urlscan.io logo urlscan.io
SecurityTrails logo

medan.tribunnews.com Open in urlscan Pro
18.66.97.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://medan.tribunnews.com/
Effective URL: https://medan.tribunnews.com/
Submission: On September 05 via api from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 132 IPs in 14 countries across 94 domains to perform 555 HTTP transactions. The main IP is 18.66.97.99, located in United States and belongs to AMAZON-02, US. The main domain is medan.tribunnews.com.
TLS certificate: Issued by Amazon on August 4th 2021. Valid for: a year.
This is the only time medan.tribunnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 18.66.97.99 16509 (AMAZON-02)
15 18.66.97.29 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
11 216.58.212.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 195.181.175.49 60068 (CDN77 ^_^)
1 13.32.121.33 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
29 18.66.112.118 16509 (AMAZON-02)
12 89.187.169.47 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.52 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.118 16509 (AMAZON-02)
1 5 13.32.121.21 16509 (AMAZON-02)
1 2a03:2880:f12... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 185.94.180.123 35220 (SPOTX-AMS)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 11 185.86.137.114 201081 (SMARTADSE...)
1 2.18.232.7 16625 (AKAMAI-AS)
1 20.44.221.77 8075 (MICROSOFT...)
2 4 34.98.64.218 15169 (GOOGLE)
12 178.250.2.131 44788 (ASN-CRITE...)
1 213.19.147.43 26120 (RHYTHMONE)
1 184.31.84.150 16625 (AKAMAI-AS)
1 18.66.112.122 16509 (AMAZON-02)
1 52.43.139.3 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a02:2638:1::3 44788 (ASN-CRITE...)
10 2606:4700:10:... 13335 (CLOUDFLAR...)
17 37.157.2.234 198622 (ADFORM)
5 185.86.138.32 201081 (SMARTADSE...)
8 33 37.252.172.38 29990 (ASN-APPNEX)
5 185.64.190.76 62713 (AS-PUBMATIC)
2 13.225.87.2 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.124 16509 (AMAZON-02)
1 2 142.250.74.198 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
27 104.19.133.78 13335 (CLOUDFLAR...)
3 61.213.187.175 2914 (NTT-COMMU...)
3 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
13 15 142.250.185.194 15169 (GOOGLE)
6 10 2.18.234.21 16625 (AKAMAI-AS)
1 18.139.121.89 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 104.19.132.78 13335 (CLOUDFLAR...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a03:90c0:41:... 199524 (GCORE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
7 3.229.193.232 14618 (AMAZON-AES)
4 2a0c:5c81:509... 55081 (24SHELLS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
4 23.37.42.132 16625 (AKAMAI-AS)
1 1 109.206.188.82 50245 (SERVEREL-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 104.19.216.61 13335 (CLOUDFLAR...)
1 104.16.199.73 13335 (CLOUDFLAR...)
7 7 18.194.49.211 16509 (AMAZON-02)
1 20 185.64.190.80 62713 (AS-PUBMATIC)
5 6 76.223.111.131 16509 (AMAZON-02)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
2 2 18.192.249.156 16509 (AMAZON-02)
1 1 62.149.0.72 15497 (COLOCALL ...)
1 3.214.14.12 14618 (AMAZON-AES)
1 185.59.208.177 43541 (VSHOSTING)
1 178.250.0.166 44788 (ASN-CRITE...)
4 202.47.25.65 2914 (NTT-COMMU...)
4 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
4 104.111.230.142 16625 (AKAMAI-AS)
34 35.186.238.232 15169 (GOOGLE)
2 2600:1901:0:e... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 20.44.221.56 8075 (MICROSOFT...)
2 2 76.223.111.18 16509 (AMAZON-02)
2 3 185.64.190.79 62713 (AS-PUBMATIC)
1 104.19.134.78 13335 (CLOUDFLAR...)
1 35.190.72.161 15169 (GOOGLE)
6 8 153.254.173.146 2914 (NTT-COMMU...)
1 222.230.178.21 2519 (VECTANT A...)
1 1 172.105.235.90 63949 (LINODE-AP...)
1 69.173.144.139 26667 (RUBICONPR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.190.36.172 15169 (GOOGLE)
13 2.18.233.180 16625 (AKAMAI-AS)
1 2600:9000:21f... 16509 (AMAZON-02)
1 162.55.233.29 24940 (HETZNER-AS)
2 2a04:4e42:400... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.129.26 54113 (FASTLY)
3 184.30.21.112 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.196.237.128 16509 (AMAZON-02)
2 142.250.186.130 15169 (GOOGLE)
1 213.174.135.2 39572 (ADVANCEDH...)
2 23.227.138.196 55081 (24SHELLS)
2 18.185.190.29 16509 (AMAZON-02)
2 2600:1901:0:2... 15169 (GOOGLE)
2 2.16.186.120 20940 (AKAMAI-ASN1)
1 185.64.189.115 62713 (AS-PUBMATIC)
3 4 37.157.4.23 198622 (ADFORM)
2 2 213.155.156.169 1299 (TELIANET ...)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 3 52.49.238.187 16509 (AMAZON-02)
1 162.55.6.212 24940 (HETZNER-AS)
1 1 213.19.147.44 26120 (RHYTHMONE)
1 173.231.180.197 29791 (VOXEL-DOT...)
1 1 87.98.128.108 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a04:4e42:3::300 54113 (FASTLY)
1 151.101.13.44 54113 (FASTLY)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 185.29.134.248 30419 (MEDIAMATH...)
2 185.64.189.114 62713 (AS-PUBMATIC)
2 3 51.210.112.63 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
1 169.50.137.190 36351 (SOFTLAYER)
2 2 3.126.56.137 16509 (AMAZON-02)
1 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 52.58.28.115 16509 (AMAZON-02)
3 3 2001:678:cb4:... 56396 (TURN)
2 2 151.101.14.49 54113 (FASTLY)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 52.48.175.241 16509 (AMAZON-02)
1 1 52.205.83.58 14618 (AMAZON-AES)
2 185.64.190.75 62713 (AS-PUBMATIC)
6 67.220.182.50 55081 (24SHELLS)
6 146.20.132.150 27357 (RACKSPACE)
6 107.151.2.114 55081 (24SHELLS)
1 185.64.190.81 62713 (AS-PUBMATIC)
4 151.139.128.11 20446 (HIGHWINDS3)
10 146.20.128.187 27357 (RACKSPACE)
8 146.20.128.77 27357 (RACKSPACE)
2 142.250.185.162 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.2.146 44788 (ASN-CRITE...)
555 132
3    18.66.97.99 (United States)

ASN16509 (AMAZON-02, US)
medan.tribunnews.com
15    18.66.97.29 (United States)

ASN16509 (AMAZON-02, US)
cdn-1.tstatic.net
apis.kompas.com
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
11    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    195.181.175.49 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-47.cdn77.com
delivery.r2b2.io
1    13.32.121.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-33.fra60.r.cloudfront.net
cdn-3.tstatic.net
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
29    18.66.112.118 (United States)

ASN16509 (AMAZON-02, US)
cdn-2.tstatic.net
12    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.bhisma.cloud
creatives.b-cdn.net
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    18.66.97.52 (United States)

ASN16509 (AMAZON-02, US)
sttribunnews.kompas.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.97.118 (United States)

ASN16509 (AMAZON-02, US)
d31qbv1cthcecs.cloudfront.net
5    13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:811::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
ampcid.google.de
6    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
11    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
prg8.smartadserver.com
www8.smartadserver.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    20.44.221.77 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hb.jixie.io
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
kompascybermedia-d.openx.net
eu-u.openx.net
us-u.openx.net
12    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    18.66.112.122 (United States)

ASN16509 (AMAZON-02, US)
certify.alexametrics.com
1    52.43.139.3 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-139-3.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
4    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
10    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
17    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
5    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
33    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
5    185.64.190.76 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
openbid.pubmatic.com
2    13.225.87.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-2.fra2.r.cloudfront.net
adsimg.kompas.com
12    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    18.66.97.124 (United States)

ASN16509 (AMAZON-02, US)
universal.jixie.io
2    142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
ad.doubleclick.net
6    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
27    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
3    61.213.187.175 (Japan)

ASN2914 (NTT-COMMUNICATIONS-2914, US)
js.genieessp.com
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
19    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
12    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
15    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
10    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    18.139.121.89 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-121-89.ap-southeast-1.compute.amazonaws.com
ad.jixie.io
2    2607:f8b0:400a:805::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
2    2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.aniview.com
player.aniview.com
3    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
1    2a02:26f0:6c00::210:bb91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
7    3.229.193.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-193-232.compute-1.amazonaws.com
track1.aniview.com
4    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
s.vertamedia.com
ads28.vertamedia.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    109.206.188.82 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.188.82.serverel.net
sync.e-volution.ai
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    104.19.216.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
1    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
7    18.194.49.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
20    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
6    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
2    18.192.249.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-249-156.eu-central-1.compute.amazonaws.com
prod.perf-serving.com
1    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
1    3.214.14.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-14-12.compute-1.amazonaws.com
go1.aniview.com
1    185.59.208.177 (Czech Republic)

ASN43541 (VSHOSTING, CZ)
PTR: webgarden-track-lb-ha.vshosting.cz
log.r2b2.io
1    178.250.0.166 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtax.criteo.com
4    202.47.25.65 (Japan)

ASN2914 (NTT-COMMUNICATIONS-2914, US)
ialaddin.genieesspv.jp
4    2a02:26f0:ef::5f65:4d45 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
dmp.im-apps.net
4    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
video-ads.rubiconproject.com
34    35.186.238.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.238.186.35.bc.googleusercontent.com
ads.viralize.tv
2    2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
audiencedata.im-apps.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    20.44.221.56 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
traid.jixie.io
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)
servicer.mgid.com
1    35.190.72.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
fqtag.com
8    153.254.173.146 (Japan)

ASN2914 (NTT-COMMUNICATIONS-2914, US)
cs.gssprt.jp
1    222.230.178.21 (Sapporo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
rt.gsspat.jp
1    172.105.235.90 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
g.c.appier.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    2606:4700::6812:9ca (United States)

ASN13335 (CLOUDFLARENET, US)
static.viralize.tv
1    35.190.36.172 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 172.36.190.35.bc.googleusercontent.com
cdn.fqtag.com
13    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
vpaid.pubmatic.com
aktrack.pubmatic.com
1    2600:9000:21f3:9800:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
1    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
2    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    151.101.129.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
3    184.30.21.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    18.196.237.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
optimized-by.rubiconproject.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pubads.g.doubleclick.net
1    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
static.vertamedia.com
2    23.227.138.196 (Piscataway, United States)

ASN55081 (24SHELLS, US)
pixel.adtelligent.com
2    18.185.190.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-190-29.eu-central-1.compute.amazonaws.com
ice.360yield.com
2    2600:1901:0:298e:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
aux.fqtag.com
2    2.16.186.120 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-120.deploy.static.akamaitechnologies.com
creatives.sascdn.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.169 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    52.49.238.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-238-187.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
1    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    87.98.128.108 (France)

ASN16276 (OVH, FR)
green.erne.co
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
match.taboola.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
loada.exelator.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
1    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    52.58.28.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
sonata-notifications.taptapnetworks.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    52.48.175.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
1    52.205.83.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
2    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
6    67.220.182.50 (Piscataway, United States)

ASN55081 (24SHELLS, US)
aux-log1-sh.vertamedia.com
6    146.20.132.150 (United States)

ASN27357 (RACKSPACE, US)
ssp.lkqd.net
v.lkqd.net
6    107.151.2.114 (Piscataway, United States)

