8c_ueOlUkOLkN70I4WpjeWQ0Z3O12EQ%26cry%3D1%26dbm_d%3DAKAmf-Co3n3CBNPXdYX8hvxkKXxrjFDyzkIsf1vRDVPln0hE3MCZ6roBrCKK8FzA9SM0ZWMsemKp8jxTeuLPArThOlK3fkUTmk9MRdffCYWqoUlquhfynj8ag2NU49P-aD0BECRjNBHmZ2odqC_EATDJOUBoonWg7CZ507ylSxNTfqnlufCTB2r5u6QXROOJTPpEXw4RKHnPdsi7JfMqOOkCveJcZEJ4D1cGsjm4IoQe-abGXfq5ixnSuyrllj_tfBOohnW0DJMRyKWmP3DvonYy3iF5ozrarzEAsSoqvHII5O5OlumfvTrMA-l8mLbqubcm7j-hDIO7Fnty35JNZctgpNeIS3I5ZBATh87BiaRZSMt0rFnTOM2xu6Z5dkeGRYfzeSH03J-3Jr67dU0LYALDepd-ND5qP41M6h9Qg0-MVCteu7O4siWb5OnSTi8aNFHsuuQ5Sep2HQ5v1jDFbLb6V8XB52R0Qw%26adurl%3D%2522%5D%24%24ctick%3D1617996155266
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eq1Bg98UqAvhBhWNXGHJDpF2z7E5FrbO
last-modified
Tue, 30 Mar 2021 08:09:59 GMT
server
ATS/7.1.0
x-amz-request-id
4F7K1J22AEFFVD0V
etag
"525bc901cc399b4300d1ce97f815c9a0"
content-type
image/png
access-control-allow-origin
*
date
Fri, 09 Apr 2021 19:22:36 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
31663
x-amz-id-2
HxcYF6nwMnE4OxB3UetT0slTgti0j9rnKlTdZJLMgmTVPdoowwE9fwScGnR1T7zXcYSz984zems=
expires
Mon, 31 Dec 2035 00:00:00 GMT
Serving
bs.serving-sys.com/ Frame A150 		24 B
867 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=715657777233199579&ai=1083129936&usercookie=u2=2971ef0e-5645-41b4-934a-0c65cb2deff0&oo=0&dg=1075977878&ctick=1427&gdprpurposes=1023&ord=1617996156665
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Disp_3_39_0/ebRichVV.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
80.252.91.53 Amsterdam, Netherlands, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:36 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=UTF-8
Content-Length
24
Expires
Sun, 05-Jun-2005 22:00:00 GMT
dt
dt.adsafeprotected.com/ Frame ECC9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=654467&asId=b6dda771-99de-2056-2a9f-9cdc5535b973&tv=%7Bc:9jZiX8,pingTime:-10,time:1953,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1617996156272%7C%7C946df09c187ef552b54b9596f2dfe597%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C42bcfe230418ce3c1868da57704f1f79%7C%7C025ac7de207664a671dffc49c0027a60%7C%7Cc369bfd513473cf496295a2713fbf759%7C%7C2f6e9f8194a13b2459a1700e09bbd7db%7C%7Ccf97376039a4430584a25994c24b6025%7C%7C1614879537,ch:n,im:%7Bpci:%7Btdr:249%7D,imprf:%7Bttecl:1880,ecd:56,tsecr:290%7D%7D,sca:%7Bspg:611302d7-fc3b-529d-1429-e3f42783aa2e%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.1.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:36 GMT
x-server-name
dt27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://banjarmasin.tribunnews.com
date
Fri, 09 Apr 2021 19:22:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		142 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d71a7231fb8ac422000f863839f6e3e718d3f40e9e0344099efbfe43c3c7c3bc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:37 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.12:80
AN-X-Request-Uuid
4f988af5-7133-4dcb-b848-f4e29fae1ec5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
142
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/211377/0/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:37 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
dc_oe=ChMIgKSBsPHx7wIVQwSLCh1MUQc_EAAYACC455Y-QhMIrqbHr_Hx7wIVDnvTCh1fWA5S;met=1;&timestamp=1617996157458;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame 46BE 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgKSBsPHx7wIVQwSLCh1MUQc_EAAYACC455Y-QhMIrqbHr_Hx7wIVDnvTCh1fWA5S;met=1;&timestamp=1617996157458;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 		168 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&w=400&h=225&time=1617996156&cbb=7996157576
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:37 GMT
Server
Tengine
Content-Type
application/xml
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AT&cos=Windows&r=banjarmasin.tribunnews.com&rs=banjarmasin.tribunnews.com&sid=5213&t=1617996156&cip=91.132.139.84&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5f4c6fa86d070d2ea259d40a&test=&aafaid=&proto=https&uid=1617996156391-930951605971-021561-002-008258&cha=0.7&cb=4808718440&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5f4c6fa86d070d2ea259d40a&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5fc49f47ef635a0437416998&ncid=5fc49edb1b134965e620aa8a&pasid=5fc49efbc5291b292419112a&e=request&cb=1617996157577&asid=5fb766e909e8a7781132bf27%2C5f9b871944031e6d1a4fab56%2C5fc4a4b903a6de5b11064bdd%2C5f0e87a3db73b9083a397ae5&ofpr=3%2C1.5%2C0.8%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.157.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/211377/0/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:37 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://banjarmasin.tribunnews.com
date
Fri, 09 Apr 2021 19:22:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
640efe21d02bb10957397783c9f9232e1cfeb15eeef85cc47b9455f56b8c3c73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:37 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.75:80
AN-X-Request-Uuid
e9fcf6d4-b414-4557-a5f5-f0b7b64582f0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 		168 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&w=400&h=225&time=1617996156&cbb=7996157856
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:37 GMT
Server
Tengine
Content-Type
application/xml
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AT&cos=Windows&r=banjarmasin.tribunnews.com&rs=banjarmasin.tribunnews.com&sid=5213&t=1617996156&cip=91.132.139.84&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5f4c6fa86d070d2ea259d40a&test=&aafaid=&proto=https&uid=1617996156391-930951605971-021561-002-008258&cha=0.7&cb=4808718440&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5f4c6fa86d070d2ea259d40a&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5fc49f47ef635a0437416998&ncid=5fc49edb1b134965e620aa8a&pasid=5fc49efbc5291b292419112a&e=request&cb=1617996157857&asid=5fb766e909e8a7781132bf27%2C5f9b871944031e6d1a4fab56%2C5fc4a4b903a6de5b11064bdd%2C5f0e87a3db73b9083a397ae5&ofpr=3%2C1.5%2C0.8%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.157.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/211377/0/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:37 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://banjarmasin.tribunnews.com
date
Fri, 09 Apr 2021 19:22:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
65644c3d6b01e49be0e25e9b3eeef845bb001b4a343f3f4da474b8d41cc1d264
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:37 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.132:80
AN-X-Request-Uuid
3c742079-f6f3-4e56-9966-15a90f38da2f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 086B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://banjarmasin.tribunnews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=3001115148448799227; icu=ChgIr41xEAoYAyADKAMw_dLCgwY4A0ADSAMQ_dLCgwYYAg..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 10 Apr 2021 19:22:40 GMT
Date
Fri, 09 Apr 2021 19:22:38 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 25C8 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://banjarmasin.tribunnews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; SyncRTB3=1619136000%3A220; KADUSERCOOKIE=95608480-8361-4F65-A023-52716522999A; PUBMDCID=3; chkChromeAb67Sec=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=69552
Expires
Sat, 10 Apr 2021 14:41:50 GMT
Date
Fri, 09 Apr 2021 19:22:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 572D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://banjarmasin.tribunnews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=3001115148448799227; icu=ChgIr41xEAoYAyADKAMw_dLCgwY4A0ADSAMQ_dLCgwYYAg..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 10 Apr 2021 19:22:40 GMT
Date
Fri, 09 Apr 2021 19:22:38 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame DECC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://banjarmasin.tribunnews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=3001115148448799227; icu=ChgIr41xEAoYAyADKAMw_dLCgwY4A0ADSAMQ_dLCgwYYAg..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 10 Apr 2021 19:22:40 GMT