ASN55081 (24SHELLS, US)
aux-log2-sh.vertamedia.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
4    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
ad.lkqd.net
10    146.20.128.187 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
8    146.20.128.77 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
ade.googlesyndication.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
Apex Domain
Subdomains		 Transfer
48 pubmatic.com
hbopenbid.pubmatic.com
openbid.pubmatic.com
simage2.pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
ads.pubmatic.com
vpaid.pubmatic.com
image6.pubmatic.com
image4.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com Failed
simage4.pubmatic.com
166 KB
44 tstatic.net
cdn-1.tstatic.net
cdn-3.tstatic.net
cdn-2.tstatic.net
556 KB
38 viralize.tv
ads.viralize.tv
static.viralize.tv
476 KB
38 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
ad.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
215 KB
36 googlesyndication.com
4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
ade.googlesyndication.com
301 KB
33 adnxs.com
ib.adnxs.com
secure.adnxs.com
26 KB
32 mgid.com
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
video-native.mgid.com
197 KB
28 lkqd.net
ssp.lkqd.net
ad.lkqd.net
v.lkqd.net
cs.lkqd.net
t.lkqd.net
136 KB
21 adform.net
adx.adform.net
c1.adform.net
10 KB
17 criteo.com
bidder.criteo.com
rtax.criteo.com
dis.criteo.com
gum.criteo.com
mug.criteo.com
9 KB
16 smartadserver.com
prg8.smartadserver.com
prg.smartadserver.com
www8.smartadserver.com
9 KB
15 vertamedia.com
s.vertamedia.com
static.vertamedia.com
ads28.vertamedia.com
aux-log1-sh.vertamedia.com
aux-log2-sh.vertamedia.com
44 KB
13 rubiconproject.com
fastlane.rubiconproject.com Failed
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
video-ads.rubiconproject.com
token.rubiconproject.com
optimized-by.rubiconproject.com
66 KB
12 2mdn.net
s0.2mdn.net
846 KB
11 googleapis.com
imasdk.googleapis.com
fonts.googleapis.com
ajax.googleapis.com
1 MB
11 casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
9 KB
11 jixie.io
hb.jixie.io
universal.jixie.io
ad.jixie.io
traid.jixie.io
13 KB
11 google.com
accounts.google.com
ampcid.google.com
www.google.com
adservice.google.com
76 KB
10 aniview.com
tg1.aniview.com
track1.aniview.com
player.aniview.com
go1.aniview.com
106 KB
10 connectad.io
i.connectad.io
2 KB
8 gssprt.jp
cs.gssprt.jp
4 KB
8 bhisma.cloud
cdn.bhisma.cloud
616 KB
7 bidswitch.net
x.bidswitch.net
3 KB
6 im-apps.net
dmp.im-apps.net
audiencedata.im-apps.net
7 KB
6 adsrvr.org
match.adsrvr.org
3 KB
6 googletagservices.com
www.googletagservices.com
212 KB
6 spotxchange.com
search.spotxchange.com
8 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
46 KB
5 adtelligent.com
s.adtelligent.com
sync.adtelligent.com
pixel.adtelligent.com
2 KB
5 scorecardresearch.com
sb.scorecardresearch.com
4 KB
4 fqtag.com
fqtag.com
cdn.fqtag.com
aux.fqtag.com
91 KB
4 genieesspv.jp
ialaddin.genieesspv.jp
4 KB
4 b-cdn.net
creatives.b-cdn.net
42 KB
4 criteo.net
static.criteo.net
84 KB
4 openx.net
kompascybermedia-d.openx.net
eu-u.openx.net
us-u.openx.net
1 KB
4 kompas.com
sttribunnews.kompas.com
apis.kompas.com
adsimg.kompas.com
15 KB
3 turn.com
ad.turn.com
1 KB
3 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
2 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 stickyadstv.com
ads.stickyadstv.com
2 KB
3 genieessp.com
js.genieessp.com
11 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com
77 KB
3 tribunnews.com
medan.tribunnews.com
36 KB
2 everesttech.net
sync-tm.everesttech.net
746 B
2 exelator.com
loada.exelator.com
2 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
653 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 sascdn.com
creatives.sascdn.com
756 B
2 360yield.com
ice.360yield.com
891 B
2 polyfill.io
polyfill.io
709 B
2 ravenjs.com
cdn.ravenjs.com
19 KB
2 perf-serving.com
prod.perf-serving.com
1 KB
2 creativecdn.com
creativecdn.com
687 B
2 google.de
ampcid.google.de
www.google.de
592 B
2 3lift.com
tlx.3lift.com Failed
eb2.3lift.com
788 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 facebook.net
connect.facebook.net
69 KB
2 r2b2.io
delivery.r2b2.io
log.r2b2.io
124 KB
1 ipredictive.com
sync.ipredictive.com
522 B
1 gumgum.com
rtb.gumgum.com
336 B
1 playground.xyz
ads.playground.xyz
486 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
314 B
1 quantserve.com
pixel.quantserve.com
542 B
1 simpli.fi
um.simpli.fi
611 B
1 deepintent.com
match.deepintent.com
44 B
1 ad4m.at
ad4m.at
974 B
1 erne.co
green.erne.co
327 B
1 adgrx.com
cm.adgrx.com
408 B
1 1rx.io
sync.1rx.io
243 B
1 loopme.me
csync.loopme.me
152 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 richaudience.com
sync.richaudience.com
826 B
1 appier.net
g.c.appier.net
351 B
1 gsspat.jp
rt.gsspat.jp
249 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 lentainform.com
cm.lentainform.com
494 B
1 e-volution.ai
sync.e-volution.ai
463 B
1 avplayer.com
player.avplayer.com
58 KB
1 adscale.de
hb.adscale.de Failed
js.adscale.de
5 KB
1 google.nl
adservice.google.nl
853 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com
552 B
1 unrulymedia.com
targeting.unrulymedia.com
176 B
1 teads.tv
a.teads.tv
251 B
1 facebook.com
www.facebook.com
147 B
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
2 KB
1 googletagmanager.com
www.googletagmanager.com
47 KB
0 take1rtb.com Failed
endpoint.take1rtb.com Failed
555 94
Domain Requested by
34 ads.viralize.tv player.aniview.com
static.viralize.tv
medan.tribunnews.com
cdn.ravenjs.com
29 cdn-2.tstatic.net medan.tribunnews.com
28 ib.adnxs.com 5 redirects delivery.r2b2.io
googleads.g.doubleclick.net
medan.tribunnews.com
19 pagead2.googlesyndication.com 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
medan.tribunnews.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
srcdoc
www.googletagservices.com
securepubads.g.doubleclick.net
17 adx.adform.net delivery.r2b2.io
cdn.ravenjs.com
15 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
14 cdn-1.tstatic.net medan.tribunnews.com
cdn-1.tstatic.net
13 simage2.pubmatic.com medan.tribunnews.com
ads.pubmatic.com
12 s0.2mdn.net 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
medan.tribunnews.com
s0.2mdn.net
imasdk.googleapis.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
medan.tribunnews.com
tpc.googlesyndication.com
imasdk.googleapis.com
12 bidder.criteo.com cdn-3.tstatic.net
delivery.r2b2.io
11 securepubads.g.doubleclick.net medan.tribunnews.com
securepubads.g.doubleclick.net
www.googletagservices.com
10 cs.lkqd.net ad.lkqd.net
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
10 i.connectad.io delivery.r2b2.io
9 c.mgid.com jsc.mgid.com
medan.tribunnews.com
8 t.lkqd.net ad.lkqd.net
8 cs.gssprt.jp 6 redirects medan.tribunnews.com
8 traid.jixie.io medan.tribunnews.com
creatives.b-cdn.net
8 imasdk.googleapis.com universal.jixie.io
imasdk.googleapis.com
player.aniview.com
static.viralize.tv
8 cdn.bhisma.cloud medan.tribunnews.com
7 ads.pubmatic.com delivery.r2b2.io
ads.pubmatic.com
vpaid.pubmatic.com
7 image2.pubmatic.com 1 redirects ads.pubmatic.com
7 x.bidswitch.net 7 redirects
7 track1.aniview.com medan.tribunnews.com
player.aniview.com
7 cm.mgid.com jsc.mgid.com
medan.tribunnews.com
s.adtelligent.com
6 aux-log2-sh.vertamedia.com static.vertamedia.com
6 aux-log1-sh.vertamedia.com static.vertamedia.com
6 match.adsrvr.org 5 redirects medan.tribunnews.com
6 www.googletagservices.com securepubads.g.doubleclick.net
4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
6 prg8.smartadserver.com cdn-3.tstatic.net
6 search.spotxchange.com cdn-3.tstatic.net
cdn.ravenjs.com
5 www8.smartadserver.com 2 redirects medan.tribunnews.com
5 secure.adnxs.com 3 redirects cdn.ravenjs.com
5 servicer.mgid.com jsc.mgid.com
cdn.mgid.com
video-native.mgid.com
5 cdn.mgid.com medan.tribunnews.com
jsc.mgid.com
5 openbid.pubmatic.com delivery.r2b2.io
5 prg.smartadserver.com delivery.r2b2.io
5 sb.scorecardresearch.com 1 redirects medan.tribunnews.com
jsc.mgid.com
4 v.lkqd.net ad.lkqd.net
4 ad.lkqd.net static.vertamedia.com
ad.lkqd.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 vpaid.pubmatic.com cdn.ravenjs.com
static.viralize.tv
4 static.viralize.tv player.aniview.com
static.viralize.tv
4 video-ads.rubiconproject.com player.aniview.com
4 dmp.im-apps.net js.genieessp.com
dmp.im-apps.net
4 ialaddin.genieesspv.jp medan.tribunnews.com
js.genieessp.com
4 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
delivery.r2b2.io
4 creatives.b-cdn.net tpc.googlesyndication.com
medan.tribunnews.com
4 googleads4.g.doubleclick.net medan.tribunnews.com
4 static.criteo.net cdn-3.tstatic.net
static.criteo.net
delivery.r2b2.io
4 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
3 ad.turn.com 3 redirects
3 pixel.onaudience.com 2 redirects ads.pubmatic.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 ads.stickyadstv.com medan.tribunnews.com
cdn.ravenjs.com
3 image8.pubmatic.com 2 redirects medan.tribunnews.com
3 video-native.mgid.com cdn.mgid.com
video-native.mgid.com
3 googleads.g.doubleclick.net 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
medan.tribunnews.com
3 js.genieessp.com securepubads.g.doubleclick.net
medan.tribunnews.com
3 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.google.com medan.tribunnews.com
4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 accounts.google.com cdn-1.tstatic.net
3 maxcdn.bootstrapcdn.com medan.tribunnews.com
maxcdn.bootstrapcdn.com
3 medan.tribunnews.com 1 redirects cdn-1.tstatic.net
2 gum.criteo.com 1 redirects static.criteo.net
2 ade.googlesyndication.com medan.tribunnews.com
2 ssp.lkqd.net static.vertamedia.com
2 aktrack.pubmatic.com medan.tribunnews.com
2 vid.pubmatic.com vpaid.pubmatic.com
2 sync-tm.everesttech.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 loada.exelator.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 creatives.sascdn.com medan.tribunnews.com
static.viralize.tv
2 aux.fqtag.com cdn.fqtag.com
2 ice.360yield.com cdn.ravenjs.com
2 pixel.adtelligent.com medan.tribunnews.com
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 optimized-by.rubiconproject.com video-ads.rubiconproject.com
2 polyfill.io static.viralize.tv
2 ajax.googleapis.com static.viralize.tv
2 cdn.ravenjs.com static.viralize.tv
2 eu-u.openx.net 2 redirects
2 eb2.3lift.com 2 redirects
2 audiencedata.im-apps.net dmp.im-apps.net
2 prod.perf-serving.com 2 redirects
2 creativecdn.com 2 redirects
2 s.adtelligent.com cm.mgid.com
static.vertamedia.com
2 csi.gstatic.com imasdk.googleapis.com
2 jsc.mgid.com securepubads.g.doubleclick.net
jsc.mgid.com
2 ad.doubleclick.net 1 redirects medan.tribunnews.com
2 adsimg.kompas.com securepubads.g.doubleclick.net
medan.tribunnews.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.gstatic.com medan.tribunnews.com
2 connect.facebook.net medan.tribunnews.com
connect.facebook.net
2 fonts.gstatic.com medan.tribunnews.com
fonts.googleapis.com
1 mug.criteo.com
1 simage4.pubmatic.com ads.pubmatic.com
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 sync.1rx.io 1 redirects
1 csync.loopme.me ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 ads28.vertamedia.com static.vertamedia.com
1 static.vertamedia.com player.aniview.com
1 sync.richaudience.com medan.tribunnews.com
1 js.adscale.de delivery.r2b2.io
1 cdn.fqtag.com fqtag.com
1 token.rubiconproject.com eus.rubiconproject.com
1 g.c.appier.net 1 redirects
1 rt.gsspat.jp medan.tribunnews.com
1 fqtag.com medan.tribunnews.com
1 us-u.openx.net medan.tribunnews.com
1 fonts.googleapis.com tpc.googlesyndication.com
1 s.vertamedia.com player.aniview.com
1 rtax.criteo.com js.genieessp.com
1 log.r2b2.io delivery.r2b2.io
1 go1.aniview.com player.aniview.com
1 sync.adtelligent.com 1 redirects
1 player.aniview.com player.avplayer.com
1 cm.idealmedia.io medan.tribunnews.com
1 cm.lentainform.com medan.tribunnews.com
1 pixel.rubiconproject.com medan.tribunnews.com
1 sync.e-volution.ai 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 player.avplayer.com tg1.aniview.com
1 tg1.aniview.com jsc.mgid.com
1 s-img.mgid.com medan.tribunnews.com
1 ad.jixie.io imasdk.googleapis.com
1 universal.jixie.io securepubads.g.doubleclick.net
1 adservice.google.nl securepubads.g.doubleclick.net
1 www.google.de medan.tribunnews.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com medan.tribunnews.com
1 certify.alexametrics.com medan.tribunnews.com
1 htlb.casalemedia.com cdn-3.tstatic.net
1 targeting.unrulymedia.com cdn-3.tstatic.net
1 kompascybermedia-d.openx.net cdn-3.tstatic.net
1 hb.jixie.io cdn-3.tstatic.net
1 a.teads.tv cdn-3.tstatic.net
1 hbopenbid.pubmatic.com cdn-3.tstatic.net
1 apis.kompas.com cdn-1.tstatic.net
1 www.facebook.com medan.tribunnews.com
1 d31qbv1cthcecs.cloudfront.net medan.tribunnews.com
1 www.googletagmanager.com medan.tribunnews.com
1 sttribunnews.kompas.com medan.tribunnews.com
1 cdn-3.tstatic.net medan.tribunnews.com
1 delivery.r2b2.io medan.tribunnews.com
0 endpoint.take1rtb.com Failed static.vertamedia.com
0 hb.adscale.de Failed delivery.r2b2.io
0 fastlane.rubiconproject.com Failed delivery.r2b2.io
0 tlx.3lift.com Failed cdn-3.tstatic.net
555 175
Subject Issuer Validity Valid
tribunnews.com
Amazon		 2021-08-04 -
2022-09-02		 a year crt.sh
tstatic.net
Amazon		 2021-08-04 -
2022-09-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
1838731126.rsc.cdn77.org
R3		 2021-08-25 -
2021-11-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-06-15 -
2021-09-13		 3 months crt.sh
cdn.bhisma.cloud
R3		 2021-08-21 -
2021-11-19		 3 months crt.sh
kompas.com
Amazon		 2021-05-03 -
2022-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
hb.jixie.io
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-06-17 -
2021-12-16		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
jixie.io
Amazon		 2021-05-06 -
2022-06-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.genieessp.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-30 -
2021-10-29		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.b-cdn.net
Sectigo ECC Domain Validation Secure Server CA		 2020-11-11 -
2021-11-11		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2020-09-13 -
2021-10-15		 a year crt.sh
outstreamedia.com
R3		 2021-08-03 -
2021-11-01		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-08-05 -
2021-11-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.r2b2.io
AlpiroSSL ECC DV CA		 2020-10-20 -
2021-10-20		 a year crt.sh
*.genieesspv.jp
GeoTrust RSA CA 2018		 2021-03-22 -
2022-04-22		 a year crt.sh
*.im-apps.net
DigiCert SHA2 Secure Server CA		 2021-06-25 -
2022-06-30		 a year crt.sh
s.vertamedia.com
ZeroSSL ECC Domain Secure Site CA		 2021-08-10 -
2021-11-08		 3 months crt.sh
*.viralize.tv
Sectigo RSA Domain Validation Secure Server CA		 2019-10-21 -
2021-11-18		 2 years crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2021-08-27 -
2021-11-25		 3 months crt.sh
traid.jixie.io
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-18 -
2021-11-17		 6 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.fqtag.com
R3		 2021-06-16 -
2021-09-14		 3 months crt.sh
cs.gssprt.jp
GeoTrust RSA CA 2018		 2020-12-02 -
2022-01-01		 a year crt.sh
rt.gsspat.jp
GeoTrust RSA CA 2018		 2021-03-19 -
2022-04-19		 a year crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
static.vertamedia.com
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
ads28.vertamedia.com
ZeroSSL ECC Domain Secure Site CA		 2021-08-15 -
2021-11-13		 3 months crt.sh
*.360yield.com
Amazon		 2021-07-29 -
2022-08-27		 a year crt.sh
*.sascdn.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
loopme.me
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.onaudience.com
Certyfikat SSL		 2021-05-28 -
2022-05-28		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
aux-log1-sh.vertamedia.com
ZeroSSL ECC Domain Secure Site CA		 2021-08-27 -
2021-11-25		 3 months crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
aux-log2-sh.vertamedia.com
ZeroSSL ECC Domain Secure Site CA		 2021-08-27 -
2021-11-25		 3 months crt.sh
ad.lkqd.net
R3		 2021-07-25 -
2021-10-23		 3 months crt.sh

This page contains 61 frames:

Primary Page: https://medan.tribunnews.com/
Frame ID: EB8C9BB95D2250D617E208B7A864A3B6
Requests: 221 HTTP requests in this frame

Frame: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3BA817D7FC5807EC9E007BC991C5DAC5
Requests: 1 HTTP requests in this frame

Frame: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C964542D646122967600D48E5439CCDD
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu69FSmel4JJraSIouFwTFwwWy4hnknBZZN2IHzkTSyH5yX3H1pKMsEv7EubWxOc_Ev7zA_G506EGJ5QpIp0jEZnBTO3_pVRzT1QqBukK8M-sJx_3tMwdK6JkcuKfTMpFLrcMREwd-oa31XYWZ4mAAE4URND7RCwRqZ5KDKJXeuNMB0M4YAEiv5Kh1Tn3TmWIhJOsuCdRwTScy016xC5RJMk8NjvNjeZd2LsqUFgFNy77i0kooZF_4kFM_5V35Wz6Zc3VNkUn7vHXCLEolX3EhsdRa58X0wVwSSJYJyEyiNKNTnUEfmNFFaiOGBwFMEZCDzxSx_&sai=AMfl-YSamVSPZJb2vahrlrHWhYmKKV7K_tsoZYrGRCfIH9a8A_tP33oFSwkrlNKRbe_ixopmIqGzI4WPwOzLCADrJ2EzCRBlT5j0GykFDCEMdZ_pS0bExxL2Pu4edLiiJcdi&sig=Cg0ArKJSzCF84_uZDDfBEAE&urlfix=1&adurl=
Frame ID: 7271DD71856D6176E2C34133130BCC1D
Requests: 17 HTTP requests in this frame

Frame: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0B8AD9E2E1582FFA61AE4B76E59EC79C
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgSnQ1tfCKzfzGsiSBBY729kZ9goJgptrCfc3EBgwzmDSH2xMrjYJNLOGRCAfc9HVZdLCV9zF8vzjJ7E0tJxXAnzLO-c-3xzRTuk2u_03xb_8H4Tgx61JhL_UiTc_1tCeXfqErc90unaKbKW4gFzbLR5oYHF98zsPC_8kGhuTB9HNXe3PUTQrbUNfMxGzAPReLui6XeooDTMCU4UX_aaAsC-dR6gwQN2-HsH_P3yA4dVi7dqh-CPr2G1RexEb2ry6RShp1-yfm9HkKaMxAxxe3QjToQOgZcbSXIwgl1VSe76f-x5jBlXc6dF0H9gGB-gmOaIcbjQ&sai=AMfl-YTYRhakbVb9lsfnlom0USBqoNLD33Ly_7mXGJiBt0ufX7ZMzfjjzxP9BBporvpi3jFzwyZi7vSeHV4ooxMoSeQe0PtCDSdnpsflcrW4eBl6xPuvD_taajjsIg9CHK57&sig=Cg0ArKJSzKKRmF48QrNGEAE&urlfix=1&adurl=
Frame ID: 22F6369D43354EDB4E7B618BBFE00C87
Requests: 51 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteQRq5fzsl_Qd6ZnhISldpCOzcSSFIRsnT4ZaKKzLRQ9SPg8lBdgGt6cX6BVBrr1lKqaA8Gw5f7FRDOALf-gVOQAc2zGNWZcrkxuFAuta3MYbZRzLk9TBW4BioZ66kLUVHIBds3UnHdlLxrPdhRm5fziaH-nsmJuXUamYUYdfyhEB1juEt87637268r85j6y7CSiCmWyPc3jpbpGsDmGNTXz9QYbPSVsz-XR2nc7o_Gmro8D6wGLiDWPod75mHspvqpW82sVrbHpgAJvdx4Vg2vWp0Rj1q_47UUCoP4tsZg_UYTto0h0miSJ1eV1JcM_dyiRSKaw&sai=AMfl-YTbQKGFAOIBrWdaWfK6XXEtwBzJfDwNiwn72p0gRX3Nz73P_6YFeDuXLNBn6m6khwiiGQe7-ONsKENNptDM6OCKBIeYn3FKSDwyxCeouiM89XT_E5q0_vJNY5OfIhjy&sig=Cg0ArKJSzPdb7KndKNOvEAE&urlfix=1&adurl=
Frame ID: 7D111EE40EA6605DF96AFBBEE9A26644
Requests: 20 HTTP requests in this frame

Frame: https://js.genieessp.com/t/407/456/a1407456.js
Frame ID: 764DB4E42A8C57B90F2A93BF9138D24E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4aTvAhi7392sATAB&v=APEucNXk2ocQooGl_ghdnjbZmY0ilpys59NbtMgQP3IaTWYCrtva5_f5eESRTHFdPsdAKqFlx1veXuyiNhps2OUm_Lx4lgUWRQYhk41sZ60tBQMWcYdnUkHTvDlMayuNGj2dgHm5XJcxeRmR-yMu46LXCDxKe21YGv4R2CQSRpynCMcRLUhvpOw
Frame ID: E8478886C57DCC9B863F2D66CFE0E703
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQg4LmAhjX8MCzATAB&v=APEucNXrweLHLdKN_buiDVMu169IPjbC1WmQvrswWm1kHgzTqROzRDle7MZyEDvRNq5uY9emKrBOQjFfmK5EJoneO6GmmljaGbmaCb_FClLmDKHe0Qyhvch0wM-GquiJxXRXNJFf5EA7Lu57H7g1_0nSUD2-1_Ua47BPD_rw4JSXRmdluF0N74M
Frame ID: 126CC597EF8EA86F66AF77CD78F456EB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AE9C2EC7010C0F19E68F4A9340BC7918
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
Frame ID: 3D8AFF6DEF5A38D0263FE09FFDCCDA79
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Frame ID: 2AF7443149B01A0C422D930F430CC413
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1E3A6883E7D9616FD62463F51FB02D0C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 646B6A4C206E2C610E05DDAF79C4408E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://creatives.b-cdn.net/js/jxvpaid_1_0.min.js
Frame ID: 8CBBB26816B0AC8CF58F00959688B3FB
Requests: 5 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1630834948516585236640
Frame ID: 65753A57C7F6F9340B58333FE6E13F4C
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 745DC57F7D1AFA15E2004D7CF2EE8DCE
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 0B4DC3437DB84A4A516A9A94D212D7CE
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Frame ID: 687EC2283017F46FC95C085A8A9AF678
Requests: 1 HTTP requests in this frame

Frame: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=PL-163-c4f51e75
Frame ID: 9564F757ED7D5BB7400B07BBD7ADAA26
Requests: 2 HTTP requests in this frame

Frame: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=ops
Frame ID: CDEE2B07DFD13227C72039CCA2580403
Requests: 2 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31034.js
Frame ID: 79D1CF0C85C09CB2D4CBD3BB6301A505
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: F7355EBC0E46D5683FFE09F45775E7F0
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 36FA04D0B715D14D71B0D642204A6F03
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6330823DC2172DA67F0FECE4108F82C2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 8E200DCD380425D7FEB113ECC147ADF7
Requests: 29 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: D701580AE68EB51F484C95DEB539DAAB
Requests: 30 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Frame ID: A65FB6C4F6D51296C6C172FAD063A7D9
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Frame ID: 1501F7C6FC651823B94D6D250F99FCF9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5F19783B9B2D7B9C2FF1D8DD1A3F4D71
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FF26CB2265D238ED0D42C22992B2A004
Requests: 1 HTTP requests in this frame

Frame: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Frame ID: D4810CF2E8082869992A45C4B348FF64
Requests: 4 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31034.js
Frame ID: B559381FB1C934BC412E9CEB815DC03E
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952
Frame ID: CC92DAB3DD7C4CDF70566CFC66E634C8
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: AE42611B86664C17D46EF0743E8454E6
Requests: 24 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952
Frame ID: 0D2678C3BA1888B8D7E54E9E06759FF0
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E5AFEE388D02398D92139099794F98EC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 64B8330AB93FAEE882E0FF9CD90E2F85
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=741E59CC-4A30-4A62-943B-5D206E8CAD34
Frame ID: 4DED16C6915528BD3310339462D8B6E3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8944851385841554304
Frame ID: 55E757140DFA65CE32076ED6FBE7B6D5
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 9F2E67F1724B47E080374769A557F404
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7004382805510846617
Frame ID: CDAD4AF114BE18BB8034EB857B14A3F6
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 1DCBFE485849D7D6B274F9933B976E7C
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Frame ID: 61CCA9C165E7EC0A45B3DAF1DC2146F9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 956F1B68F3ED4B0E2CBCBC94231560A4
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DFCD7736AAC4FD19F1D49C686E5A7C37
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=n6jMLj9NLR9exVZ1Am1ZXbjm
Frame ID: 66D487D65BDB2BFD294775984AB6B0A0
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 6FF5F3DB5BCA53D060B12FB41705412D
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EE296D5E0C96543A61FF53CEDFE176DC
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3952477b-0aad-4bb0-85b5-bc15eed5b0df-tuct82e168b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 4A179FDE308CA560BC1F9EFE1900D8AD
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 74F3103D7A54CC2EBFFA54EF9A21467C
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 48706FA762494B8A45E68C0BC3637DA9
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 0B837C03929B194BDC9BC336706E215C
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: A264A83F303BCD705C048A8AAD1CD344
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 92B8B47B91F3CEF55B6EDFC127D0EB24
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B8ABB8CC7A5E7F36C4DEA7E1C0FA2E3E
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: ED462C414BA342C235E610D473C89A48
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=medan.tribunnews.com
Frame ID: 1C1011923D3B07504670A2F7724DDDE1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2943B996E9D07AE58FEA7696588261C1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BBE8BA495F091D5489C9F8E26389FF74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tribun Medan - Berita Terkini Medan

Page URL History Show full URLs

  1. http://medan.tribunnews.com/ HTTP 301
    https://medan.tribunnews.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /https?:\/\/[^/]*\.pubmatic\.com/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i

Page Statistics

555
Requests

96 %
HTTPS

30 %
IPv6

94
Domains

175
Subdomains

132
IPs

14
Countries

6087 kB
Transfer

15057 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://medan.tribunnews.com/ HTTP 301
    https://medan.tribunnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://sb.scorecardresearch.com/b?c1=2&c2=8077308&ns__t=1630834945687&ns_c=UTF-8&cv=3.5&c8=Tribun%20Medan%20-%20Berita%20Terkini%20Medan&c7=https%3A%2F%2Fmedan.tribunnews.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1630834945687&ns_c=UTF-8&cv=3.5&c8=Tribun%20Medan%20-%20Berita%20Terkini%20Medan&c7=https%3A%2F%2Fmedan.tribunnews.com%2F&c9=
Request Chain 190
  • https://ad.doubleclick.net/ddm/trackimp/N887227.139676KOMPASID/B26380132.312885191;dc_trk_aid=505441346;dc_trk_cid=157309161;ord=618688718;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N887227.139676KOMPASID/B26380132.312885191;dc_pre=CPef4M3F5_ICFWHHuwgdphYNuQ;dc_trk_aid=505441346;dc_trk_cid=157309161;ord=618688718;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1&C=1
Request Chain 228
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YTSRAxtJD9OH08jKu5I7aAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIMfbG47j8T9Yjq3BMaBgj0&google_cver=1
Request Chain 230
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQwMjkzNTc4ODk1Mjk4MzY2OA%3D%3D
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1&C=1
Request Chain 232
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YTSRAyxbDfadm8mvLoJUGwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIMfbG47j8T9Yjq3BMaBgj0&google_cver=1
Request Chain 234
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQwMjkzNTc4ODk1Mjk4MzY2OA%3D%3D
Request Chain 281
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDg1czl2c0VPY0cy&muidn=l85s9vsEOcG2 HTTP 302
  • https://cm.mgid.com/google?muidn=l85s9vsEOcG2&google_ula={guid},5&google_gid=CAESEF9Proy9qJHtJ9Bn5kSMC4U&google_cver=1
Request Chain 283
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l85s9vsEOcG2 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Request Chain 286
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l85s9vsEOcG2 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l85s9vsEOcG2 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 287
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=ec30df9a-8de8-44ad-a1e7-3890fce2c6c3&ttl=1633426951
Request Chain 288
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=dUMz30MAnaz00mbZkBML&pi=mgid&tc=1
Request Chain 289
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=fb38c0b2-0522-4c43-82dc-1599cd524f50&ssp=mgid&user_group=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=&gdpr_consent=&us_privacy=
Request Chain 300
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=617666&c=7aa0f497b0cb0671
Request Chain 331
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 332
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN_BPMMmsQ0WBlwZaX3mnhc&google_cver=1
Request Chain 333
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzQxRTU5Q0MtNEEzMC00QTYyLTk0M0ItNUQyMDZFOENBRDM0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 343
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=criteo&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=criteo&v=y8dVQGccMh9dJPpW0SybAyhi2weUINSFZScc6gQJ0ZFgiBR8UjUaAoizqONWoTYmq02LW4V048sOdXMyahIqkQ&format=gif
Request Chain 344
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appnexus&format=gif&vid=2 HTTP 302
  • https://secure.adnxs.com/getuid?https://cs.gssprt.jp/yie/ld/cs?dspid=appnexus&uid=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.gssprt.jp%2Fyie%2Fld%2Fcs%3Fdspid%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appnexus&uid=4468883261977636728
Request Chain 345
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2 HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp HTTP 302
  • https://rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adN44CPV2R6AMx-EGi-iDoONrx0oLC5OU94MLqdqThfUdHVEU6MhzE6Qi5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
Request Chain 346
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAyfFf1ey5IpbNkc2U3XPzaM3KV9khaPEHAlnItVMapm08Rh4jj2v0U8vE_0Pb2Ggwg&format=gif
Request Chain 347
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2 HTTP 302
  • https://g.c.appier.net/ge HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=zXHBsXNvAn6bvzQXCZE0YQ
Request Chain 421
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1343580&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1630834952&vpw=300&vph=169&pgDomain=tribunnews.com&gdpr_consent=&gdpr=1&schain=1.0,1!viralize.com,4601,1,,, HTTP 302
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1343580&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1630834952&vpw=300&vph=169&pgDomain=tribunnews.com&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4601%2C1%2C%2C%2C&cklb=1
Request Chain 423
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1343573&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1630834952&vpw=300&vph=169&pgDomain=tribunnews.com&gdpr_consent=&gdpr=1&schain=1.0,1!viralize.com,4601,1,,, HTTP 302
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1343573&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1630834952&vpw=300&vph=169&pgDomain=tribunnews.com&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4601%2C1%2C%2C%2C&cklb=1
Request Chain 462
  • https://c1.adform.net/serving/cookie/match?party=14&cid=741E59CC-4A30-4A62-943B-5D206E8CAD34 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=741E59CC-4A30-4A62-943B-5D206E8CAD34
Request Chain 463
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8944851385841554304
Request Chain 465
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7004382805510846617
Request Chain 466
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCc3dFN0NhU0lBQUNSX1N6LW5WZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 468
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 470
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=n6jMLj9NLR9exVZ1Am1ZXbjm
Request Chain 472
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 473
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3952477b-0aad-4bb0-85b5-bc15eed5b0df-tuct82e168b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 475
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dB5ZzEowSmKUO10gboytNA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 476
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2c316134-910c-4b00-8e26-ba2f4ba6e8a8
Request Chain 477
  • https://pixel.onaudience.com/?partner=214&mapped=741E59CC-4A30-4A62-943B-5D206E8CAD34 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=9b4c7f82-318a-4831-ad7d-ecc41780725a&icm HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b60358f5f90e57991d3213ba544d3e99
Request Chain 478
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOsVQbL4wYxBIYNJQObCm9c&google_cver=1
Request Chain 480
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6261143938205046305
Request Chain 481
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:80356134-910c-4b00-a0f3-1425ef316839&gdpr=0&gdpr_consent=
Request Chain 482
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ec30df9a-8de8-44ad-a1e7-3890fce2c6c3
Request Chain 483
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4468883261977636728&gdpr=0&gdpr_consent=
Request Chain 484
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=741E59CC-4A30-4A62-943B-5D206E8CAD34&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=741E59CC-4A30-4A62-943B-5D206E8CAD34&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZTd6ILJE2uXMbNl4KcHmvirJNupK0xE-~A&gdpr=0&gdpr_consent=
Request Chain 486
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bypW8GAqVaZ0L1T0biJI9D8uUaJ0fwD3YSmSTLGM
Request Chain 487
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_b3564150-bed7-4e57-9b9a-ffe779320e2c&bsw_param=ea8075a1-8333-4bda-b073-e6e04ec12baf&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 488
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4389472509684845394&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 489
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YTSRDAAEQnNMZgAC HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTSRDAAEQnNMZgAC&gdpr=0&gdpr_consent=&_test=YTSRDAAEQnNMZgAC
Request Chain 491
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 492
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:77aaf3ac-88df-485b-9c66-67f7a000177f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 493
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4468883261977636728
Request Chain 494
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_0959b032-c273-4f58-9ce2-e2e47666ec55
Request Chain 495
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9a86699f-0e2d-11ec-ba3c-09af8c3825be&gdpr=0&gdpr_consent=
Request Chain 519
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389472509684845394
Request Chain 536
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389479106754612050
Request Chain 557
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=tribunnews.com&sn=ChromeSyncframe&so=0&topUrl=medan.tribunnews.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=kjo6OHxJT2ZubUJFOTRDUnJzVzkyM2tRN0ZkQmlSYUdrdm5kczFLUDg2QXF4YzN0WDNsYmRDSG1lOWRrakJETnlHWEVyMjlJYlo2MFByNVJjeHpaL0J1bGRzby84TEgvY3lzMEtGeGNmanJNTGJoeEU2Uy91SGV1aTIzajFqc2NiQWZEMENUb1ZhazYvZlFUbWxIMVNrdjl3SmNNT1hiL01NdzFmTkl4R3F1NUJ6SzlWak5BenV6ME5DS2lGVXVYY3hJY3ZEUk9jbkpLK2lsYWlQd0tod2NIa01JdDY2Z0hodmRsUlpxeFc2ZFpQa2t6WnBxZHpPZmpHL2NldktMTDYwNlFNTXRPRERIMFBCYkVWZHR3SHYrdmV5Zz09fA&cppv=2