Date
Fri, 09 Apr 2021 19:22:38 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0DDE 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://banjarmasin.tribunnews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; SyncRTB3=1619136000%3A220; KADUSERCOOKIE=95608480-8361-4F65-A023-52716522999A; PUBMDCID=3; chkChromeAb67Sec=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=69552
Expires
Sat, 10 Apr 2021 14:41:50 GMT
Date
Fri, 09 Apr 2021 19:22:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1FC0 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://banjarmasin.tribunnews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; SyncRTB3=1619136000%3A220; KADUSERCOOKIE=95608480-8361-4F65-A023-52716522999A; PUBMDCID=3; chkChromeAb67Sec=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://banjarmasin.tribunnews.com/

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=69552
Expires
Sat, 10 Apr 2021 14:41:50 GMT
Date
Fri, 09 Apr 2021 19:22:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 		168 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&w=400&h=225&time=1617996156&cbb=7996158168
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:38 GMT
Server
Tengine
Content-Type
application/xml
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AT&cos=Windows&r=banjarmasin.tribunnews.com&rs=banjarmasin.tribunnews.com&sid=5213&t=1617996156&cip=91.132.139.84&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5f4c6fa86d070d2ea259d40a&test=&aafaid=&proto=https&uid=1617996156391-930951605971-021561-002-008258&cha=0.7&cb=4808718440&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5f4c6fa86d070d2ea259d40a&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5fc49f47ef635a0437416998&ncid=5fc49edb1b134965e620aa8a&pasid=5fc49efbc5291b292419112a&e=request&cb=1617996158169&asid=5fb766e909e8a7781132bf27%2C5f9b871944031e6d1a4fab56%2C5fc4a4b903a6de5b11064bdd%2C5f0e87a3db73b9083a397ae5&ofpr=3%2C1.5%2C0.8%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.157.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://banjarmasin.tribunnews.com
date
Fri, 09 Apr 2021 19:22:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
40e0ea838e18d8aa48bbdcad2c52699604780919a5db9a90204b95c68c19ebed
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:38 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.59:80
AN-X-Request-Uuid
b008e37e-4558-4d87-89bc-2f9c6be1dc85
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/211377/0/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:38 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
gen_204
pagead2.googlesyndication.com/pagead/ Frame A532 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjRq3ealwYPSUN6nX7_UP5bqG6AgAAAAAOAHgBAI&bg=!7-yl7KjNAAY56aLOOek7ACkAdvg8WmQUg-Pu-44cGjSeuy2s7rJfjWAnT0wou6X4DH_G9QaH5yVuDgIAAAfhUgAAAMtoAQcKAF-wdqden6GE6JzqAljyJWgCbc1bbz3p1wiZVqJPLEQAYyJ0ltUtg_BB7-M2qfz7p8FgaF7gGoWfQq8nHWRJ1GSltM3264WqAza4I4tHJWifmFlYwX9QK4ugF20G61Xzk5kCdq07Cedplt4Y6_9DofGm_jGAXmbT1l2BlgNAS4_efITdZUi7nx4muE-INgVy586HeAxRJTznIUkHoq4nSqBD42YAcf5y5D6cj2eqonGr3_5D16qIr6uaSMWMwUrwEnDxN8NBfRYPzoyj_vgGLijAP3oko9ETVyU_Wa7OgfGO4YeX-k4tljLbm7_UqmTwVEwbKl8VG69AfEeqV-994uT1LG0xPOOA_XBcs8snU_mfFXiKHuMfzzMBjF7XOqgmahnc5wjwd13VdxNMqCI1_FB_TkkbAVT_X90H_qNlUKpQ6YWNdpAraD1v9xpyic0S0rg9dZcY4RuQ6f_nNdryOa6BRkMPV_a6MnakRdD3e5T-eDVBxqvRhe8ZzgRR_vrJYy012r1C_toszkrml4mH42qdMGqXHsXWpvn9grCwjZRXMU8Nt6uCzmbbVC56y-gUNMpDA9PCtHq5ziwwMN2XhiV_Gi3MdMBT9n4fdHlpv3jekLdr0NHZ9MV_Ib-waG36h6kVSHRmeVgu4vivUD0--YsQoxCc1yGzaHDgVlLr-e_nfoZyj8NpIwfGxke4DMOcmsC1Rd6ECyBDoGTlC9xCh5J0PcSP0cGf6iS7yPgiDrvMoMUDeaMFKx1vapZiDb4HKpM9inRzMDXP5_qALmHitJz1sbjvlrmX0oC3cMZwQkeN5DerSM-6zBj_CuFhejvsvS3IHsV3SZu_26Eq-SHguNU-wd5_cUF43qyjF-oghbRuqZHb-Npqw87hDvWT837m_Ryk4rxeIgA6Vl5fWWzA0T9WriHtwr1pGhnMDTVGo0EXHfHyapkxT6inhRlGy4TktBR6pazg7_5t-w
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040101&jk=463235169753534&bg=!xcalxoLNAAY56aLOOek7ACkAdvg8Wu7f0c-bPL0rkcvTRrZPGAUxMsexrGz_LfquWKkMC3HJnQgYSgIAAAeEUgAAANBoAQcKAQatLKF6nin3oA6E-esqaaUMDgwa8roUW0kRvpf72x_ncojC4bToB2uo5gan-dpHES81gjx96hA45bFBn6d1gbj1gulhwMV56oy0YP4wKpPwVPRB513xEDhURxGo3qtC3kH6olnxNSd3DwNrPi3Be-vmuPdp659dPjw2acqNyNtJZyBue_5zWx1YAxhXYa-7rfgDGF7-SkfUyAGXIK8NXg9jwTfLj-i3oOquG5eYuAdq8tDWnaoAEFQjJ2y4D-odSG4Ya0ZzxGIFB1PNGFUaOlBUhowkv6iPhKMKnbKgTT8Npfnej_dUJ39vOh0f2hQvIXOhMVO2td4b091C2obUj2zy-YonuuR-mQHfKKqlqFDd50sSTAuEVHJp9NSJYKKp59ShXnhbhaijzghYweQCrqPAFrNSlyCBg7IKF3W9mcS_Zl764ON9sSu5RACslPt4bm7UHJuSN2bkpflRIWvdBkUZ9gh6WyzOWekvMf3zGHW53pStYUN7nNYAYYxK71JJt02ZBsLqeVyRvJ2P0_37W7pvaYtl4dHTHMsJEK7ESb_4XlV-_6O74zZIx7pglmZesqAQpAjFiGF-mr8tGmF8lIuq2TvhP__PsgM-WOmmpmhLFLjsy7VVLF_UrA1mIhgl_gqCERLGFlOWGWDRpYLNcJDPB84AKML0ncZJLnHIzlNGrGL4GPderSx47uvz4P2zMO_e-SQvvOfQGPTUR817sauF30k6-1VlbjawXDxtJp0v-V6wPcAwlMqPY37YqEA_7Jv9-IMES9Hw-1TP7w9foq8tuLOeb1DVBMdNen_YVXlAe0cFxVMGrGNz1Eu5ux1yngcDjuDWsdJ07W7T2bEkUOomuc4UyEbVr_Em0_oyNSxtWYcKk6roMnpd74qsbBHCpFt_kw-5ilQR2yEEgJc-atWVkwHoKl4mcyqrEBjQNpy7eu59VDxC_W17QRaVbM2rQak33dBxp2KdtWGE4-E0gVuoq7hbDihz4DY
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 		168 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&w=400&h=225&time=1617996156&cbb=7996158412
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:38 GMT
Server
Tengine
Content-Type
application/xml
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AT&cos=Windows&r=banjarmasin.tribunnews.com&rs=banjarmasin.tribunnews.com&sid=5213&t=1617996156&cip=91.132.139.84&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5f4c6fa86d070d2ea259d40a&test=&aafaid=&proto=https&uid=1617996156391-930951605971-021561-002-008258&cha=0.7&cb=4808718440&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5f4c6fa86d070d2ea259d40a&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5fc49f47ef635a0437416998&ncid=5fc49edb1b134965e620aa8a&pasid=5fc49efbc5291b292419112a&e=request&cb=1617996158413&asid=5fb766e909e8a7781132bf27%2C5f9b871944031e6d1a4fab56%2C5fc4a4b903a6de5b11064bdd%2C5f0e87a3db73b9083a397ae5&ofpr=3%2C1.5%2C0.8%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.157.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://banjarmasin.tribunnews.com
date
Fri, 09 Apr 2021 19:22:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/211377/0/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:38 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c6b996ea1814dbda1dd90e6b234cd4f6ee4e54113c264b52f84a092eac83666b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:38 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.9:80
AN-X-Request-Uuid
b123389f-274f-438f-a8fc-f3d8eb7a1adc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CB56 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZo15ealwYN6rN7eMjuwPu8ygIAAAAAA4AeAEAg&bg=!iYqlis7NAAY56aLOOek7ACkAdvg8Wr8GQPXPbVYIQcaqj-HVpiaWnGbbOGKWwMHlZJwyCIk9K779XgIAAAbUUgAAAJloAQeZAm-6Ng1M2IQCRHGQEHDDdIB-wHcusn6zFHuqdNDJB7iNqQvQ3sYlSTg9U9rNqI_4g103l2Fdn8fCSIFVz7PYQlYbupSVCI1auLDVzoF6YtZFk5AcVyulYVqZ3Ua2tAs3pwzJieQ3YFLAdYA6ifPtms1nZPaA9fXGOmmdcMjU2K2uKijqIHpjBTYW6ifjtxtGl1w1l0Q-eYG0EUS7Z1WbKNBgjFzQYSTg4MMq1GCMS8hifl5wkKYehdI9NXCxEg8lobd7LW3XLXsWPPnELfznkfHvX5KBLVrNThBSZkm5zMmSQMPH3bIQbclv8NX8kyL4wsKtb7As9eCfPSlKG_akkCzkZzuqjJ8h78aZ-27TXY9BGfE2pLgrk2gmb2GZuNR00MyMXPAMUx06r-lkcO5wIK618M_R9OwseK7GUp3n358CLQezUoR6iFUBCvhLifJ9bKHnIV7r4lIrBLK-57JK-JC_oyeCJfL-TO7I5imJKom_8CzAJYkevSGJSg1sXA3hsfsjyYti30_ZMM4ohGqrmW1z400IP4IUAsebNQkYFWJDWvgbGJXJEgPmOlTEBwcUEOOofy61MPAba-lKv5osRhpHCgAG0duo4CKidTomEIHAzlZ1wtEG7vC8jIwHdjvNE-BlnrnHB0LWHMeenAJnX4V7XwDlzKBQh4XwY_zmgANqh7fI7lK01_hGqzENzyE-rLEhcZVgX-nfJaP39y4cN_6_Ft2f7-KPFUNLowaPObjmntimHc5Rk4cVQLvVDpMuRrlWXRbQLSv9AzrlwPLQjjO-OL4qRbX29GFXGRdUV4jiKjdqYUxgbS9Klx2iD4Cgow
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 086B 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:38 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.79:80
AN-X-Request-Uuid
3b8d6be0-6e41-47d9-8854-4029080cadc8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 572D 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:38 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.56:80