555 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
medan.tribunnews.com/
Redirect Chain
  • http://medan.tribunnews.com/
  • https://medan.tribunnews.com/
204 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
c2e07bb7367d13ada4d1f6baedfe3884305d8ae364fc28318d7b2fd64c57fc75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
medan.tribunnews.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
content-length
35251
cache-control
no-transform
content-encoding
gzip
date
Sun, 05 Sep 2021 09:40:04 GMT
server
Apache
set-cookie
csrf_cookie_name=17ef2b212bdb7d12c8d056444e6e58a3; expires=Sun, 05-Sep-2021 11:40:04 GMT; Max-Age=7200; path=/; domain=.tribunnews.com 3bun_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229896297353422350fddf0e5519431642%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22172.31.12.197%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A17%3A%22Amazon+CloudFront%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1630834804%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D1723fc81b6b3bd36b7d9dfd58680d7c8; expires=Sun, 05-Sep-2021 19:40:04 GMT; Max-Age=36000; path=/; domain=.tribunnews.com
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-we-need-to-talk
Thank You
x-xss-protection
1; mode=block
vary
Accept-Encoding,User-Agent
x-cache
Hit from cloudfront
via
1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
McAuVLMWjGyKq9EHqM6QBmdfuDWSn3NWeIaYYild5h05uPYPaauwtg==
age
140

Redirect headers

Server
CloudFront
Date
Sun, 05 Sep 2021 09:42:25 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://medan.tribunnews.com/
X-Cache
Redirect from cloudfront
Via
1.1 985c0b2ec44bdebc7f24f26d1e427d31.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P2
X-Amz-Cf-Id
jxeWPfCCqTL2gg8D5HtJm773p8I23b0J1QEh4VCTBneGZoR-piJo2Q==
style.1.8-20210702_daerah.css
cdn-1.tstatic.net/css/theme21/ 		52 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/css/theme21/style.1.8-20210702_daerah.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3150cecceaba3dd7038a7ebe75ece09c40b486ce011c81b92a8b22cb9abfb3d

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:05:21 GMT
content-encoding
gzip
age
833825
x-amz-meta-sha256
d3150cecceaba3dd7038a7ebe75ece09c40b486ce011c81b92a8b22cb9abfb3d
x-cache
Hit from cloudfront
last-modified
Mon, 26 Jul 2021 09:30:39 GMT
server
AmazonS3
etag
W/"322f5b22a3451db34f91d6b9803d0328"
vary
Accept-Encoding
x-amz-version-id
T3GdoWsZi8m2BOTsXiQ4akkNboQ2NHRP
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-P2
content-type
text/css
x-amz-cf-id
yR9IctrfhqPdtN7AetlAwL258Lo8pEO1lIL0Q_RdybwbSvRCqeFkOg==
x-amz-meta-s3b-last-modified
20210702T112716Z
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617
age
14388027
cdn-cachedat
2021-03-11 11:57:55
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a9f1136dc57a7605179530d5ffb85493
cf-ray
689e81e7ca29c2a9-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery-1.8.3.min.js
cdn-1.tstatic.net/js/jquery/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/jquery/jquery-1.8.3.min.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 18:55:47 GMT
content-encoding
gzip
last-modified
Wed, 25 Mar 2015 04:27:56 GMT
server
AmazonS3
age
1003599
etag
W/"e1288116312e4728f98923c79b034b67"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-P2
content-type
application/javascript
x-amz-cf-id
YtfYibV7X8XIIyKzx46rj-qcnp9ypPNp3LrFoK_FXzVT8iVBbvzD9g==
expires
Tue, 24 Mar 2015 16:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
594c5ace291e957bfcf2feebc619eb513ec847f57c4dcaaaa4f314544493f111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"978 / 615 of 1000 / last-modified: 1630707028"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24941
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:25 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://medan.tribunnews.com
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 21:29:17 GMT
x-content-type-options
nosniff
age
303188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8892
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Sep 2022 21:29:17 GMT
jquery.fancybox_2.min.css
cdn-1.tstatic.net/js/fancybox2.1.3/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/fancybox2.1.3/jquery.fancybox_2.min.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 00:00:11 GMT
content-encoding
gzip
age
2367735
x-amz-meta-sha256
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a
x-cache
Hit from cloudfront
last-modified
Wed, 10 Jun 2020 05:52:59 GMT
server
AmazonS3
etag
W/"9dba4b0617628815180b9c368b6bf56e"
vary
Accept-Encoding
x-amz-version-id
null
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-P2
content-type
text/css
x-amz-cf-id
fLBQoEwRyXgFxFoUQG9KnQkHI5bJYmf5Z7c2OeoC89tOdY91LmDsJQ==
x-amz-meta-s3b-last-modified
20200610T055203Z
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
565, 617, 617
age
14388113
cdn-cachedat
2021-03-11 11:58:04
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
af3097212757f6b13d804a73f5f188bc
cf-ray
689e81e7ca2dc2a9-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
tribun.1.8-20190807.js
cdn-1.tstatic.net/js/tribun/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/tribun/tribun.1.8-20190807.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92d6b966c3b2fb58c469e35de5c5cdf8cdaa30ea9bb7a3e15e1b86765f892452

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Mon, 08 Jul 2019 09:22:04 GMT
date
Wed, 25 Aug 2021 21:17:45 GMT
content-encoding
gzip
last-modified
Mon, 08 Jul 2019 09:23:15 GMT
server
AmazonS3
age
908681
etag
W/"be91403c70880ee1b6e1f2ee7540a674"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-P2
content-type
application/x-javascript
x-amz-cf-id
WJAE2g2Mbtp5CK_YXhSOzdFr6hcC45K-S6HPqjczcQ7OqpuJzC_aJg==
jquery.bxslider.mini.js
cdn-1.tstatic.net/js/bxslider/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/bxslider/jquery.bxslider.mini.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
130368e1880972a560164d6a42407eb853179a8eb98aa11b3ec7605296dfe775

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 17:30:23 GMT
content-encoding
gzip
last-modified
Wed, 25 Mar 2015 04:27:51 GMT
server
AmazonS3
age
1008723
etag
W/"d7163e041d3b536a19694784ad2ec6da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-P2
content-type
application/javascript
x-amz-cf-id
8LjBlyVVYk3NrqtSO28K9D7d0wctT2R5S1YcmdmP1bAYutQjYexwyA==
expires
Tue, 24 Mar 2015 16:00:00 GMT
jquery.fancybox.pack.js
cdn-1.tstatic.net/js/fancybox2.1.3/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/fancybox2.1.3/jquery.fancybox.pack.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ff9d4ae2b3407b031e3359007ff4d7ac9e0b342f25ce44c77d3cb7f14f65043

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 20:00:55 GMT
content-encoding
gzip
last-modified
Wed, 25 Mar 2015 04:27:55 GMT
server
AmazonS3
age
913291
etag
W/"38b8a249b8b955e0c789a490847d9cc5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-P2
content-type
application/javascript
x-amz-cf-id
BnVRSijKDcMVR2lNYg8Qhm-QjE7P2yx72vnMNNXy4aQrkxL2ucyX1A==
expires
Tue, 24 Mar 2015 16:00:00 GMT
tribunnews.com_desktop
delivery.r2b2.io/hb/kompasGramedia/ 		518 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.49 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-47.cdn77.com
Software
CDN77-Turbo /
Resource Hash
93f873e001c9af7d6b307999208e69cdc4d218c457c022431bedd6c7ed748462

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 05 Sep 2021 09:42:26 GMT
content-encoding
gzip
x-77-nzt-ray
+aA0mGwvk5o=
x-77-cache
HIT
x-cache
HIT
x-age
1092
content-length
126273
x-77-nzt
AcO1ry8hlxLvRAQAAA==
x-accel-expires
@1630835654
adt-powered-by
slim
server
CDN77-Turbo
etag
a95f2edf0f7e1d4216cdc58dd01c3837
content-type
text/javascript; charset=utf-8
cache-control
s-maxage=1800
accept-ranges
bytes
prebid4.32.0-26032021.js
cdn-3.tstatic.net/ads/prebid/ 		250 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-33.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93ad25346390323235a0b27d7f517853a0b911cb94f0755786ee858f2626acaf

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Fri, 26 Mar 2021 07:43:41 GMT
date
Sat, 28 Aug 2021 00:54:45 GMT
content-encoding
gzip
last-modified
Fri, 26 Mar 2021 07:44:35 GMT
server
AmazonS3
age
722861
etag
W/"759d0d923ac130ee53892ca24052d031"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 adc51edbb4dc468fb382e40b115a2f63.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
YtbOh4gJPxYCxcYAV6t6LWEbqfhrjiaIBXdfkQC2XyQLYuB6ZjfaHA==
glightbox.min.css
cdn-1.tstatic.net/css/glightbox/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/css/glightbox/glightbox.min.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 23:47:42 GMT
content-encoding
gzip
age
986084
x-amz-meta-cache-control
max-age=2592000, public
x-amz-meta-sha256
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
x-cache
Hit from cloudfront
last-modified
Fri, 08 May 2020 08:14:16 GMT
server
AmazonS3
etag
W/"7443f26fb8ef9bb0368d931f2b1f1cb5"
vary
Accept-Encoding
x-amz-version-id
null
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-P2
content-type
text/css
x-amz-cf-id
qRaZLgzY-vj_ZZfWF6aukDFSQe8UzjT5TCptJDSAzuxwE6WVjTeOjw==
x-amz-meta-s3b-last-modified
20200331T194635Z
glightbox.min.js
cdn-1.tstatic.net/css/glightbox/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/css/glightbox/glightbox.min.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 16:48:55 GMT
content-encoding
gzip
age
1011211
x-amz-meta-cache-control
max-age=2592000, public
x-amz-meta-sha256
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
x-cache
Hit from cloudfront
last-modified
Fri, 08 May 2020 08:14:31 GMT
server
AmazonS3
etag
W/"c8e60c852f16b93503708e1b27423274"
vary
Accept-Encoding
x-amz-version-id
null
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-P2
content-type
application/javascript
x-amz-cf-id
VuT5Ya_zxdqQj4AbvV574xwUnyRCyZURUW9kfmT4xAppXW2GqopWew==
x-amz-meta-s3b-last-modified
20200331T184655Z
sdk.js
connect.facebook.net/id_ID/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/id_ID/sdk.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
14ebeaefd46f3e384d6addaf0fb0e26b9b1b1188339e08509637872093f0b189
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://medan.tribunnews.com
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
kz9pnoy7N+tQIj43p2478Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1688
x-fb-rlafr
0
x-fb-debug
yV7wgIJSL1TamssWl0cv7QkVm0m1xivITX8gvopVfljJv4v/J0A73OJflBeMfBeV4rt/Ca8xkh5azYbUVwB8gA==
x-fb-trip-id
917726464
x-fb-content-md5
7d30af8ec5fa41f347582cf722996204
x-frame-options
DENY
date
Sun, 05 Sep 2021 09:42:25 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"2eb20ea8adac2524772f3fba5eece0bc"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 05 Sep 2021 09:45:32 GMT
tribunmedan.svg
cdn-1.tstatic.net/img/logo/daerah/svg3/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-1.tstatic.net/img/logo/daerah/svg3/tribunmedan.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a8cdf7c03a39d4aa2f2830f3f05f3a54bb441b6991f91afd2aaa9f7165f26c8

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Thu, 22 Feb 2018 08:54:16 GMT
date
Mon, 09 Aug 2021 00:02:51 GMT
content-encoding
gzip
last-modified
Thu, 22 Feb 2018 09:01:50 GMT
server
AmazonS3
age
2367575
etag
W/"19dc44a6afc974f446d568155d12d5c5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-P2
content-type
image/svg+xml
x-amz-cf-id
6DyyfDwyZ_1_SdWuWTYAi_gn4O5bSrXHHc38ymwhbvN9ASldx1bgWA==
Logo_T_blue.svg
cdn-1.tstatic.net/img/logo/tribun/svg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-1.tstatic.net/img/logo/tribun/svg/Logo_T_blue.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Fri, 24 Jul 2015 09:49:00 GMT
date
Sun, 29 Aug 2021 23:09:56 GMT
content-encoding
gzip
last-modified
Sat, 15 Aug 2015 14:25:23 GMT
server
AmazonS3
age
556349
etag
W/"2881375fb0f9e7fc4d0a2f42434696e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-P2
content-type
image/svg+xml
x-amz-cf-id
B8q40S1m4YGNsjT1M5pGyMyKiW9awUmeExFUQA21v0w5qskbjokLXQ==
pria-ini-rawat-mantan-suami-istrinya-selama-16-tahun2.jpg
cdn-2.tstatic.net/medan/foto/bank/images2/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/images2/pria-ini-rawat-mantan-suami-istrinya-selama-16-tahun2.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79be97c5742dbd399a76e9dd88060b521a29d0e7c77c38818dd3499b7f5d2221

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 10:37:26 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sat, 04 Sep 2021 10:25:12 GMT
server
AmazonS3
age
83100
etag
"bb56950dead4bd051fc7040eb3b226cb"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
43869
x-amz-cf-id
b9cJ6ENA7ixjapS9Jp7-D3iI7zdDDr0Dnj_aJslAIaUXY3Z7--vMEg==
fitria-yusuf.jpg
cdn-2.tstatic.net/medan/foto/bank/images2/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/images2/fitria-yusuf.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1df053a6a473658477e7e46c33477e07f142a31806099cdb02af89922c6d54e7

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 05:44:56 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jun 2020 04:16:35 GMT
server
AmazonS3
age
100650
etag
"926835bbbef539a27bf4565767b5a532"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
44783
x-amz-cf-id
Dr322yGZsxdgYaVDywJVD-VjHFuvr75_RM0ozlr4n6TDhg9dSkM05Q==
sejumlah-anggota-dprd-sumut-mengikuti-rapat-paripurna-di-antara-bangku-yang-tak-terisi.jpg
cdn-2.tstatic.net/medan/foto/bank/images2/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/images2/sejumlah-anggota-dprd-sumut-mengikuti-rapat-paripurna-di-antara-bangku-yang-tak-terisi.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bfa5c72301a82b32f352f10b73a079333eb2454751d2cde4f7f88b213a713db

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 05:57:41 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sat, 04 Sep 2021 05:32:39 GMT
server
AmazonS3
age
99885
etag
"13358ff8b49a3dfe7876bdf99ef6a0d6"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
74477
x-amz-cf-id
Vpg1DyfJpMwNsVW16thm6p9mWdAHqQRZ2lvc3MOfC5YWnhTmdJolaA==
enno-lerian_20170812_092324.jpg
cdn-2.tstatic.net/medan/foto/bank/images2/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/images2/enno-lerian_20170812_092324.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4f0377980441360d6151c3e1d591f0d39212a59797df67e478d6d0bd749b5e1

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 16:18:13 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sat, 12 Aug 2017 02:23:46 GMT
server
AmazonS3
age
149053
etag
"9f7c5df02d4578a46e002920ce4ed20b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
50920
x-amz-cf-id
N-hLDO_QmWkUC2QpsBw-HPEj7_PddI0nr79CcrUDTubAtVUna0miSA==
kebakaran-mobil-menewaskan-dua-anak.jpg
cdn-2.tstatic.net/medan/foto/bank/images2/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/images2/kebakaran-mobil-menewaskan-dua-anak.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b36beafb29d3704979d7b582780d5ef59773dc373e3a75fa78e2ca1a30d04f42

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 06:18:48 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sat, 04 Sep 2021 05:33:21 GMT
server
AmazonS3
age
98617
etag
"d2809f9a08bd3ece535ca2c6901ecc0f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
36141
x-amz-cf-id
zwCytmD01N8rKn2bMb7aMy16rI60FlefwiSnoatBmsYGk15DcrxUyg==
pria-ini-rawat-mantan-suami-istrinya-selama-16-tahun2.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/pria-ini-rawat-mantan-suami-istrinya-selama-16-tahun2.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb3883c3bb799ed382660641a75525bd77bd596372aea857a33b92311a7af551

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 10:37:21 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sat, 04 Sep 2021 10:25:13 GMT
server
AmazonS3
age
83105
etag
"af3f12b3ffbbb951c530b904912d4e7b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
4554
x-amz-cf-id
d3qdbKWdwP1TVfjbiWQzh8yQH0WDC2fiesgVwPbzpIisnuNeMWevEQ==
fitria-yusuf.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/fitria-yusuf.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a75a78aac8437480cd2cafa92fb35be3e65c88c3d88f2b392f1545493f9dfe6c

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 22:26:43 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jun 2020 04:16:35 GMT
server
AmazonS3
age
126943
etag
"875f596ff16622e30c88776132d31547"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
4056
x-amz-cf-id
9zWWwWsk0Egv9JVIZpj2sEyvLq3Le9BxWJffSxvZu9FgtyrJqsJ7-A==
sejumlah-anggota-dprd-sumut-mengikuti-rapat-paripurna-di-antara-bangku-yang-tak-terisi.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/sejumlah-anggota-dprd-sumut-mengikuti-rapat-paripurna-di-antara-bangku-yang-tak-terisi.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cc2914efcf8e8ceb5e4f44d563332f00df2f978448607efc6459d5ed310969e

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 05:42:54 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sat, 04 Sep 2021 05:32:39 GMT
server
AmazonS3
age
100772
etag
"2eb1ff644d2f6f1e60aaab2e049e2852"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5570
x-amz-cf-id
HDtPy_yJioAiQXLQZBvhbn4iW8P76ty2-4cob_Wtq3I_7-xZ3kEaFg==
enno-lerian_20170812_092324.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/enno-lerian_20170812_092324.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3edd76424d9fb86ae47274648fde9f323eeeaaf8c1ee293f4cbc932ab439156

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 16:14:25 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sat, 12 Aug 2017 02:23:46 GMT
server
AmazonS3
age
149281
etag
"dabcc993cb3cb45addf08940d2f75e49"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5125
x-amz-cf-id
LS6h0MMM0ioQ8pfClyGda-EsJmqgAJtiLW3f1EBQwwhfcZYPOmkIww==
kebakaran-mobil-menewaskan-dua-anak.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/kebakaran-mobil-menewaskan-dua-anak.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da39f8beca75e4317ac564f92cecfad528d7de91827881673066e0b25e16f84c

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 05:42:55 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sat, 04 Sep 2021 05:33:22 GMT
server
AmazonS3
age
100771
etag
"56337448ac13395fa9f92218ec4ff7ad"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
4181
x-amz-cf-id
t6rNoJMT9JCIEGuMiX876HDB2zHNq4e3GE3USxFT5W5HDHTWT0qN5A==
puluhan-warga-kecamatan-medan-tuntungan-melakukan-unjuk-rasa.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/puluhan-warga-kecamatan-medan-tuntungan-melakukan-unjuk-rasa.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0541a21931fb5a4756b1e6a40e60ccc7d6c9bd79457ded0ab3d576b7f1200f87

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:41:21 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sun, 05 Sep 2021 09:35:25 GMT
server
AmazonS3
age
65
etag
"8ba6e14795fc9d869aeb1a8041ef504f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
6308
x-amz-cf-id
EhnSbS7NMYEtp8dZFyRDfQMfRaKzJDPFqrPNuYNhCkJA51tqT91qwA==
gadis-ini-nikahi-ayah-kandungnya-sendiri.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/gadis-ini-nikahi-ayah-kandungnya-sendiri.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38eeab158f98dd7791afb19c1868e0d3d904199a149a900a02f2babdf29b9a26

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 08:59:50 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2021 08:51:31 GMT
server
AmazonS3
age
434556
etag
"8ea11c5e87b5a589a31157ff80207c1b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
4367
x-amz-cf-id
BqZ819mOpXuO_t8QBPB3wEM_RfN8cm-U65XrY5_B0Ev5iPU219BQwA==
bobby-nasution-pakai-teluk-belanga.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/bobby-nasution-pakai-teluk-belanga.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33335812c8cfe1f37da5cf8428f118168d525819d6473ca9021d2e74e10a59b8

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 04:38:55 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Fri, 03 Sep 2021 04:38:17 GMT
server
AmazonS3
age
191011
etag
"9f95a4508517ec28bb61dc250ef2891d"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5563
x-amz-cf-id
PEwdIYW9vqUYbZcvy5HpMcQWDmAnGcfOS_CM-N5rLaH9F8wBCZQqcg==
orangtua-congkel-mata-anak.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/orangtua-congkel-mata-anak.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25dff39d1ec23433dc38405c877fc115b12b255526a96005da36193973fb3705

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 07:49:36 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sun, 05 Sep 2021 07:48:48 GMT
server
AmazonS3
age
6770
etag
"ae6c6ee6148569441cf63d2bfad94fe1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
4193
x-amz-cf-id
cqdBHewtTMUx5btw0HzvzTg6OaoRizdt6YE9sOcRPFSr0M5xm8ogoQ==
leanikhalimatus-berhak-mendapatkan-medali-emas.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/leanikhalimatus-berhak-mendapatkan-medali-emas.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7965b51f32c6145173f10df404404dd0d825d5b4ce5d1804aa19865917a09881

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:22:15 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sun, 05 Sep 2021 09:13:16 GMT
server
AmazonS3
age
1210
etag
"8e0ab30f65d75689dfbbb6c91f84cffe"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
6871
x-amz-cf-id
9HHluLkeM3SYKJhBMuAcoYJlqZqAAxSqnH3llsIBtZmb0FHklHiOeg==
sekda-wirya-pimpin-rapat-opd.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/sekda-wirya-pimpin-rapat-opd.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f93f5adb1588fc9623e4808beecc225e4cdfaa084e5364580916f0bd253c543d

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 07:00:45 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Thu, 02 Sep 2021 06:58:47 GMT
server
AmazonS3
age
268901
etag
"ff5ca0fa3455183dbac50cdf48ebc7b1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5206
x-amz-cf-id
UAwNeJ46gYd0gzgF5QwRn6k3EwUzDy35iaKTeUZVn0bWIZB4LPg32Q==
baim-wong-dan-paula-verhoeven-nantikan-kelahiran-anak-kedua.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/baim-wong-dan-paula-verhoeven-nantikan-kelahiran-anak-kedua.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9626d80ae0c7463ff0e3dd070fb34c0fcf0a6e383a0fd3ad27488cff6942af1

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:17:10 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sun, 05 Sep 2021 09:08:46 GMT
server
AmazonS3
age
1516
etag
"692724e779a1b0335dd044f2f01b8a62"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5230
x-amz-cf-id
FFcoEdBct4MfydhASUdSUg-01rrE5BGpnn5EFl7k13cozsXE56C07Q==
raffi-ahmad_20180429_130608.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/raffi-ahmad_20180429_130608.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b3e827aa59c8c1bd024120ce3d73ced58c5fba6c52cd595c3cee56ca6a7ff00

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:11:19 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sun, 29 Apr 2018 06:07:11 GMT
server
AmazonS3
age
1867
etag
"443749b35d73a49485f924094cd76e48"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
4547
x-amz-cf-id
jjgBJ89H_uXuqLeqfujn6qWo7TsJDHHkhCnEpxHbwVmAiqOQTkPX5g==
tribunbelanja.svg
cdn-1.tstatic.net/img/logo/tribun/svg/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-1.tstatic.net/img/logo/tribun/svg/tribunbelanja.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6eb68d4b4b8a4295742792be3d217419fb2652654a75d5b5509a32a9152dc9d

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 02:35:57 GMT
content-encoding
gzip
age
2358389
x-amz-meta-sha256
e6eb68d4b4b8a4295742792be3d217419fb2652654a75d5b5509a32a9152dc9d
x-cache
Hit from cloudfront
last-modified
Thu, 27 May 2021 09:37:30 GMT
server
AmazonS3
etag
W/"faffe3118ea71364d93ea49ed67f72f8"
vary
Accept-Encoding
x-amz-version-id
0nhJdP9v3J_yFiXg0XHzTw2BAKTF5id.
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-P2
content-type
image/svg+xml
x-amz-cf-id
TsVhXrzpWenR_CirCZdVECRNUgK3_BEgnhlXBY97ST06LkmgUQZg4A==
x-amz-meta-s3b-last-modified
20210527T093545Z
fd8893c3-7165-45ea-b57e-541eab411794.png
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/fd8893c3-7165-45ea-b57e-541eab411794.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
ddd1c49ce5d0f38c8081ed91950313b7b3913e7dc65321e6d29449f94c4db000

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
cdn-edgestorageid
756
age
32268
x-cache
Hit from cloudfront
cdn-cachedat
08/26/2021 03:15:42
cdn-pullzone
398968
content-length
105071
x-amz-cf-id
kQPYrzT44Zzl0w1D7vU_N4-cF0bXkWAKXz1qpr4YeNJcNZyvf1C8OQ==
server
BunnyCDN-DE1-756
last-modified
Thu, 12 Aug 2021 08:14:55 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
content-type
image/png
cdn-cache
HIT
cdn-uid
8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control
public, max-age=86400
cdn-requestid
16cb3f7a3fe0d0c7c40ed97b0987b54c
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
880c6b8f-908e-4273-bb9f-487da751ad9f.png
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/880c6b8f-908e-4273-bb9f-487da751ad9f.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
bf599d6bb1c095abf08d7f957663b24c0c58e0bb9b8a2aad7d617a8aa85dceb6

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cdn-edgestorageid
756
age
331
x-cache
Hit from cloudfront
cdn-cachedat
08/27/2021 05:57:07
cdn-pullzone
398968
content-length
69051
x-amz-cf-id
znmLhGXmMmeQWk7fzFFblTgCt9uEpuDOzwjKRNI9o2R4-pgszuj8mQ==
server
BunnyCDN-DE1-756
last-modified
Thu, 12 Aug 2021 08:17:51 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
content-type
image/png
cdn-cache
HIT
cdn-uid
8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control
public, max-age=86400
cdn-requestid
8b3698e6f8893d8af469816a36147715
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
e3c83ca4-fd6a-4a06-83b9-2baa870c37a0__w175_hauto.jpg
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/e3c83ca4-fd6a-4a06-83b9-2baa870c37a0__w175_hauto.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
abd003e5d462382460777f8a485d59d520b976fad80f7a8fe6e7124414933ad2