AN-X-Request-Uuid
caf7721c-ebef-4377-b410-84999a0404ee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DECC 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:38 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid
40484c20-3afc-4073-9290-5a58acaade2e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0DDE 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
25b25db626ba941b4befdf466600de3488fc48ccea31d20b6f7587f3ef6751bb

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:38 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FBB 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXzgzealwYNetN4OZrATt_43YCQAAAAA4AeAEAg&bg=!XF-lXxvNAAY56aLOOek7ACkAdvg8WukDTOQrIdcfswfGu4FmvhpK-3ZNfqlruZ-rR5UM17wGTcWABwIAAAc2UgAAAIBoAQeZAm946nFiPk692zxQ69sHGgmGRHrd6Jxm1UfyHKDbcr4aokAHveN2eYJH5UrAvEmqHMlljuzeVlcrTqLDlWgmVtcst4JPPBRKLqWWaNCy08BrYcvAXpzv8MN5lcJSnIWapHUiXXn9TzbvuwMH5nNsqYv8zcHBftrsFvCJ4zBNodDMcIrSjuL9X5YJFgqvAtiwG27oOFVqBL7t2EzLr8syTKE6i3bU0XUIlAT0Fyzg5jIT-fUZoJlhX0dFLoSwJ61KW2pC7wtrmwdGRL8IPXq97FbeJF8FVNW_LR0B2j7B65JGW0IeWBy1hNagDz08AT22wYJWqI58EMSVqMwULtRdix5GmZ4DW0bqSpD_sjackrJ9bAO4Q022b3yKlHEYuMreRCmF4oNn50y5VJkIjH9qkAFbEDhLudBQtO6bcPl0UgXg1VeW7nFNb4NEJYX-GJl6zyCd9z04civF38XBN0g6PrBJ4KqYAJv7YFrzYMgduGmj44sNlUwOCgJlYI5G40xJ-L9G5uk6Ac_kvs5OpMdi8ebMjhDj-nyomHIW5MKjxOMWjuXGDyF1yk8GGlOUOgRgo6NmtF3NOZdUkylzkTE0mGi4dgSVBWVw5WnIp7VQV2WG6YS_NO8o_YkZAGYtG-Uu0aQEcLW9jGLyvqltrKCOh35etc1hI5C1AlRvMRnRXhKu5pyzX-92eYY7gO2_D1V96yY3djBelFRePiyXEcK35KM5C8Sc1YbztaN984EK1ufeXwTvNP_9trn8WXYz1prO4v-sl3guXgq_KGfDLc6DAkZb4qIbDvG7QEPdkav_pvbyzePv8a4SRpGeRTlpm0OadA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A37F 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlPbyealwYMCDN8OIrATMop34AwAAAAA4AeAEAg&bg=!vr2lvfnNAAY56aLOOek7ACkAdvg8Wm-XxpZLByix35MQfmG58BkwQ1BGfEQkyti1doIaVl2KBM6iHgIAAAeIUgAAAI9oAQcKARZrnYlVXwKsTZIVpd7gAIA0Yj4JtcJgnPGJ2aJ5isT-XBEg3eIB7oSn2Vu-RUbx-wdkzZlG2b-0jSQXx-l3Jr4PICMdEDliaTvkWSjOoDjGArXAu6Wb1VC-teT99myKA-jMGW0TeU4RtpOC0799tHFTgGm1Luuf2Z2dPB7y5-ucv-lb17c4OGn7Z6aJALg2j8QADhNDkf6reWpJoMuayYuddWBjqyk15o9hPIicanku_CMaidyFjs_gk4iNgrU7XcaxV2MlNObQaExd3_ZZTIgGk3-yUPIneLJZWU0nkbMgdYXkLjKzekhdZ7dqVn1IIpX80d8O9djQM0vITu68I0ZJcVaom0sBvAZxGSR75strmTMarYTlDJkCcgjqJqQ50AlPQYyzkcIE2RSx1VPxNa_Htjmdy0u_xbg623hc-HbjCAECZFRj1LUYYSK_pubwW79dt5n0AIVTgAWDf9km8uoseBroTUaxAMZjnaruA0Dq6EAbbp5pdVPCo-DTpLb8KN29-IhBHhdi75u0L2T1yNxWj3_fUYBz05-pf4xWjiNiPU9lZwRgb3nYNu1Fa6koLSyPo--u1XeNYvQWdmO3SCuxZyyjSd8AOUqHTkqRabnkiGx7I0_WOGkjYLKnTaliYv0QZKwL6ku9tJ-ysfrhSMFS0bu7Nf1jWoPCxOyl-XpbRE1gRBEYU3DSgRNmnrLzc1jmcb1DI57LmkDEnM2QLg82HmDeUZw-vEJLD2FWHnwn4LQIGn6oBuEmLfR-Ej9mgr0mVg0DuP8eypGZuOqgu9ypkZmhI64OQrXrnmh7Tuog9LeyJ_Rtv3w0qrGkGrQ0xGKvyKM-ipWnznpfWuc1AIItqHWOhDJbnfgNYzJHutGdjY3CEvXpcLtAwediDb1SX0MD8Vi6aOLl01gUwvXBGOt9OBLcg-6KWahq5u5OizmIKN9kL2zHEIm2xKDRcgjEetxcOy0ldMfPcUeGNaDR8YKbBm8zmNxVXOlJCerImT66vH3bAsjfdyHyEMLU14ehT38RpKUyMoaYtuI9IOcC2jSI54uj-3Nnlwrf4YLV_KR8yS7Euwcslet-8_4bJT68v0uHoNeTPtiDVAmfgm-264dcmgbKZHWDeRXlEfx5MrJm7BnvoT3CB92f6HkkHUCOAU_hUg29U6e4F0zfXhic5Zqt5TuYtwP-D87xXNDFkuaHoD5oQ85cE8e14mwQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BE7 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bvs0yeqlwYMSLAtPv3wOqipagAwAAAAA4AeAEAg&bg=!8_Cl8LTNAAY56aLOOek7ACkAdvg8Wl2i-IJupAuOfZCmSoZFp4nxFlmKYMyC6mVm8n7VLK8hYZSa2AIAAAciUgAAAJtoAQcKAEah8moyHMMbPisRYN7yiXqLY0f37mnFTMhTptvlT0H-XU1clcGiVjkpi7t6RLVLh3inuRO1AgEicGRVE6nHzROfvRVmsq7umQKEUsm30UJIKD5whPTnuI2cBn3JakykdxtMtM6zhQ1nd-pdpBxLf1R-54NOHgv_JP_qgjvFiC7krXyKLE5vcet0StSTWFYQLK1yhSVSKbNgYKAJ2VWPYNzpJSPtz7M5gmJ0XYPLRW-imv0buODP_2OjuhV-6PaC4R97RNI1HfJdxmL5Wo33CjtrUV4st1enL4VM6EzGmYWRa4RB_Ao3ItBGNWj-Iw2iOQXSPv4gE-OWK_MOmWShfF68OaCftn1aSxjPIPJYLKmmnA3lyZlm37zr7SqzsUHaHIKlj7IxuCEnLvHx6PSemaLnDZ-X9Zk7Dphj_E6UPTEm3pGaAD1sAkfQMRWQvQ052ubNPelFM9j0oloMVkFg7vKStW3sSo012PaEWEWr7AcLLYj_4PAGaT8nv3ToXAkWgDw4JRFOOOIKZF5_1cDuvIV7H1jhn4FBTCn8UUHbclZlvHbzNVmYj_rsADt1lQ1cVo7iAbQ5iAy4Am-Ya4PtUvjnY-MM07latKiTvrxSTaWBEGp4EiY__PeivZpAEewmvHcYhKijPEOe8xKjGrzmptiz0RQfZzkgT0IkoDT19TNhkoQJ40tDL_YL1yChn-VV8BnO8jeOOLdam0isUSlcdNn0HoXZ1wt0J86m_8sOnWkTKf31BWZJWX0CwYVFHB3Z8cIkt0J2aftp8mPlNqyS0iJNhylJSpl0vk5nEiT-ks3_lOSh4ifF6fqw8b8f_29eRzCudj7Q3Jy_qqRWqTrPR064OSorbtXPpyADzLgwzf3HZnC05U8KHws3-mthhX3C2GxaM24lSQLvPjIcbZ52Gk6fmZtjFgSbv34_DlOSF6fdKWiLOTZfqanT7mWi8u4
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 764A 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040804&jk=3576236887614438&bg=!4-Cl4KTNAAY56aLOOek7ACkAdvg8Wm8sl7vEtAJVH8EKG5iMEZPIiqGrAois4yg7qiS8D_xQY7CrJwIAAAc4UgAAACtoAQcKAWLyPQo3mFMlzxZ7GoMREgEsauwOHPfHTSjopchBU4dh9SdFI76_8ax51ZaH2W-drMVIqXpjNvFwUaW10dgqowfH7WZJrokfGE93nLgAEvtYeJBkhm-afLzgVuvZ3Lk3wGnk1KFg2YXlnVIMyVQ4tXzobKLyUgzbB0r3z_K7u-IkJWRTwXGraj1Mo6d5mg3SpwSOUNJsDb6IuWvOutVialj3LkKLdl8c1xPi0AJf_r1AccBwOAUdHiZXY2UXuONuTtK-RMylUkXmgRrN8vyiTFcdqF7Iq1JfKBj13gvX0d0guvYZBlcoFlv08zuQNkfZJaRpIgtBrbh4ZDlrNtl9XrKVOUsKc0XnubeM9nvwvV3SN_eASOA0-zrQu5sR33WVQ2gEW3SsptvcXcUTobVBTQ4rUzOjlnkQeUuOuq-WWxhJMy3ogsAVBWNcGO_uBf3pWnyi2IITCc4mSj6Q3C-v46UM_gWZAgeYzgEsVj7ppEULPvoV59VKuk8Ty93KVr-eC7-N2t4PmW27g1ul5Ae9P7qwbzJbAz8thvXZlKJHCivPG-8q228JAQ93l1tzOy2pKlFOaxNWeoPTHWl_Poaw-9sYFRE3-F8Xpnf06oNonAF84RU3i6ZzhmHDU3NNELsnakcGxKy0Qr07y1VD27e0jLax68wqzoyzW3iFYbkM82nYYkbNQvlEiigZLBiQv3kVHSAiXWsFhaRMvX3XB9ZjBWxPmjHNttd1zX0ulGIfZ_b8GuJJ4fJ2eDn1YZ499erIwjBv2HIN5xVtmp_0ILQ1_7CG4eBLyNlDY2VGmJXnoZvqDjnWkbXQW0K7ZjF02eiTd8pRs52mVa7RNO0AH1-17rSNMcUiEhVH4dMA6d_xs3N_RTUxPMXngJQ2akz1siKZ_CuwAC0CHnSWxIyY-jNS-cS6AYv42QFyU__iZeC6HmPYxjGbLxVLi0emuhu0FkPo_x2OjiSwoz91K3-gKjz0oUi_1gnZ8wLX3LFoXM0tIVkB-CJi3DEpOfF0FWhnCaib-A8IsMpNTmq_IsbdokUgTnVuWlmp8wROgJQWkmYVrI3WHZuomHn_lVXeoTyC5eFgNOWhv7PL7Lqa736WryMfZNnutqRwJ9IMmx3d22llxsI7Iw9QxF3_bt-bvdNZQ-ZZ87kpc4uEE0RQ8SrIONU
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 3F71
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5247651444649942097
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5247651444649942097
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=95608480-8361-4F65-A023-52716522999A; PUBMDCID=3; chkChromeAb67Sec=3; DPSync3=1619136000%3A201_227_226_221; SyncRTB3=1619136000%3A22_189_176_166_55_88_54_5_161_230_78_220_231_13_3_81_7_71_8_56_204_165_222_21%7C1620518400%3A203%7C1618531200%3A15_2_67_223%7C1619222400%3A35%7C1618790400%3A63; KRTBCOOKIE_57=22776-3001115148448799227; KRTBCOOKIE_80=16514-CAESEDJINLkAxy7W3RRmudUOUHI&KRTB&22987-CAESEDJINLkAxy7W3RRmudUOUHI&KRTB&23025-CAESEDJINLkAxy7W3RRmudUOUHI; KRTBCOOKIE_409=22966-Yz56IlxbGyevirCV9xgRWnUK&KRTB&23212-Yz56IlxbGyevirCV9xgRWnUK; KRTBCOOKIE_153=1923-xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE&KRTB&19420-xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE&KRTB&22979-xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE; PugT=1617996158
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 09 Apr 2021 19:22:38 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-5247651444649942097; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 09-May-2021 19:22:38 GMT; path=/ PugT=1617996158; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 09-May-2021 19:22:38 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 08-Jul-2021 19:22:38 GMT; path=/
X-lat
amspug005:0:379
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5247651444649942097
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 6C04 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Fri, 09 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1198
x-powered-by
ASP.NET
date
Fri, 09 Apr 2021 19:22:38 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame FD2C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKb2tVN0E0Vk1BQUNsN2xGTkNMdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJokU7A4VMAACl7lFNCLw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=193153582939671169
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJokU7A4VMAACl7lFNCLw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D193153582939671169%26bee_sync_partners%3Dpm%26bee_sync_...