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cdn-edgestorageid
756
age
3297
x-cache
Hit from cloudfront
cdn-cachedat
08/27/2021 06:49:31
cdn-pullzone
398968
content-length
2611
x-amz-cf-id
l4wWRacZ0HrbjND4Cy-AU0tctKg_21Fk6oxMw1CVjUkd3j8_5RrnGw==
server
BunnyCDN-DE1-756
last-modified
Fri, 27 Aug 2021 03:53:33 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control
public, max-age=31536000
cdn-requestid
707593b659cc7829c53c92772f3f734b
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
69ce2396-33f4-4b69-a40f-b9e0c5a3b5ca__w175_hauto.jpg
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/69ce2396-33f4-4b69-a40f-b9e0c5a3b5ca__w175_hauto.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
b5bfaa87a15490c95e8027409f595552cbd4d95a7a182fe81bb59d0d8cf15d0e

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cdn-edgestorageid
756
age
1137
x-cache
Hit from cloudfront
cdn-cachedat
08/27/2021 06:25:54
cdn-pullzone
398968
content-length
4827
x-amz-cf-id
Bg2022NtmW1nnRnSfmfEMcTN6W1a1R82Stm3UirWlPYLhhrGGdKoiQ==
server
BunnyCDN-DE1-756
last-modified
Fri, 27 Aug 2021 04:01:47 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control
public, max-age=31536000
cdn-requestid
c2662369eb0c69fe162930e1a15e223c
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
nunung-srimulat-pucat-dan-lesu-selain-masalah-narkoba-nunung-ternyata-mengidap-penyakit-lain.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/nunung-srimulat-pucat-dan-lesu-selain-masalah-narkoba-nunung-ternyata-mengidap-penyakit-lain.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67dcf928ceb98e916205b22117af75040e1c1fa90b59177b71799984b422bb11

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 16:06:31 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Fri, 08 Nov 2019 02:54:49 GMT
server
AmazonS3
age
495355
etag
"82803e2232647b94693e6b7dc637f8b3"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5068
x-amz-cf-id
wNwRu1qA1aKSkOENBNOpAF4yFdOCSplEFzKP-Y5HyXsAxGPe-7scAw==
ffe263bd-d650-4ab2-824a-a20e09734502.png
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ffe263bd-d650-4ab2-824a-a20e09734502.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
402ead54e015ebd09458e33e53f06db682c9f9f55010677c2d58c9cd90527a2d

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
cdn-edgestorageid
756
age
602
x-cache
Hit from cloudfront
cdn-cachedat
08/27/2021 06:28:13
cdn-pullzone
398968
content-length
112018
x-amz-cf-id
ueWUM6IcTtVLdUdrMsG9CSRbH7JqtOPwUIXZA1RgZ4qqAYNKBSpClg==
server
BunnyCDN-DE1-756
last-modified
Thu, 12 Aug 2021 08:23:56 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
content-type
image/png
cdn-cache
HIT
cdn-uid
8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control
public, max-age=86400
cdn-requestid
3e81e154d23798be6c8f6288d65164d8
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
94efbaa6-bb17-47f1-910e-9e8e9d2ed79a.png
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/94efbaa6-bb17-47f1-910e-9e8e9d2ed79a.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
143b5a033d0904f62bde243d40bab04a6ff5f942a64955706757e4b4974788fb

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cdn-edgestorageid
756
age
103
x-cache
Hit from cloudfront
cdn-cachedat
08/27/2021 06:17:46
cdn-pullzone
398968
content-length
150128
x-amz-cf-id
Cst1m5124AnSPx9WddOCYzX9TctkkfP2Z8y1dLYAYqcCIUk-Hx1XPw==
server
BunnyCDN-DE1-756
last-modified
Thu, 12 Aug 2021 08:19:51 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
content-type
image/png
cdn-cache
HIT
cdn-uid
8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control
public, max-age=86400
cdn-requestid
8c35869d2d2f24e51fa6f4f4ca667620
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
f30c28d9-dc67-4523-956f-c3599fa621bc.png
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/f30c28d9-dc67-4523-956f-c3599fa621bc.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
2453153354d65b54e40b9cdaa3141a59c5ad95e23ebe9262067f98cceb14afe5

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cdn-edgestorageid
756
age
1008
x-cache
Hit from cloudfront
cdn-cachedat
08/27/2021 06:49:31
cdn-pullzone
398968
content-length
174635
x-amz-cf-id
O00t4ICA2COhoVIxxiRZ7ruFcVlUvfFSez5yu5NlZ2WHThFZ-O3cQQ==
server
BunnyCDN-DE1-756
last-modified
Thu, 12 Aug 2021 08:20:09 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
content-type
image/png
cdn-cache
HIT
cdn-uid
8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control
public, max-age=86400
cdn-requestid
4aebc8d11fc7b819148815af6dd7eade
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
5dd8091d-0a36-4704-8f4c-06fbe39b5229__w175_hauto.jpg
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/5dd8091d-0a36-4704-8f4c-06fbe39b5229__w175_hauto.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
234cef14c8318b9c1bea792c557b6fd8dbdf8002be7d76066e16ce883dab0b3f

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cdn-edgestorageid
756
age
103
x-cache
Hit from cloudfront
cdn-cachedat
08/27/2021 06:17:48
cdn-pullzone
398968
content-length
7539
x-amz-cf-id
atmmDfOXi1498h4cpIUNimRw64WBAA4_CvoJF_r9vZMcTmGf8NpVKg==
server
BunnyCDN-DE1-756
last-modified
Fri, 27 Aug 2021 04:15:33 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control
public, max-age=31536000
cdn-requestid
487e89e25d5a5eca0f67ae661f6f0182
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ayu-ting-ting-enji-tribunmedan.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ayu-ting-ting-enji-tribunmedan.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41344277ff9d6b12105bf2bbb857b0ff37bef5fe65c256ea57da7c8e6d096bf2

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 17:06:33 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Fri, 27 Aug 2021 16:59:41 GMT
server
AmazonS3
age
146153
etag
"bbf43ca40b7351378836fc8798b4ef2d"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
6078
x-amz-cf-id
eMS7UeYsxOCzofYDYtw4I1tS51N_VqqW87wAomBW98LeRpqMuX1m7g==
enji-baskoro-ketemu-bilqis.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/enji-baskoro-ketemu-bilqis.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2abd6f5af61f1636fe9a8696f6f15687d1064a8d2c396465f29164b6ed5058c3

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 21:48:04 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sat, 04 Sep 2021 21:40:58 GMT
server
AmazonS3
age
42862
etag
"651a194e56b0f940301fd9b8d8bc7cec"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5056
x-amz-cf-id
7pu_nN9hPpM1F-YQkrOBuYotLhF8ZzhTuYjEdlm7cNN1rowwut3IWQ==
masih-ingat-ulfa-dinikahi-usia-12-tahun-oleh-syekh-puji-kini-cantik-modis.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/masih-ingat-ulfa-dinikahi-usia-12-tahun-oleh-syekh-puji-kini-cantik-modis.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c0dd12cbdf821ad99fb4b97816e9bf478cf2e734aed43cd1276e98ba6d55733

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 23:33:05 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sat, 04 Sep 2021 23:31:49 GMT
server
AmazonS3
age
36560
etag
"3e515c44e449fcf7faca9b908a9eac88"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5098
x-amz-cf-id
CEXrINHHT8oJbHVRxJ3kMBZLHE1TGXhA9sj8Yfna6jl81ZcBzsNa6w==
mulan_jameela_20171010_105910.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/mulan_jameela_20171010_105910.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cce845c9c561ae739fdfc1430c16d08ace3588c8b5a2c2be29e0ab3c5f9a5a1a

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 09:38:00 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Tue, 10 Oct 2017 03:57:57 GMT
server
AmazonS3
age
345866
etag
"36347f819f96dfecde1a98fca5587573"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
6769
x-amz-cf-id
8MDQ4mWcE0ld2btra6ekk8h49_KGNQ3NGX5gvoClvxxCmlXYhyp5Tw==
wyley-simpson-kolase.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/wyley-simpson-kolase.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b78ba68d172622ccfc3dadb90fc4f2984f2bcea4e350a0abd88be0ab70270b8

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 23:23:25 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sat, 04 Sep 2021 23:17:19 GMT
server
AmazonS3
age
37141
etag
"b73c5b3b17641e6444ee425169527849"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
4329
x-amz-cf-id
dStEILo2TEwJ7d-msCuP7pXVU7mTsTaJ2KGSfJuxOlnAfjy5ktkGGg==
addie-ms_20180102_052946.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/addie-ms_20180102_052946.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80e8e5f8b618ebeb96fd7e4d781e09f242a1fd9c5c45d570eecb816420b4cde3

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 22:31:21 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Mon, 01 Jan 2018 22:29:53 GMT
server
AmazonS3
age
40265
etag
"47acd84a7140200e5b3a4ada74ca432f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
6827
x-amz-cf-id
NsoqENjOMd3_ScGduTU2YcMxRpV47sg1fU8jMrjHA5Ff7jaj4JQS9g==
preman-bercelana-loreng-okp.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/preman-bercelana-loreng-okp.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86f51e934eed984b8f595937feb3a6dc163deba5c1074daded7bc7ccb62e7c1f

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 03:46:35 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sun, 05 Sep 2021 03:46:04 GMT
server
AmazonS3
age
21350
etag
"2920c6ca2d1488677d632a35edb65d9d"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5547
x-amz-cf-id
vanJhFRAtPVqO2-Pt_R--FV0Slw-aEXMw0PCgsck-jFflhQMkcYm9g==
dedi-mulyadi-dan-kades-ciririp.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/dedi-mulyadi-dan-kades-ciririp.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6736db0028a2880e57c68a137ffcd5c322023f2d998d01b59679c9a75c04bd3

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 02:39:48 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sun, 05 Sep 2021 02:38:47 GMT
server
AmazonS3
age
25358
etag
"b2958e339bc70cf85f1c24dad5568321"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5004
x-amz-cf-id
tLTn39quH9kvQjpJkWqCJvkv2AVkfTxv5SWLiUJ8lY5Te6PfOKzqGA==
live-streaming-argentina-vs-brasil.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/live-streaming-argentina-vs-brasil.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5aa1133a184723f949dc19dea4415fa2208805735c7b1be0fbc4b5507517dc6a

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 03:53:13 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Sun, 11 Jul 2021 00:58:01 GMT
server
AmazonS3
age
20953
etag
"e56ee19203d5df47b278b876f91799d0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
4326
x-amz-cf-id
grn3r4fh2Isg4F8f1-CF_dwZoCOOiDBPV5hOEyFnmpQruph_bQ43YQ==
kolase-foto-jonathan-frizzy-dhena-devanka-aldi-bragi-dan-ririn-dwi-ariyanti.jpg
cdn-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-2.tstatic.net/medan/foto/bank/thumbnails2/kolase-foto-jonathan-frizzy-dhena-devanka-aldi-bragi-dan-ririn-dwi-ariyanti.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94eadf69c4a059389104587548aca95096fe422e0133fdf70de14aeff731410a

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:48:02 GMT
via
1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
last-modified
Wed, 01 Sep 2021 03:42:16 GMT
server
AmazonS3
age
366864
etag
"852c1f21b799ca2e69b82cb4add44f3f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5623
x-amz-cf-id
u4IJuhTBFZ6HQ0m5oCvmhEUUs6oQz0AjaG7XaASL37ydVPZ9NA7aQQ==
lozad.min.js
cdn-1.tstatic.net/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/lozad.min.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Fri, 31 May 2019 01:49:18 GMT
date
Thu, 08 Jul 2021 15:46:56 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 01:51:20 GMT
server
AmazonS3
age
5075730
etag
W/"34b722949a97a9f6734cd66d940531ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P2
content-type
application/x-javascript
x-amz-cf-id
m9cxzzoRMnfoJbVRhkP5Jg1A4I5U3KpAcGHRT36ywDoRzansWFcHZA==
firebase-app.js
www.gstatic.com/firebasejs/5.5.6/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-app.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 12:58:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12419
x-xss-protection
0
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 04 Sep 2022 12:58:07 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.5.6/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-messaging.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 08:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10096
x-xss-protection
0
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 04 Sep 2022 08:48:01 GMT
tribun.js
sttribunnews.kompas.com/kgnotif/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sttribunnews.kompas.com/kgnotif/tribun.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
081a28dfa5acc18a525c552aa51fc5a0bc1e2eb1c387db969b8f8af3d77a530d

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 06:13:39 GMT
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
age
13145326
x-amz-meta-sha256
081a28dfa5acc18a525c552aa51fc5a0bc1e2eb1c387db969b8f8af3d77a530d
x-cache
Hit from cloudfront
content-length
3689
last-modified
Thu, 18 Mar 2021 08:21:13 GMT
server
nginx
etag
"c779e5bc5b38950e7582691cd13dc484"
access-control-allow-methods
GET, OPTION
x-amz-version-id
o5WmqjaGYyr3x092m48I3dsgu0hL9.xO
access-control-allow-origin
*
expires
Wed, 06 Apr 2022 06:13:39 GMT
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
5OjOCZNdnuu92ttTn8exMkpzp1bQs2PC0xvGTRYKT__JRLBu8lXS0w==
x-amz-meta-s3b-last-modified
20210318T073258Z
sso_g_signin.min-1.0.js
cdn-1.tstatic.net/js/kgmedia/tribunnews/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.0.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbba45cb3355a22c9ddd6893732795b6746e460fc1ac52e77b5268ec9d685f5f