  • https://match.prod.bidr.io/cookie-sync?userid=193153582939671169&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJokU7A4VMAACl7lFNCLw&pid=558502&do...
  • https://match.prod.bidr.io/cookie-sync?userid=193153582939671169&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJokU7A4VMAACl7lFNCLw&pid=558502&do...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AALdPU7A4VMAACnBlFNCLw
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AALdPU7A4VMAACnBlFNCLw
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 09 Apr 2021 19:22:38 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AALdPU7A4VMAACnBlFNCLw; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 09-May-2021 19:22:38 GMT; path=/ PugT=1617996158; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 09-May-2021 19:22:38 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 08-Jul-2021 19:22:38 GMT; path=/
X-lat
amspug010:0:545
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Fri, 09 Apr 2021 19:22:39 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AALdPU7A4VMAACnBlFNCLw
Server
nginx
set-cookie
bito=AALdPU7A4VMAACnBlFNCLw; Domain=bidr.io; expires=Mon, 09 May 2022 15:22:39 GMT; Path=/; SameSite=None; Secure bitoIsSecure=ok; Domain=bidr.io; expires=Mon, 09 May 2022 15:22:39 GMT; Path=/; SameSite=None; Secure checkForPermission=""; Domain=bidr.io; expires=Thu, 01 May 2008 00:00:00 GMT; Path=/; SameSite=None; Secure
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 83F1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6949240587961038989
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6949240587961038989
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=95608480-8361-4F65-A023-52716522999A; PUBMDCID=3; chkChromeAb67Sec=3; DPSync3=1619136000%3A201_227_226_221; SyncRTB3=1619136000%3A22_189_176_166_55_88_54_5_161_230_78_220_231_13_3_81_7_71_8_56_204_165_222_21%7C1620518400%3A203%7C1618531200%3A15_2_67_223%7C1619222400%3A35%7C1618790400%3A63; KRTBCOOKIE_57=22776-3001115148448799227; KRTBCOOKIE_80=16514-CAESEDJINLkAxy7W3RRmudUOUHI&KRTB&22987-CAESEDJINLkAxy7W3RRmudUOUHI&KRTB&23025-CAESEDJINLkAxy7W3RRmudUOUHI; KRTBCOOKIE_409=22966-Yz56IlxbGyevirCV9xgRWnUK&KRTB&23212-Yz56IlxbGyevirCV9xgRWnUK; KRTBCOOKIE_153=1923-xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE&KRTB&19420-xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE&KRTB&22979-xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE; KRTBCOOKIE_107=1471-uid:poQUnc6t1LuWIe5; KRTBCOOKIE_336=5844-5247651444649942097; KRTBCOOKIE_377=6810-64120c6b-b7b7-4595-b57a-ec00d6b4ee98&KRTB&22918-64120c6b-b7b7-4595-b57a-ec00d6b4ee98&KRTB&23031-64120c6b-b7b7-4595-b57a-ec00d6b4ee98; KRTBCOOKIE_27=16735-uid:907e6070-a97e-4000-a3c1-434cf00c561b&KRTB&16736-uid:907e6070-a97e-4000-a3c1-434cf00c561b&KRTB&23019-uid:907e6070-a97e-4000-a3c1-434cf00c561b&KRTB&23114-uid:907e6070-a97e-4000-a3c1-434cf00c561b; KRTBCOOKIE_22=14911-2899558292828265947; KRTBCOOKIE_391=22924-1998991230123221109&KRTB&23263-1998991230123221109; KRTBCOOKIE_188=3189-no-consent; PugT=1617996158; SPugT=1617996158
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 09 Apr 2021 19:22:39 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6949240587961038989; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 09-May-2021 19:22:39 GMT; path=/ PugT=1617996159; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 09-May-2021 19:22:39 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 08-Jul-2021 19:22:39 GMT; path=/
X-lat
lhrpug001:0:643
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 09 Apr 2021 19:22:39 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6949240587961038989; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6949240587961038989
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame BAD8
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Yz56IlxbGyevirCV9xgRWnUK
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Yz56IlxbGyevirCV9xgRWnUK
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=95608480-8361-4F65-A023-52716522999A; PUBMDCID=3; chkChromeAb67Sec=3; DPSync3=1619136000%3A201_227_226_221; SyncRTB3=1619136000%3A22_189_176_166_55_88_54_5_161_230_78_220_231_13_3_81_7_71_8_56_204_165_222_21%7C1620518400%3A203%7C1618531200%3A15_2_67_223%7C1619222400%3A35%7C1618790400%3A63; KRTBCOOKIE_57=22776-3001115148448799227; PugT=1617996157
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 09 Apr 2021 19:22:36 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-Yz56IlxbGyevirCV9xgRWnUK&KRTB&23212-Yz56IlxbGyevirCV9xgRWnUK; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 09-May-2021 19:22:36 GMT; path=/ PugT=1617996156; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 09-May-2021 19:22:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 08-Jul-2021 19:22:36 GMT; path=/
X-lat
amspug009:0:464
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 09 Apr 2021 19:22:38 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=Yz56IlxbGyevirCV9xgRWnUK; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Yz56IlxbGyevirCV9xgRWnUK
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame F5FF 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 09 Apr 2021 19:22:38 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-4
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame EA17
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=awnoeUyOZbSToJTyHtYZcZb3n5UY9RDTQoTDvcfP1C0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 09 Apr 2021 19:22:39 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d2c63c9e1d364a618495eb9d8d64c020d1617996158; expires=Sun, 09-May-21 19:22:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aBnsIHqZbaOE6iPq6fHjiD8RH3SmSyVANZbm9cxwJrdhxWQRuqlPUrrxJi2k4uXyh5N9fZcHhWbU78yQaqFbKuIcwxZb; path=/; domain=.tribalfusion.com; expires=Thu, 08-Jul-2021 19:22:39 GMT; SameSite=None; Secure; ANON_ID_old=aBnsIHqZbaOE6iPq6fHjiD8RH3SmSyVANZbm9cxwJrdhxWQRuqlPUrrxJi2k4uXyh5N9fZcHhWbU78yQaqFbKuIcwxZb; path=/; domain=.tribalfusion.com; expires=Thu, 08-Jul-2021 19:22:39 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0959af2fdc00004abcee3e9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63d61af95efc4abc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 09 Apr 2021 19:22:38 GMT
content-type
text/html
set-cookie
__cfduid=d2c63c9e1d364a618495eb9d8d64c020d1617996158; expires=Sun, 09-May-21 19:22:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=awnoeUyOZbSToJTyHtYZcZb3n5UY9RDTQoTDvcfP1C0; path=/; domain=.tribalfusion.com; expires=Thu, 08-Jul-2021 19:22:38 GMT; SameSite=None; Secure; ANON_ID_old=awnoeUyOZbSToJTyHtYZcZb3n5UY9RDTQoTDvcfP1C0; path=/; domain=.tribalfusion.com; expires=Thu, 08-Jul-2021 19:22:38 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
71
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0959af2f2a00004abcc6804000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63d61af84bdf4abc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame D89A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=YowWpOikrhub&pid=557219
1 B
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=YowWpOikrhub&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=95608480-8361-4F65-A023-52716522999A; PUBMDCID=3; chkChromeAb67Sec=3; DPSync3=1619136000%3A201_227_226_221; SyncRTB3=1619136000%3A22_189_176_166_55_88_54_5_161_230_78_220_231_13_3_81_7_71_8_56_204_165_222_21%7C1620518400%3A203%7C1618531200%3A15_2_67_223%7C1619222400%3A35%7C1618790400%3A63; KRTBCOOKIE_57=22776-3001115148448799227; KRTBCOOKIE_80=16514-CAESEDJINLkAxy7W3RRmudUOUHI&KRTB&22987-CAESEDJINLkAxy7W3RRmudUOUHI&KRTB&23025-CAESEDJINLkAxy7W3RRmudUOUHI; KRTBCOOKIE_409=22966-Yz56IlxbGyevirCV9xgRWnUK&KRTB&23212-Yz56IlxbGyevirCV9xgRWnUK; KRTBCOOKIE_153=1923-xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE&KRTB&19420-xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE&KRTB&22979-xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE; KRTBCOOKIE_107=1471-uid:poQUnc6t1LuWIe5; KRTBCOOKIE_336=5844-5247651444649942097; KRTBCOOKIE_377=6810-64120c6b-b7b7-4595-b57a-ec00d6b4ee98&KRTB&22918-64120c6b-b7b7-4595-b57a-ec00d6b4ee98&KRTB&23031-64120c6b-b7b7-4595-b57a-ec00d6b4ee98; KRTBCOOKIE_27=16735-uid:907e6070-a97e-4000-a3c1-434cf00c561b&KRTB&16736-uid:907e6070-a97e-4000-a3c1-434cf00c561b&KRTB&23019-uid:907e6070-a97e-4000-a3c1-434cf00c561b&KRTB&23114-uid:907e6070-a97e-4000-a3c1-434cf00c561b; KRTBCOOKIE_22=14911-2899558292828265947; KRTBCOOKIE_391=22924-1998991230123221109&KRTB&23263-1998991230123221109; KRTBCOOKIE_188=3189-no-consent; PugT=1617996158; SPugT=1617996158
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 09 Apr 2021 19:22:39 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 08-Jul-2021 19:22:39 GMT; path=/
X-lat
lhrpug019:0:2153
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-7c488d4f5b-smbxf
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=YowWpOikrhub&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=51d5d19db934a9db; path=/; HttpOnly; Secure; SameSite=None
dpe
ad4m.at/ad/ Frame 28C2 		42 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 09 Apr 2021 19:22:38 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=d2038460a5984ced58405e298e2652a0f1617996158; expires=Sun, 09-May-21 19:22:38 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7rdk
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0959af2f2800001772aa197000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63d61af83e041772-FRA
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame D2C8
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2174ea01-761e-49ce-aa0c-bd606025ed22-tuct76a2efe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2174ea01-761e-49ce-aa0c-bd606025ed22-tuct76a2efe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2174ea01-761e-49ce-aa0c-bd606025ed22-tuct76a2efe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=2174ea01-761e-49ce-aa0c-bd606025ed22-tuct76a2efe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 09 Apr 2021 19:22:38 GMT
via
1.1 varnish
x-served-by
cache-hhn11575-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1617996159.953939,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=2174ea01-761e-49ce-aa0c-bd606025ed22-tuct76a2efe;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 09-Apr-2022 19:22:38 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2174ea01-761e-49ce-aa0c-bd606025ed22-tuct76a2efe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 09 Apr 2021 19:22:38 GMT
via