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:50:00 GMT
content-encoding
gzip
age
2559146
x-amz-meta-sha256
dbba45cb3355a22c9ddd6893732795b6746e460fc1ac52e77b5268ec9d685f5f
x-cache
Hit from cloudfront
last-modified
Thu, 14 Jan 2021 04:57:50 GMT
server
AmazonS3
etag
W/"9d3e5dbdb245a14e5139aca792974052"
vary
Accept-Encoding
x-amz-version-id
iwnBU7Ip0vrtHzsOMmfNlAhCmESC_5lX
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-P2
content-type
application/javascript
x-amz-cf-id
mb_BrDokResbwE5pdXr5lsVC7EIjqukiWEhh9EErOUCgou45dclaNg==
x-amz-meta-s3b-last-modified
20210113T054706Z
gtm.js
www.googletagmanager.com/ 		148 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21d9bdad58b42666fdb80ea2b16b2b55bf6a3aa5b9df949cdce2d995678af42a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48106
x-xss-protection
0
last-modified
Sun, 05 Sep 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 05 Sep 2021 09:42:25 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://medan.tribunnews.com
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
11668561
cdn-cachedat
2021-04-23 09:33:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
66624
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ba10b54f55920d993d7be17672d4b2fc
accept-ranges
bytes
cf-ray
689e81e8c9a12b35-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
pubads_impl_2021090101.js
securepubads.g.doubleclick.net/gpt/ 		333 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
8d9f1e7a5653eade39c663ba7e740f5f8b51fde9a7fcc7e2d59b0338598e5075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 01 Sep 2021 08:42:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119248
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		306 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=medan.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
3bdd95b83f21c2f2952f3c2ba9ff097351c5aa89b54811a8a96821d0fc814370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:25 GMT
sdk.js
connect.facebook.net/id_ID/ 		227 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/id_ID/sdk.js?hash=bd0c693fadd9b93c62617b346773e249
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/id_ID/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
adda60ab7594978e5beb3e8ec6b152f4921d9885af06ebec843a5790afb68cc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://medan.tribunnews.com
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
fltlGlYn1ifBE4Xsvnyjow==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68286
x-fb-rlafr
0
x-fb-debug
AK4/GeTbkdBL5bqGKl5Q8eCLL3IOPv9nNfkvsshrWfKguNJzho624Cvudm4eC+DGqry1yYKZ/YWTW1XszN1TRA==
x-fb-content-md5
8ca89973cbd5bdd2f23d48f05b402934
x-frame-options
DENY
date
Sun, 05 Sep 2021 09:42:25 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"a63b9efca7e7b6483a0ec91447b24f66"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 05 Sep 2022 09:00:32 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
11288099
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 0baa339c02d06988c65d8623d1b3c6ed.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P2
X-Amz-Cf-Id
EsDD5s-f7Yhr7sSupEJJ7e6thkGZQQzB3GENXpe4fy4FKGjKl1vvIQ==
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 14:19:37 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
156160
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
D8aXMF5WLjM-D9vjg60c_obq6dtsNEErO9ugXSq0xKX8lyvwIy5SMg==
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=114488588566911&ev=fb_page_view&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&rl=&if=false&ts=1630834945495&sw=1600&sh=1200&at=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 05 Sep 2021 09:42:25 GMT
user
apis.kompas.com/api/activity/ 		87 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/activity/user
Requested by
Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/js/jquery/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.3.28
Resource Hash
8b4db059a3cb9ebb3673eaffe432d8732cc4f732c1dd72beb9bcebec1410ccb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:26 GMT
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
x-powered-by
PHP/7.3.28
x-cache
Miss from cloudfront
mail-subject
Join_via_header
we-hiring
jobs@kompas.com
content-length
87
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
cache-control
private, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, X-Prototype-Version, Origin, Allow, *
x-amz-cf-id
0qg0e-uyWW8qtJ1SIrogy_HlOxVxPCPNRGIvYtt1zLhFVagBARg24Q==
expires
-1
client
accounts.google.com/gsi/ 		183 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d424ef672e3316ddf7d191fbfa52a9287d25892f34ef42bdd5302b22b1e1651
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wXUsstci2z4P5vSoCCoOJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-wXUsstci2z4P5vSoCCoOJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:25 GMT
bx_loader.gif
cdn-1.tstatic.net/css/theme21/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-1.tstatic.net/css/theme21/images/bx_loader.gif
Requested by
Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/css/theme21/style.1.8-20210702_daerah.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

Referer
https://cdn-1.tstatic.net/css/theme21/style.1.8-20210702_daerah.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 22:50:58 GMT
via
1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
age
2285487
x-amz-meta-sha256
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
x-cache
Hit from cloudfront
content-length
8581
last-modified
Sat, 19 Jun 2021 21:55:45 GMT
server
AmazonS3
etag
"931bdb6b50816b03206c66921760b246"
x-amz-version-id
Hpwrz52PSL722wx25QIBrifPqiYmzn1T
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
hyAa6tRGWMvhItGj6_9bXnR88X_fb68Fbcrf-63L15CAVj6XVhMDLg==
x-amz-meta-s3b-last-modified
20210619T215418Z
getNewsbreaking
medan.tribunnews.com/main/ 		0
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://medan.tribunnews.com/main/getNewsbreaking
Requested by
Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/js/jquery/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
csrf_cookie_name=17ef2b212bdb7d12c8d056444e6e58a3; 3bun_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229896297353422350fddf0e5519431642%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22172.31.12.197%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A17%3A%22Amazon+CloudFront%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1630834804%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D1723fc81b6b3bd36b7d9dfd58680d7c8
:path
/main/getNewsbreaking
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/plain, */*; q=0.01
cache-control
no-cache
:authority
medan.tribunnews.com
referer
https://medan.tribunnews.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/plain, */*; q=0.01
Referer
https://medan.tribunnews.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
x-we-need-to-talk
Thank You
x-content-type-options
nosniff
server
Apache
x-amz-cf-pop
FRA56-P2
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
via
1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control
no-transform
set-cookie
csrf_cookie_name=19ca4516c8c24596dc8e745860a67f2f; expires=Sun, 05-Sep-2021 11:42:25 GMT; Max-Age=7200; path=/; domain=.tribunnews.com
vary
User-Agent
content-length
0
x-xss-protection
1; mode=block
x-amz-cf-id
bRg3VIRFz2YEzzxRTlrfijjqLst3fNWkbsEmwsIRCeH4_XIa_VfJLw==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
606
date
Sun, 05 Sep 2021 09:32:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 05 Sep 2021 11:32:19 GMT
280686
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/280686
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 05 Sep 2021 09:42:25 GMT
X-SpotX-Timing-Transform
0.000662
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.001043
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000316
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000006
X-SpotX-Timing-Page
0.009445
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000284
X-fe
064
Last-Modified
Sun, 05 Sep 2021 09:42:25 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004903
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Misc
0.002198
X-SpotX-Timing-Page-Exception
0.000021
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.004903
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
282137
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/282137
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 05 Sep 2021 09:42:25 GMT
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
X-SpotX-Timing-Transform
0.000403
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.001157
X-spotx-Exception-conf-Message
Channel ID '282137' has no active deals.
X-SpotX-Timing-Page-Require
0.000422
X-fe
057
Connection
keep-alive
X-SpotX-Timing-Page
0.011546
X-SpotX-Timing-Page-Cookie
0.000075
X-spotx-Exception-conf-ID
SPOTMARKET.DEALS_INACTIVE
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000450
Last-Modified
Sun, 05 Sep 2021 09:42:25 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.002886
X-spotx-Exception-conf-RESULT
failure
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Misc
0.006113
X-SpotX-Timing-Page-Exception
0.000020
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000020
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.002886
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
301966
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301966
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 05 Sep 2021 09:42:25 GMT
X-SpotX-Timing-Transform
0.000330
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000949
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000376
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.006735
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000404
X-fe
054
Last-Modified
Sun, 05 Sep 2021 09:42:25 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003071
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Misc
0.001573
X-SpotX-Timing-Page-Exception
0.000017
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.003071
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
301967
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301967
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 05 Sep 2021 09:42:25 GMT
X-SpotX-Timing-Transform
0.000341
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000825
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000275
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000001
X-SpotX-Timing-Page
0.006388
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000258
X-fe
106
Last-Modified
Sun, 05 Sep 2021 09:42:25 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003033
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Misc
0.001627
X-SpotX-Timing-Page-Exception
0.000017
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.003033
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:24 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg8.smartadserver.com/prebid/ 		171 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b4%3b55
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		171 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b12%3b76
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:25 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg8.smartadserver.com/prebid/ 		171 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b3%3b144
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:25 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
bid-request
a.teads.tv/hb/ 		16 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 05 Sep 2021 09:42:25 GMT
hbpost
hb.jixie.io/v2/ 		62 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.jixie.io/v2/hbpost
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.77 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
079684e1d2942b4ce96a1598d059e8bdecf158de3145bb2dd5749cc1b3938694

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:26 GMT
Content-Encoding
gzip
ETag
9445c3c0-0e2d-11ec-9b7e-f511fedb537d
X-Trace
2B8D6FB8BE78ED209A923857DA723F960F81F91BD3D4D81E2BD08089C400
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
private, no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Expires
-1
arj
kompascybermedia-d.openx.net/w/1.0/ 		172 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kompascybermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fmedan.tribunnews.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=44c292bf-342c-4e0f-87cb-23f5446e76aa%2C12a02b0b-4b01-4636-9198-6b9f9cf32284%2C0677f52e-9512-4402-b38a-8eb9d37e355c%2C38da2087-df99-40c7-8d38-1218985ec6dc%2C9537196a-b1ff-48e1-bdd4-c08e675578d4%2C4ea352c1-b2d0-4089-b64c-f2f6c305bd6e%2C9fd7b7d2-15fb-48f2-afb3-a75daee00f99%2C98c80e1e-2dea-4ed4-b497-5a914e2efa63&nocache=1630834945678&aus=728x90%2C970x90%2C970x250%7C160x600%7C300x600%2C300x250%7C300x250%7C300x600%2C300x250%7C300x250%2C300x100%2C1x1%7C320x100%2C320x50%2C1x1%7C640x100%2C468x60%2C320x100%2C1x1&divIds=div-Top-Leaderboard%2Cdiv-Left-WideSkyscraper%2Cdiv-Right-MediumRectangle-1%2Cdiv-Right-MediumRectangle-2%2Cdiv-Right-MediumRectangle-3%2Cdiv-Inside-MediumRectangle%2Cdiv-BelowArticles%2Cdiv-BelowImages&auid=540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
7ead7f1e9c3444ce597850e95a328bdcdb983a239008adc6f71f5065c329d6ff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.32.0&cb=79803134277
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:25 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
targeting.unrulymedia.com/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/prebid
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
pragma
no-cache
date
Sun, 05 Sep 2021 09:42:26 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.32.0&cb=66700707653
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:25 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cygnus
htlb.casalemedia.com/ 		25 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=450352&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227836bc9a5c98daa%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmedan.tribunnews.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A8%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A8%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A3%2C%22msi%22%3A3%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2279b1754844f7dd8%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22803de98f74403d4%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2281c3b2dc9e5cbbd%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2282057109f6544a%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22833b662dfb4b37e%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2284179b02531872b%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2285d1364ffb96ec5%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2286af4d1ad3c0683%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228712d144d9545dc%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2288eb6182adfb04d%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2289186b83c3b672a%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229088db48f7a2603%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2291d33d30871b679%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22928a735da32a102%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22938c9339abbaf01%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22944e48e69151039%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2288eb6182adfb04d%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22938c9339abbaf01%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22640x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22938c9339abbaf01%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f877c49119bf5e9002456de2a43e85f357ac17674e16c8fe9d59cea28583a3f9

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:26 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[NL], RC:[], CN:[EU], CIP:[213.232.87.179], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sun, 05 Sep 2021 09:42:26 GMT
auction
tlx.3lift.com/header/ 		0
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=8077308&ns__t=1630834945687&ns_c=UTF-8&cv=3.5&c8=Tribun%20Medan%20-%20Berita%20Terkini%20Medan&c7=https%3A%2F%2Fmedan.tribunnews.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1630834945687&ns_c=UTF-8&cv=3.5&c8=Tribun%20Medan%20-%20Berita%20Terkini%20Medan&c7=https%3A%2F%2Fmedan.tribunnews.com%2F&c9=
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1630834945687&ns_c=UTF-8&cv=3.5&c8=Tribun%20Medan%20-%20Berita%20Terkini%20Medan&c7=https%3A%2F%2Fmedan.tribunnews.com%2F&c9=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
oNihKNSuaCag9WQpeCEWp4xWi7buQpwr33kWzJCBx-XKs15PmM7Gxw==

Redirect headers

date
Sun, 05 Sep 2021 09:42:25 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1630834945687&ns_c=UTF-8&cv=3.5&c8=Tribun%20Medan%20-%20Berita%20Terkini%20Medan&c7=https%3A%2F%2Fmedan.tribunnews.com%2F&c9=
content-length
205
x-amz-cf-id
N88bON8AtRaTOdcQ4ziecmE9_UBrXVV3WeHK3UPir7HO2T42LCCFfA==
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Tribun%20Medan%20-%20Berita%20Terkini%20Medan&time=1630834945702&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fmedan.tribunnews.com%2F&random_number=14021233911&sess_cookie=ef79a6ac17bb5566ea597fb5d6a&sess_cookie_flag=1&user_cookie=ef79a6ac17bb5566ea597fb5d6a&user_cookie_flag=1&dynamic=true&domain=tribunnews.com&account=6d9Cm1akKd605T&jsv=20130128&user_lang=en-US
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 03:30:14 GMT
Via
1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
22333
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA56-P5
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
buso9t9SfYzQ0K72XD5QYbE64iKASJ1TZuazmAQvWeTO3fk8D6iL8Q==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.139.3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-139-3.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
server
Server
publisher:getClientId
ampcid.google.com/v1/ 		74 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
style
accounts.google.com/gsi/ 		658 B
438 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.wDy2wFnoKyI.O/am=chE/d=1/rs=AF0KOtX7btEQNUuYhAoON-ud7zJa3rh5jg/m=gis_client_library
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
429885d34050a33a9b77b7b6d4ac0ecd92d4241eaafe69a3be6bf5b1fa223de4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S/AHtIU118vWxtLL3xqEJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-S/AHtIU118vWxtLL3xqEJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:25 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Sep 2021 09:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1364744263&t=pageview&_s=1&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&ul=en-us&de=UTF-8&dt=Tribun%20Medan%20-%20Berita%20Terkini%20Medan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAQCAC~&jid=2130962077&gjid=349851509&cid=383530706.1630834946&tid=UA-15224089-38&_gid=1684767373.1630834946&_r=1&gtm=2wg910NNJ5M3B&cd20=383530706.1630834946&z=1863689557
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-15224089-38&cid=383530706.1630834946&jid=2130962077&gjid=349851509&_gid=1684767373.1630834946&_u=YEBAAEAAAAQCAC~&z=2042103332
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 05 Sep 2021 09:42:25 GMT
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-15224089-38&cid=383530706.1630834946&jid=2130962077&_u=YEBAAEAAAAQCAC~&z=2118007846
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-15224089-38&cid=383530706.1630834946&jid=2130962077&_u=YEBAAEAAAAQCAC~&z=2118007846
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=medan.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=medan.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		132 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3770784777048500&correlator=329346744490608&output=ldjh&impl=fifs&eid=31062367%2C31062462%2C31062297%2C31062093&vrg=2021090101&ptt=17&sc=1&sfv=1-0-38&ecs=20210905&iu_parts=31800665%2CTribunMedan%2CHome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=160x600%2C728x90%7C970x90%7C970x250%2C300x600%7C300x250%2C300x250%2C300x600%7C300x250%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ists=31&prev_scp=pos%3DLeftWideSkyscraper%26page%3Dhome%7Cpos%3DTopLeaderboard%26page%3Dhome%7Cpos%3DRightMediumRectangle-1%26page%3Dhome%7Cpos%3DRightMediumRectangle-2%26page%3Dhome%7Cpos%3DRightMediumRectangle-3%26page%3Dhome%7Cpos%3DNativeAds-Latest-1%26page%3Dhome%7Cpos%3DNativeAds-Latest-2%26page%3Dhome%7Cpos%3DNativeAds-Populer-1%26page%3Dhome%7Cpos%3DNativeAds-Populer-2%26page%3Dhome%7Cpos%3DPremiumTopframe%26page%3Dhome&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1630834946&dt=1630834946690&dlt=1630834945245&idt=367&frm=20&biw=1600&bih=1200&oid=3&adxs=225%2C436%2C1075%2C1075%2C1075%2C-9%2C426%2C1075%2C1075%2C-12245933&adys=537%2C180%2C537%2C3186%2C3806%2C-9%2C1607%2C1261%2C1366%2C-12245933&adks=1365649329%2C1151295369%2C645028135%2C2464932481%2C645028121%2C3110274607%2C3110274592%2C976996096%2C976996097%2C709143181&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fmedan.tribunnews.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600%7C970x250%7C300x600%7C300x600%7C300x600%7C0x-1%7C648x31%7C300x105%7C300x105%7C0x0&msz=160x-1%7C728x90%7C300x250%7C300x-1%7C300x250%7C0x-1%7C648x0%7C300x0%7C300x0%7C0x0&ga_vid=383530706.1630834946&ga_sid=1630834947&ga_hid=1364744263&ga_fc=false&fws=128%2C132%2C640%2C640%2C640%2C2%2C132%2C128%2C128%2C128&ohw=0%2C728%2C0%2C0%2C0%2C0%2C650%2C0%2C0%2C0&btvi=0%7C0%7C0%7C1%7C2%7C-1%7C3%7C4%7C5%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
2fd2ca4e2e47e02d0fd5e74f822074734d4905f1b7fa87fa7c2f7514cd3136d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42260
x-xss-protection
0
google-lineitem-id
-1,5780358175,-1,5754344805,4515825836,5778375738,-2,5567569321,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138362022575,-1,138358654188,138219696066,138361972125,-2,138358338336,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3BA8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medan.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 05 Sep 2021 09:42:26 GMT
expires
Mon, 05 Sep 2022 09:42:26 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
publishertag.prebid.js
static.criteo.net/js/ld/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:26 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 15:58:00 GMT
server
nginx
etag
W/"61154508-14e39"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 06 Sep 2021 09:42:26 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		84 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:26 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 15:58:00 GMT
server
nginx
etag
W/"61154508-14e39"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 06 Sep 2021 09:42:26 GMT
publishertag.standalone.js
static.criteo.net/js/ld/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Protocol
H2
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://medan.tribunnews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 05 Sep 2021 09:42:26 GMT
expires
Mon, 06 Sep 2021 09:42:26 GMT
cache-control
max-age=86400
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-max-age
86400
v2
i.connectad.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Protocol
H2
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://medan.tribunnews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 05 Sep 2021 09:42:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
689e81f2ab221e47-FRA
content-encoding
gzip
v2
i.connectad.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Protocol
H2
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://medan.tribunnews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 05 Sep 2021 09:42:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
689e81f2ab241e47-FRA
content-encoding
gzip
v2
i.connectad.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Protocol
H2
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://medan.tribunnews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
689e81f2ab261e47-FRA
content-encoding
gzip
v2
i.connectad.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Protocol
H2
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://medan.tribunnews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 05 Sep 2021 09:42:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
689e81f2ab281e47-FRA
content-encoding
gzip
v2
i.connectad.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Protocol
H2
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://medan.tribunnews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
689e81f2ab351e47-FRA
content-encoding
gzip
publishertag.standalone.js
static.criteo.net/js/ld/ 		92 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b9f139512a71a5ccce4a7992d8c374c6a5bc75f297623ebeb3ff82f18d93dad1