1.1 varnish
x-served-by
cache-hhn11575-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1617996159.828810,VS0,VE68
x-vcl-time-ms
68
content-length
0
141
match.deepintent.com/usersync/ Frame AD97 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Fri, 09 Apr 2021 19:22:38 GMT
server
b
check
pixel.tapad.com/idsync/ex/receive/ Frame D299
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1617996159041; TapAd_DID=f294ab11-9968-11eb-afe8-5a9a02d33f5c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 09 Apr 2021 19:22:39 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Fri, 09 Apr 2021 19:22:39 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1617996159041;Expires=Tue, 08 Jun 2021 19:22:39 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=f294ab11-9968-11eb-afe8-5a9a02d33f5c;Expires=Tue, 08 Jun 2021 19:22:39 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 44E0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:poQUnc6t1LuWIe5&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:poQUnc6t1LuWIe5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=86066160&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=95608480-8361-4F65-A023-52716522999A; PUBMDCID=3; chkChromeAb67Sec=3; DPSync3=1619136000%3A201_227_226_221; SyncRTB3=1619136000%3A22_189_176_166_55_88_54_5_161_230_78_220_231_13_3_81_7_71_8_56_204_165_222_21%7C1620518400%3A203%7C1618531200%3A15_2_67_223%7C1619222400%3A35%7C1618790400%3A63; KRTBCOOKIE_57=22776-3001115148448799227; KRTBCOOKIE_80=16514-CAESEDJINLkAxy7W3RRmudUOUHI&KRTB&22987-CAESEDJINLkAxy7W3RRmudUOUHI&KRTB&23025-CAESEDJINLkAxy7W3RRmudUOUHI; KRTBCOOKIE_409=22966-Yz56IlxbGyevirCV9xgRWnUK&KRTB&23212-Yz56IlxbGyevirCV9xgRWnUK; KRTBCOOKIE_153=1923-xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE&KRTB&19420-xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE&KRTB&22979-xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE; PugT=1617996158
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 09 Apr 2021 19:22:38 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:poQUnc6t1LuWIe5; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 08-Jul-2021 19:22:38 GMT; path=/ PugT=1617996158; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 09-May-2021 19:22:38 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 08-Jul-2021 19:22:38 GMT; path=/
X-lat
lhrpug002:0:625
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 09 Apr 2021 19:22:38 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:poQUnc6t1LuWIe5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-0c15f6a621e7ffebe@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=poQUnc6t1LuWIe5; Domain=.w55c.net; Expires=Mon, 09-May-2022 19:22:38 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 09-May-2021 19:22:38 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0DDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lWCEgINhT2WgI1JxZSKZmg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=106543
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sun, 11 Apr 2021 00:58:21 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0DDE 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=95608480-8361-4F65-A023-52716522999A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
63d61af84f7f2b4d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0959af2f2e00002b4dfe142000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 0DDE
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=95608480-8361-4F65-A023-52716522999A&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=95608480-8361-4F65-A023-52716522999A&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=95608480-8361-4F65-A023-52716522999A&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:36 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:36 GMT
frontend-id
13
location
/pubmatic/1/info2?sType=sync&sExtCookieId=95608480-8361-4F65-A023-52716522999A&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
p.gif
visitor.fiftyt.com/ Frame 0DDE
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=95608480-8361-4F65-A023-52716522999A&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=95608480-8361-4F65-A023-52716522999A&gdpr=&fbounce=1
0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=95608480-8361-4F65-A023-52716522999A&gdpr=&fbounce=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:38 GMT
via
1.1 google
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
clear
content-length
0
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

date
Fri, 09 Apr 2021 19:22:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=95608480-8361-4F65-A023-52716522999A&gdpr=&fbounce=1
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
144
Pug
image2.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDJINLkAxy7W3RRmudUOUHI&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDJINLkAxy7W3RRmudUOUHI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:37 GMT
X-lat
amspug007:0:296
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDJINLkAxy7W3RRmudUOUHI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 0DDE 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 08 Apr 2021 19:22:38 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=64120c6b-b7b7-4595-b57a-ec00d6b4ee98
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=64120c6b-b7b7-4595-b57a-ec00d6b4ee98
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:38 GMT
X-lat
lhrpug014:0:313
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=64120c6b-b7b7-4595-b57a-ec00d6b4ee98
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1998991230123221109
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1998991230123221109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:39 GMT
X-lat
lhrpug008:0:414
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1998991230123221109
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:907e6070-a97e-4000-a3c1-434cf00c561b&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:907e6070-a97e-4000-a3c1-434cf00c561b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:38 GMT
X-lat
lhrpug010:0:388
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Fri, 09 Apr 2021 19:22:36 GMT
Server
MT3 3660 495c301 master zrh-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:907e6070-a97e-4000-a3c1-434cf00c561b&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 09 Apr 2021 19:22:35 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3001115148448799227&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3001115148448799227&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:37 GMT
X-lat
amspug020:0:389
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:38 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.136:80
AN-X-Request-Uuid
1f354310-2057-4629-9676-72dc98b1b27d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3001115148448799227&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=46756001-3a2c-42f9-be4e-043099aaf5c9&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2c7fd386-8e3d-44ed-9317-2a9f3171c5d1&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2c7fd386-8e3d-44ed-9317-2a9f3171c5d1&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:39 GMT
X-lat
lhrpug019:0:402
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2c7fd386-8e3d-44ed-9317-2a9f3171c5d1&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 09 Apr 2021 19:22:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
95608480-8361-4F65-A023-52716522999A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0DDE 		43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/95608480-8361-4F65-A023-52716522999A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=95608480-8361-4F65-A023-52716522999A&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=95608480-8361-4F65-A023-52716522999A&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IV3G.LJE2uVPxzRTZvExeX_FCTP_bs0-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IV3G.LJE2uVPxzRTZvExeX_FCTP_bs0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:38 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 09 Apr 2021 19:22:38 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IV3G.LJE2uVPxzRTZvExeX_FCTP_bs0-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:38 GMT
X-lat
amspug005:0:400
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xXeBRJJ-gRHeJNRDw3GbRMB30kzec9QRwiR0q3GE
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2899558292828265947&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2899558292828265947&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:38 GMT
X-lat
lhrpug008:0:543
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2899558292828265947&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHCpfwAAB6sqpAAJ&gdpr=0&gdpr_consent=&_test=YHCpfwAAB6sqpAAJ
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHCpfwAAB6sqpAAJ&gdpr=0&gdpr_consent=&_test=YHCpfwAAB6sqpAAJ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:39 GMT
X-lat
lhrpug005:0:810
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1617996159.082989,VS0,VE0
x-served-by
cache-fra19168-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHCpfwAAB6sqpAAJ&gdpr=0&gdpr_consent=&_test=YHCpfwAAB6sqpAAJ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:38 GMT
X-lat
amspug005:0:384
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:41f47f78-8812-49e0-b832-37ad26bd022a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:41f47f78-8812-49e0-b832-37ad26bd022a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:39 GMT
X-lat
lhrpug013:0:404
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:41f47f78-8812-49e0-b832-37ad26bd022a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 09 Apr 2021 19:22:39 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 0DDE 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=95608480-8361-4F65-A023-52716522999A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3001115148448799227
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3001115148448799227
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:39 GMT
X-lat
lhrpug012:0:321
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:39 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.187:80
AN-X-Request-Uuid
56aa3d2d-0212-49fb-aeb3-88db12d40ea8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3001115148448799227
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0DDE
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_5656c8a6-9ca3-442e-b001-afead8e9a9ef
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_5656c8a6-9ca3-442e-b001-afead8e9a9ef
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 19:22:39 GMT
X-lat
lhrpug005:0:537
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_5656c8a6-9ca3-442e-b001-afead8e9a9ef
date
Fri, 09 Apr 2021 19:22:39 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
async_usersync
ib.adnxs.com/ Frame 086B 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:39 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.132:80
AN-X-Request-Uuid
98cd8427-38fd-4e69-98f8-63807693e619
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 572D 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:39 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.17:80
AN-X-Request-Uuid
2ca1a761-a3b4-4a3d-b24c-7fd372adae8d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DECC 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:39 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid
ad89e9cc-e65e-4ef4-926c-429bdbcd3d6b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
int
lm.serving-sys.com/lm/ Frame A150 		0
230 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/int
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Disp_3_39_0/ebRichVV.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.87.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-87-49.compute-1.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AT&cos=Windows&r=banjarmasin.tribunnews.com&rs=banjarmasin.tribunnews.com&sid=5213&t=1617996156&cip=91.132.139.84&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5f4c6fa86d070d2ea259d40a&test=&aafaid=&proto=https&uid=1617996156391-930951605971-021561-002-008258&cha=0.7&cb=4808718440&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.157.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 19:22:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 		168 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&w=400&h=225&time=1617996156&cbb=7996163571
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
Server
Tengine
Content-Type
application/xml
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AT&cos=Windows&r=banjarmasin.tribunnews.com&rs=banjarmasin.tribunnews.com&sid=5213&t=1617996156&cip=91.132.139.84&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5f4c6fa86d070d2ea259d40a&test=&aafaid=&proto=https&uid=1617996156391-930951605971-021561-002-008258&cha=0.7&cb=4808718440&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5f4c6fa86d070d2ea259d40a&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5fc49f47ef635a0437416998&ncid=5fc49edb1b134965e620aa8a&pasid=5fc49efbc5291b292419112a&e=request&cb=1617996163572&asid=5fb766e909e8a7781132bf27%2C5f9b871944031e6d1a4fab56%2C5fc4a4b903a6de5b11064bdd%2C5f0e87a3db73b9083a397ae5&ofpr=3%2C1.5%2C0.8%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.157.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/211377/0/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0ecb5c242cf2159532d2a9bc262fcabdbeb1019ace6b6878d1922a39721c5a4d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.120:80
AN-X-Request-Uuid
78276f7c-4408-40d7-baa3-383a3078c570
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://banjarmasin.tribunnews.com
date
Fri, 09 Apr 2021 19:22:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 		168 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&w=400&h=225&time=1617996156&cbb=7996163646
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
Server
Tengine
Content-Type
application/xml
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AT&cos=Windows&r=banjarmasin.tribunnews.com&rs=banjarmasin.tribunnews.com&sid=5213&t=1617996156&cip=91.132.139.84&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5f4c6fa86d070d2ea259d40a&test=&aafaid=&proto=https&uid=1617996156391-930951605971-021561-002-008258&cha=0.7&cb=4808718440&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5f4c6fa86d070d2ea259d40a&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5fc49f47ef635a0437416998&ncid=5fc49edb1b134965e620aa8a&pasid=5fc49efbc5291b292419112a&e=request&cb=1617996163647&asid=5fb766e909e8a7781132bf27%2C5f9b871944031e6d1a4fab56%2C5fc4a4b903a6de5b11064bdd%2C5f0e87a3db73b9083a397ae5&ofpr=3%2C1.5%2C0.8%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.157.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7259c8d9f544af6a3717a04f6c176ad5dcea43514092aeb7812935da281fd9e5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.41:80
AN-X-Request-Uuid
3d3ad28c-f64c-4d42-86b2-830034ee6ca6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://banjarmasin.tribunnews.com
date
Fri, 09 Apr 2021 19:22:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/211377/0/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 		168 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&w=400&h=225&time=1617996156&cbb=7996163735
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
Server
Tengine
Content-Type
application/xml
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AT&cos=Windows&r=banjarmasin.tribunnews.com&rs=banjarmasin.tribunnews.com&sid=5213&t=1617996156&cip=91.132.139.84&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5f4c6fa86d070d2ea259d40a&test=&aafaid=&proto=https&uid=1617996156391-930951605971-021561-002-008258&cha=0.7&cb=4808718440&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5f4c6fa86d070d2ea259d40a&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5fc49f47ef635a0437416998&ncid=5fc49edb1b134965e620aa8a&pasid=5fc49efbc5291b292419112a&e=request&cb=1617996163736&asid=5fb766e909e8a7781132bf27%2C5f9b871944031e6d1a4fab56%2C5fc4a4b903a6de5b11064bdd%2C5f0e87a3db73b9083a397ae5&ofpr=3%2C1.5%2C0.8%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.157.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b0ef02fc0fef10e6a51fb8eb43f57dfab1d1479cfca16116fecfa3298a659516
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.17:80
AN-X-Request-Uuid
a0be39be-a681-4083-814b-daeb9e4e9955
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/211377/0/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://banjarmasin.tribunnews.com
date
Fri, 09 Apr 2021 19:22:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 		168 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&w=400&h=225&time=1617996156&cbb=7996163822
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
Server
Tengine
Content-Type
application/xml
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AT&cos=Windows&r=banjarmasin.tribunnews.com&rs=banjarmasin.tribunnews.com&sid=5213&t=1617996156&cip=91.132.139.84&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5f4c6fa86d070d2ea259d40a&test=&aafaid=&proto=https&uid=1617996156391-930951605971-021561-002-008258&cha=0.7&cb=4808718440&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5f4c6fa86d070d2ea259d40a&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5fc49f47ef635a0437416998&ncid=5fc49edb1b134965e620aa8a&pasid=5fc49efbc5291b292419112a&e=request&cb=1617996163823&asid=5fb766e909e8a7781132bf27%2C5f9b871944031e6d1a4fab56%2C5fc4a4b903a6de5b11064bdd%2C5f0e87a3db73b9083a397ae5&ofpr=3%2C1.5%2C0.8%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.157.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/211377/0/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://banjarmasin.tribunnews.com
date
Fri, 09 Apr 2021 19:22:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3eceffb7158fe3f9a031f9d3774ded21a0175cbf389521d275c7d3357bade99
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.57:80
AN-X-Request-Uuid
d318a231-bfd4-4453-81cf-79aa11e60210
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 		168 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fbanjarmasin.tribunnews.com%2F&w=400&h=225&time=1617996156&cbb=7996163927
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f4c6fa86d070d2ea259d40a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
Server
Tengine
Content-Type
application/xml
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AT&cos=Windows&r=banjarmasin.tribunnews.com&rs=banjarmasin.tribunnews.com&sid=5213&t=1617996156&cip=91.132.139.84&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5f4c6fa86d070d2ea259d40a&test=&aafaid=&proto=https&uid=1617996156391-930951605971-021561-002-008258&cha=0.7&cb=4808718440&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5f4c6fa86d070d2ea259d40a&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5fc49f47ef635a0437416998&ncid=5fc49edb1b134965e620aa8a&pasid=5fc49efbc5291b292419112a&e=request&cb=1617996163927&asid=5fb766e909e8a7781132bf27%2C5f9b871944031e6d1a4fab56%2C5fc4a4b903a6de5b11064bdd%2C5f0e87a3db73b9083a397ae5&ofpr=3%2C1.5%2C0.8%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.157.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:22:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/211377/0/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:43 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ac7b12cfe29f4b67956e9e6702e9bdd69bd19c08b9592107698fa682b65d5ddb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 19:22:44 GMT
X-Proxy-Origin
91.132.139.84; 91.132.139.84; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.147:80
AN-X-Request-Uuid
bbfb3e44-3e41-40a0-98e0-58bd46b865b0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://banjarmasin.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banjarmasin.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://banjarmasin.tribunnews.com
date
Fri, 09 Apr 2021 19:22:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
dc_oe=ChMInsyBsPHx7wIVN4aDBx07JggEEAAYACDjmINHQhMIsKbHr_Hx7wIVDnvTCh1fWA5S;met=1;&timestamp=1617996165972;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C667 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInsyBsPHx7wIVN4aDBx07JggEEAAYACDjmINHQhMIsKbHr_Hx7wIVDnvTCh1fWA5S;met=1;&timestamp=1617996165972;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIl86BsPHx7wIVgwyLCh3tfwObEAAYACCigYlGQhMIsabHr_Hx7wIVDnvTCh1fWA5S;met=1;&timestamp=1617996166312;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame ECC9 		42 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIl86BsPHx7wIVgwyLCh3tfwObEAAYACCigYlGQhMIsabHr_Hx7wIVDnvTCh1fWA5S;met=1;&timestamp=1617996166312;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIgKSBsPHx7wIVQwSLCh1MUQc_EAAYACC455Y-QhMIrqbHr_Hx7wIVDnvTCh1fWA5S;met=1;&timestamp=1617996166318;eid1=2;ecn1=0;etm1=9;eid2=12;ecn2=0;etm2=8;eid4=14;ecn4=1;etm4=0;eid6=16;ecn6=1;etm6=0;eid8...
ade.googlesyndication.com/ddm/activity/ Frame 46BE 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgKSBsPHx7wIVQwSLCh1MUQc_EAAYACC455Y-QhMIrqbHr_Hx7wIVDnvTCh1fWA5S;met=1;&timestamp=1617996166318;eid1=2;ecn1=0;etm1=9;eid2=12;ecn2=0;etm2=8;eid4=14;ecn4=1;etm4=0;eid6=16;ecn6=1;etm6=0;eid8=960584;ecn8=1;etm8=0;eid10=18;ecn10=1;etm10=0;eid12=960585;ecn12=1;etm12=0;
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 19:22:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIxLCJsPHx7wIV0_d3Ch0qhQU0EAAYACCigYlGQhMIsqbHr_Hx7wIVDnvTCh1fWA5S;met=1;&timestamp=1617996166559;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 2248 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxLCJsPHx7wIV0_d3Ch0qhQU0EAAYACCigYlGQhMIsqbHr_Hx7wIVDnvTCh1fWA5S;met=1;&timestamp=1617996166559;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| dataLayer function| SpotXPrebidRegular number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits object| pbjs object| googletag function| sendAdserverRequest function| GLightbox object| ggeac object| google_js_reporting_queue function| moveScroller_menu function| moveScroller_sec number| ia number| ibc object| google_tag_manager function| loadmore object| google_tag_data string| GoogleAnalyticsObject function| ga object| FB function| moveScroller_boxright function| moveScroller_menu2 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| pbjsChunk object| _pbjsGlobals object| Criteo function| lozad object| _atrk_opts object| _comscore object| core object| firebase string| site undefined| uuid_c undefined| ukid undefined| id undefined| jixie_id undefined| city undefined| useragent undefined| uuid function| setCookie function| getCookie object| Base64 object| script string| curr_url string| full_domain string| domain_login string| domain_name string| service function| ajaxload function| ajaxload2 function| fbox function| fbox_close function| login function| register object| jQuery18309802192668418519 object| gaplugins function| udm_ object| ns_p object| COMSCORE object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_984294 function| atrk boolean| _atrk_fired object| gaGlobal object| gaData object| jxtrkr object| ls string| actionjixie object| jixie_o object| jixie_p object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106 object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| aniplayerPos function| avPlayer object| storageAni object| google_image_requests

0 Cookies

2 Console Messages

Source Level URL
Text
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32)
Message:
a: 0.0029296875 ms
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 12)
Message:
Deprecated property or method 'Ticker.setFPS'. See docs for info.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src: 'self' *.tstatic.net *.kompas.com; frame-ancestors 'self' *.tstatic.net fonts.google.com adservice.google.co.id adservice.google.com *.gstatic.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google-analytics.com datastudio.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io *.alexametrics.com *.openx.net *.jixie.io *.facebook.net
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f92aa0201adae38bbe1d91a752fea15.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
accounts.google.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
adservice.google.at
adservice.google.com
ampcid.google.com
ampcid.google.de
apis.kompas.com
asset.kompas.com
banjarmasin.tribunnews.com
bf72ea5a466a086148209f1979b033f6.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
bs.serving-sys.com
c1.adform.net
cdn-1.tstatic.net
cdn-2.tstatic.net
cdn-3.tstatic.net
certify.alexametrics.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
d31qbv1cthcecs.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.urekamedia.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hb.jixie.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
kompascybermedia-d.openx.net
lm.serving-sys.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
maxcdn.bootstrapcdn.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.tapad.com
player.aniview.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prg8.smartadserver.com
pubmatic-match.dotomi.com
r3---sn-4g5ednly.c.2mdn.net
rtb-csync.smartadserver.com
rtb.gumgum.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.jixie.io
search.spotxchange.com
secure-ds.serving-sys.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
solution.urekamedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tag.1rx.io
tag.targeting.unrulymedia.com
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
tra.jixie.io
track1.aniview.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.up.banjarmasinpost.co
x.bidswitch.net
ade.googlesyndication.com
103.27.206.197
104.111.238.139
104.111.242.245
104.111.247.190
104.75.88.200
104.75.88.214
104.75.89.8
104.76.201.56
125.212.217.46
13.67.9.0
13.67.9.5
142.250.185.162
142.250.186.98
143.204.209.25
143.204.209.84
143.204.209.97
143.204.229.13
151.101.14.49
159.253.128.183
159.65.196.12
163.181.56.210
169.197.150.7
172.217.18.98
178.250.0.165
178.250.2.151
184.31.84.150
185.29.133.52
185.33.220.240
185.33.221.15
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.216
185.64.190.78
185.64.190.80
185.86.137.17
185.86.138.142
185.94.180.123
198.148.27.139
199.232.137.44
2001:678:cb4:bbbb::11
213.155.156.165
213.19.147.210
216.58.212.162
2606:4700:10::ac43:db6
2606:4700:20::ac43:4a81
2606:4700:3033::ac43:853a
2606:4700::6812:acf
2606:4700::6812:d05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:67::8
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200d
2a00:1450:4001:813::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:400c:c1b::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:10c:48b::2c79
2a02:fa8:8806:16::1400
2a03:2880:f053:f:face:b00c:0:3
2a03:2880:f153:82:face:b00c:0:25de
3.121.70.57
3.125.99.7
3.126.56.137
3.208.157.160
3.209.1.118
34.247.209.159
34.255.212.202
34.98.107.212
34.98.64.218
35.171.145.49
35.201.96.126
35.227.248.159
37.157.4.23
52.16.188.154
52.17.151.21
52.19.211.247
52.222.179.94
52.28.196.155
52.51.154.44
52.58.26.10
54.192.210.10
54.205.87.49
54.230.183.21
54.230.183.55
66.155.71.150
72.251.241.206
77.243.60.138
80.252.91.53
85.114.159.118
87.98.252.5
0069d1c1ee46275e447c2433a9dc21e4116e36ed6f860ecdba8e5870679136d5
01ce9078339e0b847b50899a774d0688d777017fcff9d128cc20fb21944aa5f2
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
081a28dfa5acc18a525c552aa51fc5a0bc1e2eb1c387db969b8f8af3d77a530d
095ef73b59749f0a6c01cfd110657272919b7a4ccdf23c14a68cdcbd0cda5d2f
0b34a58e197326397bb9bcc59ad938a884888b622415fdf569b43475dfcce983
0b531be3740d838df8c87092d3b7edf3761187dde8318c1460a2a7773cbf1d94
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
0e534bedd8f44847e6cb2242b1a792a39b444af08458ff646361da20095afdd4
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
0ecb5c242cf2159532d2a9bc262fcabdbeb1019ace6b6878d1922a39721c5a4d
1028e6c264ccb5e7a11f656490b6388a0cd366c725dec74a5e66d53e51c9735a
10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12bf4a94a12f884561b2fad68b81e6e931b57880d7dffd1ec6ff14f5eb0e9bc0
130368e1880972a560164d6a42407eb853179a8eb98aa11b3ec7605296dfe775
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
1683bf67bf7e9ed81d1b1d42e95f3c58d7c292e0e20e88b101f7dde8ce3a9799
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1cc8973d1965d3676ce68657d5caabc0bb05078786f110c4116fd4f39c250b6c
1e51d6f2797b90ca931fa74f3fb2e747c2cf591df7e8d7e330926fff439c82ba
1ff9a368a091c20f658d3286670c910050c3a2a7bd17023b83ac549c6aa16b4f
208288a9d9378f541abf5c9d67ff9a9811bcfa3f11b3e426d03ba380d687fc84
2182230d8b5738d67101a6e29b1ea5ef03db19c33c7dd2e7f71c5f9f6500db32
23b7262c0e6b8d68e1afd93ba94195c506cf061eba61a32df54e17e0b0fb8ff0
24496720a823c47ec90503d986e145f444fb51273a8f15f70d946f925febd8e9
25b25db626ba941b4befdf466600de3488fc48ccea31d20b6f7587f3ef6751bb
2cc197988eeeaf91a8f34593ac515c798aa5df085d2ca011e489ab29e047bc32
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
317af6251f93a4ef954fa1f31a5e0ec58ca37b17e05fb6df7d4d156a9e5f8ef5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
351a16c4ade64bd6d66f3529431a75c482c1b784f332c05e5a09cbefa8287eee
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3718276885a3a794737c0003455305424a9951854fdff7bd5ed92cedca854710
3a9ab580fc7d2d6695e9b17f0a28a63aff43f89fa27276eb6e6250486b509307
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
3c1157aad6564547a0e2524fdc2dea43f74f7a112d34a239b9887e8cf1559fab
3d048a022e43a31b5261e0c8e7151a95d66bba0af19d79f22c40185c09b26301
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ea126aedd47dce95bd1dc2ce98ad419eb9f4c0e094ef425191c0ca394335385
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fd614b22a01473bf04705b5b1bf254e40184a8ff89b8c4452236ea314e67c75
3fef517592e88ffeece27b237207133904ffd02baaa34f8f69e330a798b7b26b
40a02e0b6e4b8615884fde3c08fd6dd8a45c9a98f3ac2d016e1d428db4c38d1d
40aa602f25590ccece6e369411335d448895104817a3aa62009d1e4dae94ee81
40e0ea838e18d8aa48bbdcad2c52699604780919a5db9a90204b95c68c19ebed
444b64dc34e8c5d2d72b1b5fad6c446fc4a046b1bd39a97aa9845068b549685e
44ca6f52d583281516e3a7dfb6ac8ad7ebd053ce2456f413be44f6c13576de6b
47d5ce6935a6267bd1fff30eb4648bbf887affd6ee5a954b08cb0196744be480
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cc8d53db49d68e0a9d3bbe4a6ca33cf61d3e303fd2d454a3e8703a74c5a73f2
4dea9fd3eb0528b23ed2638bb4bbc2dbbc32117981aab8820b49038f7e0ad21b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ebc3dbfe2ac1a4bcd8afc41939679eb300e1503eff1d602bc13e05312a45809
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52c93e3062d05ac961d93f0dcb33e826673778109ee29bb1c3ec82e3ccddcde3
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
555fe9658fab13e8ce2b127a4f27256d78b19cf4cf79cb7c2f8b6b056a9096af
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
57d87f4202b259833def537015880ebd3733bb40d19c95df1da49ba126c3b397
5906e1f35219de6584413e0e8e75f2df625bd04d59f9518c8f08afcade47843e
59a56a9fe9d02cb9bc5d1c9c6986a65bb081c3e6e3d4c337c57db88fecb9ad29
5a2e2f76be747221544fc8417e760d333e2793f8669366bb3990702dcf68f61c
5a8e3760f6b719bd08610ae7bfb01ef5556667229fc60805a377d664d9dbfbc0
640efe21d02bb10957397783c9f9232e1cfeb15eeef85cc47b9455f56b8c3c73
65644c3d6b01e49be0e25e9b3eeef845bb001b4a343f3f4da474b8d41cc1d264
661a700ebe7938e71c43fc80106c0b6e463386bb18ca8cae9500ca70ad7629e7
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
693b5cfde4de7d25c072c93b6eac75cc460bed1e360824cb514db4188f1d23cc
6a764718006443bf75db60d5a4adea6a2aba9275c4e31bc347f7aa97aee2bade
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6d2ff10a5568ddab0b9a660a173fa950e243600d56d9e7e5575eb8f8ac05ffdf
6e3af2ede97eb5043a0a66cc528129367597347ed7795c8fb5d9bdc7c4fd78ab
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696
7259c8d9f544af6a3717a04f6c176ad5dcea43514092aeb7812935da281fd9e5
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
75ae1388e63db6f0db7f03d2f06d970330f4717903fd7e03d8e4b5c04dc191ed
75f1e376e97be7d842d2d604d5bbd8c30e005aa7d5622a39de190cecfcacad2d
7a2aad8b26717505221895e70e44c0a4da38aeb0d4e11a09f2a31060ecf9920f
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
7d7e2d8c46ba5754884aa066b5e96e2eb5df0dbd8598b4e249f6050fdfa909d9
7ff9d4ae2b3407b031e3359007ff4d7ac9e0b342f25ce44c77d3cb7f14f65043
821b62f0d594edbd005b17fcf859683c7740f037af74b33b715c9b18bb726811
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87149fd94893b18ac4ebc8adc4cff6b5b22bcdafa57f96c9803781cdb9e68dea
8832e49ebde4a37066d7a19b4620f4a65eaf150c9c417281d71a7ea5aa0c89db
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
88a02ce551a987804053ffc1adb0ff9f144d2e5b44a2303738090c1c250a9055
88a5da05a90e0589e7d60e9787b9a690d06e7d7bdd52191a284d32fb203cc255
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c4ac745f1e51c2ae8caf0e6947fbac9caaac240022c22fa004bf495401176a3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f621115383a45836f2a43f4b9b51072c147a6159be3308a1b285d29fe2de310
90c967a7dca88dee0c9d617d90f60a3ca9da84e6c1934a47863363a98fa781e7
91e1697d6dfcbe150fe1d37c193813122691bf706b8c90e57f21408025173190
92d6b966c3b2fb58c469e35de5c5cdf8cdaa30ea9bb7a3e15e1b86765f892452
93ad25346390323235a0b27d7f517853a0b911cb94f0755786ee858f2626acaf
963a9ebe36ac555b2141733a345d7087d4ec3369acb660e17c6d59477459a502
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
988fff2b2725b99cd88d4a226414997a1445ec4d2d5a586a6375df1591618ab1
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9c8c9f00b0652ada20b90b3afdf64f072615eaeb0c157b790fd5b58d2f215352
9e8a71d2020a8d484f18436f0a8af7d90372a4308bf936973573ed430c57f51b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2468a1912e09c093db788416e26a66986e0caa39144ec53e606aa2b5b667fa2
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54f204f81928b4de9e0a1c62eb9c6bb3191833ad093e725c075d46411888391
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac7b12cfe29f4b67956e9e6702e9bdd69bd19c08b9592107698fa682b65d5ddb
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
aedfe0d8a8c57ad73aa9b50a679e4ecc1aac105135845e1bbab90848501f67fa
af5885715f403edb9be18e3f244de575862229474d957e5bcd75cb5e036bc9ca
b0ef02fc0fef10e6a51fb8eb43f57dfab1d1479cfca16116fecfa3298a659516
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b5474822f2c0ff20ba41097c37b6f27786fbc9311bf5c42d5ddd6bc8cf4981c9
b5882b50944b49be3c6e08e8f3345c9768fe492a443a6fe3a61cb289dc428e78
b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037
ba50c6f059f906ab0b261934f633d22da23b4683d60e8a240ab4d059d6d4ef22
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd614bdff3d478e23af99cb24cfb845e0c7c480d17de36c0dd02383ab9e743ec
bd867bea8cd376bea60ad18877ae11a0f50a630db7c1e451e38dfde4f222e0ed
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2
c26dfa3c9005232a7a79003f0577df7d2efe5786bd50b98916b38a33f69acf88
c27da17601d18737a82132bcfb99b884e111eae0afdbdc18ebf270d0c5974529
c6081c0d265461e1d2edfcdd275ac4cfaf1fe3dda511c2946618d0a892c986de
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6b996ea1814dbda1dd90e6b234cd4f6ee4e54113c264b52f84a092eac83666b
c6c65f5b0002dc5d89cb6e5bcf6651adc927b964ab20c6e5b72bbda1a4eda2b2
c89503c7cc6addc3d2761da1764e979eaf9bc93ff5ca9c484821958ab1fa0181
c89556d402493b53d306694fe6ee3a0a359ffad6a67d5d032bece65d0857426e
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb1d1e4b05a3c097ed91e9759d13f4a37deb498114a1d2dceaae50d54635f194
cb2ad22433044455b68fe8b93ae34ffda313c3c9bcee57e56b3ca714e73f8be9
cb6f8760c75d115cb07e20e5aa89cd9c214deeb7b31aa5beea918a499e75d5f2
cd28009d3decd8ae75d5392267dbf22b991ddc0d3d2798f1e397318bf5656b0c
ce1973c0c3ca7fb42ef70ac00a7941e8c47c5abbb3ce346a21460b6df523e951
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d57327b082d55df9b01342d3b1ad2d7fa7f4d01793e34d1bc8a22c693f83f0e0
d61188ec7c3f93e904a88d6c3b9a7ae3f2d4dbeea1b6470fb59be792305eb04e
d71a7231fb8ac422000f863839f6e3e718d3f40e9e0344099efbfe43c3c7c3bc
d7e6baf20f7eae175ae8d6cc3dba3bd1fc2cbb3864c426dbabff18a933c8cb49
d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69
d8f923fdf995ed30f5bcdb2981dbdca5bb027f431378ca2a04733cfcddfb0601
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
dbba45cb3355a22c9ddd6893732795b6746e460fc1ac52e77b5268ec9d685f5f
dc5b722d2ede843c41d3198c0e03a5e365bfff38f9787d0999e4725dac82a54b
dcc25ad839e618d26df7fb561358d19b978d287df2ee761f2e1db51bbf7d9d4b
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de4be51dee3e85acaa5b96f3e176b98a5764e5b262def5375631f9f9bedd8e0e
e24d73739053879d73bf3b1c06647e834bc56f4fd0ec7d93e2ce6d11592295ad
e2a13f62ff6d3e3ec41570ec87925881e81a046db39240e61f51815315c74d32
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e2fbd31953687213ca608175f69dc8cc6bb81dc3493ecbde9434b14987cb752c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eceffb7158fe3f9a031f9d3774ded21a0175cbf389521d275c7d3357bade99
e507dac9ac12a8ea56033ba6de3d0cbb6cc360e9232af3d6cb19fa3e846f65a0
e6770d87b19b2f1de90654900471df074b0c098119c640f57da04b34189e2428
e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce
e8795e7756745decfb0f4ea1fa493c86890a4f56114eaa1879df228b9bf765b3
e882b800252581c822acdeb6b53057da6f18362e15e22dee5e18d4fd8330eec9
eb071a21e509d0458b8860ec83da00df3647f6e3aea5b731571de8df3aaea58e
ec8d08aca5b3e90f3d5987705a7cedd31d51ddd098c941612c6b50142e94fc69
ed6bc58d6fba10e686e4551757aac7c50c6958fa6eff783c01216ffc846a4527
ee6e18a5143397b541cb8f801af593d9969ecfbeaaeba16899cc75a0eb08b14c
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f383d71bd96d0e23e8914e68dd64e5984d48e2865e6ceaa88d0e123bd6abb0f5
f3a70f43b5750186ee6c18a34f72d6f73f7033d5b458d3287d4a81107e5d8868
f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952
f47471743e83ebc93ca9bd8b67a6e96fd46d18ad76088cdb256d92602ed30d09
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f59bb0cbb9ae64cb10fc46fff934722f8d82eb00048771419dea4666d307d3fb
f6d64a081cc23a3255ae098398e7651dfe20ca7e5149462855e7a10a9f48f4e4
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7f51dd9baef0d730ea3a2e5b808626fdbde8cdebf3a7551c9e66861cce03385
f8a025d62f50a0de83365c65c788aa96e1b56f2a677e84831c73121e2be99751
fa806ee163c77ac1fd3e7e235dc9a1417235c399f0a70991720a64b7b41ade27
fc855d8f0efb146ddaf7b56fc4792c13b9aca92cd0548be831dc8ff2aadade36
ff639f2169daa1367ba8f1d057486804f0cb94abcd2d96185eec076b838d4dea