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/javascript

Response headers

date
Sun, 05 Sep 2021 09:42:26 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 15:58:00 GMT
server
nginx
etag
W/"61154508-16e27"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 06 Sep 2021 09:42:26 GMT
/
adx.adform.net/adx/ 		5 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&url=https%3A%2F%2Fmedan.tribunnews.com%2F&bWlkPTEwOTg2ODEmdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUiZtaW5wPTEuMTE
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2ODImdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUiZtaW5wPTAuNTM
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2ODMmdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUg
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=80862573233
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ 		869 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
d7085963175348f2dd6b42a042b0910981eac416c5db2bdf30db687625e15df9

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:26 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b2%3b48
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v2
i.connectad.io/api/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
689e81f2de97d6c5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
prebid
ib.adnxs.com/ut/v3/ 		156 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
105289afc0998661ac2cdddf5741f3aa775a53fc21e8ff834721f6ef30e46f1d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
12fc7dd1-e00d-4ed1-b498-14ad305aeffc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
156
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.76 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b9b1f49c-257b-4e3c-a951-c3dd4c5150e5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
dsh
hb.adscale.de/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
549da6f6-28b8-4921-b739-a33105214e6d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b99c9106-a7f9-4b2c-b5a5-378e57f5773b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=4600480618
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&url=https%3A%2F%2Fmedan.tribunnews.com%2F&bWlkPTEwOTg2ODcmdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUiZtaW5wPTEuMTE
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2ODgmdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUiZtaW5wPTAuNTM
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2ODkmdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUg
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=88448767441
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:26 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v2
i.connectad.io/api/ 		0
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
689e81f2de95d6c5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
prebid
ib.adnxs.com/ut/v3/ 		156 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
98434334221237ee1b554831d084a3a7d0d878b3eebccdcb964f822defa7c689
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ab57a197-3a5b-427a-b12b-c7ade1f823f5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
156
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.76 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
07c438d3-9074-4a7a-9e4e-593ac985b902
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
dsh
hb.adscale.de/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
76fdfbbd-b457-4d1a-a632-d7a71461bbfc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5956ba4e-2e03-4f48-8cf2-6e9e67a16711
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=39782203395
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&url=https%3A%2F%2Fmedan.tribunnews.com%2F&bWlkPTEwOTg2OTAmdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUiZtaW5wPTEuMTE
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2OTEmdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUiZtaW5wPTAuNTM
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2OTImdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUg
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=8913910770
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:26 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v2
i.connectad.io/api/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
689e81f2de9cd6c5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9c45426a-9457-4f32-ae2e-1f94426a9e10
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.76 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
70733f3b-3f3e-47c9-8507-75523411e0de
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
dsh
hb.adscale.de/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
fc57ccc3-49c8-4e34-9836-a5741f2c6e39
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3fb93302-9fc5-4520-a3f5-65c7a126372e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=66677522391
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&url=https%3A%2F%2Fmedan.tribunnews.com%2F&bWlkPTEwOTg2OTMmdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUiZtaW5wPTEuMTE
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2OTQmdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUiZtaW5wPTAuNTM
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2OTUmdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUg
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=28336810576
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:26 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v2
i.connectad.io/api/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
689e81f2de99d6c5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c2f57d1f-c290-4b63-94d2-ed8ae5a9fdd9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.76 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
18b59b37-4100-4d84-ba25-f06e7f672875
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
dsh
hb.adscale.de/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9c0edb83-403e-4447-8f88-bc6ca1df7d73
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5e7b064a-59c8-4fad-8f0c-77896ea5398e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=27852344932
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&url=https%3A%2F%2Fmedan.tribunnews.com%2F&bWlkPTEwOTg2OTYmdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUiZtaW5wPTEuMTE
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2OTcmdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUiZtaW5wPTAuNTM
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2OTgmdD0xJm1rdz1lbmZhZ3JvdyxwbHVzLHN1c3UsZm9ybXVsYSx2YW5pbGxhLHl1cGksZ3VtbWkscGl6emEscGVybWVuLGplbGx5LGVrc3Bsb3IscGVydHVtYnVoYW4scmFzYSxtYWR1LHBlZGlncmVlLGRlbnRhc3RpeCxwdXBweSxtYWthbmFuLGFuamluZyxydWR5LGhhZGlzdXdhcm5vLGNvc21ldGljcyxoYWlyLGdyb3d0aCxzZXJ1bSxzYXJpYXl1LGludGVuc2l2ZSxhY25lLGNhcmUsYmVsaWJpcyxzYXVzLGNhYmUsYm90b2wscXVha2VyLGluc3RhbnQsb2F0bWVhbCx0cmlidW5uZXdzLHRyaWJ1bixtZWRhbixiZXJpdGEsdGVya2luaSZyY3VyPUVVUg
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=81017041071
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ 		851 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
2fc2eab9acd8bd613bcb956961308ffb3c3573339509e06a542fd2bbe14b9d29

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:26 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b7%3b69
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v2
i.connectad.io/api/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
689e81f2de9bd6c5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4326e765-9e69-4a54-94fb-120af850a383
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.76 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ac62ab33-404d-4ecf-b241-0a14079d7c90
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
dsh
hb.adscale.de/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
dc26623c-2120-455a-b4e4-f76ef67debb1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a0c3ca59-f975-4f7a-b705-6136a2095dbe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=86100818391
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
container.html
4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C964 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medan.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 05 Sep 2021 09:42:26 GMT
expires
Mon, 05 Sep 2022 09:42:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 7271 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu69FSmel4JJraSIouFwTFwwWy4hnknBZZN2IHzkTSyH5yX3H1pKMsEv7EubWxOc_Ev7zA_G506EGJ5QpIp0jEZnBTO3_pVRzT1QqBukK8M-sJx_3tMwdK6JkcuKfTMpFLrcMREwd-oa31XYWZ4mAAE4URND7RCwRqZ5KDKJXeuNMB0M4YAEiv5Kh1Tn3TmWIhJOsuCdRwTScy016xC5RJMk8NjvNjeZd2LsqUFgFNy77i0kooZF_4kFM_5V35Wz6Zc3VNkUn7vHXCLEolX3EhsdRa58X0wVwSSJYJyEyiNKNTnUEfmNFFaiOGBwFMEZCDzxSx_&sai=AMfl-YSamVSPZJb2vahrlrHWhYmKKV7K_tsoZYrGRCfIH9a8A_tP33oFSwkrlNKRbe_ixopmIqGzI4WPwOzLCADrJ2EzCRBlT5j0GykFDCEMdZ_pS0bExxL2Pu4edLiiJcdi&sig=Cg0ArKJSzCF84_uZDDfBEAE&urlfix=1&adurl=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 05 Sep 2021 09:42:27 GMT
stylewidget.css
adsimg.kompas.com/html5/assets_ads/masthead/desktop/html/css/ Frame 7271 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adsimg.kompas.com/html5/assets_ads/masthead/desktop/html/css/stylewidget.css
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-2.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
4221fd6576e8e951f0ead12de9f4869be0b14dd10c8663185af38bf6fcbab203

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 17:00:05 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
last-modified
Fri, 25 Sep 2020 13:53:46 GMT
server
nginx
age
60142
etag
"5f6df66a-6f9"
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
1785
x-amz-cf-id
H8A_0mowQM5E-iqq_g6-L2PkyQQUTLIXb3QeRpSnbkgTMKnrZtDP6g==
expires
Sun, 04 Sep 2022 17:00:05 GMT
6840630213114444223
tpc.googlesyndication.com/simgad/ Frame 7271 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6840630213114444223?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f25b77ebd25322445797c3e12d33a4601bb6748983af49338cb9cb9707e38e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 17:00:10 GMT
x-content-type-options
nosniff
age
60137
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93665
x-xss-protection
0
last-modified
Sat, 04 Sep 2021 05:46:28 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Sep 2022 17:00:10 GMT
jxvideo.1.3.min.js
universal.jixie.io/js/ Frame 7271 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://universal.jixie.io/js/jxvideo.1.3.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12ff9c31e9210fb6a481a65151df684e90db90674fcfd9544a0d279e27d69fb0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Wed, 19 Aug 2020 16:42:53 GMT
server
AmazonS3
age
37069
etag
W/"c51b7183975c083cd7a894d9b6b55ef3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
date
Sun, 05 Sep 2021 01:06:28 GMT
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
6qq3QYH51CepeTyxJTj-TwS5WCh4IhyqT3a7TtlLS02zdVhqhSqY0w==
B26380132.312885191;dc_pre=CPef4M3F5_ICFWHHuwgdphYNuQ;dc_trk_aid=505441346;dc_trk_cid=157309161;ord=618688718;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N887227.139676KOMPASID/ Frame 7271
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N887227.139676KOMPASID/B26380132.312885191;dc_trk_aid=505441346;dc_trk_cid=157309161;ord=618688718;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
  • https://ad.doubleclick.net/ddm/trackimp/N887227.139676KOMPASID/B26380132.312885191;dc_pre=CPef4M3F5_ICFWHHuwgdphYNuQ;dc_trk_aid=505441346;dc_trk_cid=157309161;ord=618688718;dc_lat=;dc_rdid=;tag_for...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N887227.139676KOMPASID/B26380132.312885191;dc_pre=CPef4M3F5_ICFWHHuwgdphYNuQ;dc_trk_aid=505441346;dc_trk_cid=157309161;ord=618688718;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N887227.139676KOMPASID/B26380132.312885191;dc_pre=CPef4M3F5_ICFWHHuwgdphYNuQ;dc_trk_aid=505441346;dc_trk_cid=157309161;ord=618688718;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7271 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630496346997469"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:27 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630496339498273"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27562
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:27 GMT
container.html
4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B8A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medan.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 05 Sep 2021 09:42:26 GMT
expires
Mon, 05 Sep 2022 09:42:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 22F6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgSnQ1tfCKzfzGsiSBBY729kZ9goJgptrCfc3EBgwzmDSH2xMrjYJNLOGRCAfc9HVZdLCV9zF8vzjJ7E0tJxXAnzLO-c-3xzRTuk2u_03xb_8H4Tgx61JhL_UiTc_1tCeXfqErc90unaKbKW4gFzbLR5oYHF98zsPC_8kGhuTB9HNXe3PUTQrbUNfMxGzAPReLui6XeooDTMCU4UX_aaAsC-dR6gwQN2-HsH_P3yA4dVi7dqh-CPr2G1RexEb2ry6RShp1-yfm9HkKaMxAxxe3QjToQOgZcbSXIwgl1VSe76f-x5jBlXc6dF0H9gGB-gmOaIcbjQ&sai=AMfl-YTYRhakbVb9lsfnlom0USBqoNLD33Ly_7mXGJiBt0ufX7ZMzfjjzxP9BBporvpi3jFzwyZi7vSeHV4ooxMoSeQe0PtCDSdnpsflcrW4eBl6xPuvD_taajjsIg9CHK57&sig=Cg0ArKJSzKKRmF48QrNGEAE&urlfix=1&adurl=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 05 Sep 2021 09:42:27 GMT
tribunnews.com.1178609.js
jsc.mgid.com/t/r/ Frame 22F6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/r/tribunnews.com.1178609.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74cd2510fb7613fb76292b497155d686fdce781f0d719f181537a425dee9b9d2

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
content-encoding
br
cf-cache-status
HIT
age
6851
last-modified
Mon, 30 Aug 2021 08:37:29 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
9AJB7636JN6T3VK7
x-amz-id-2
TIOMQlgvhclnpyjG9OdKVWj2KIQrqDypfqq0RDVp6T+OFk/gik+/tWQIZ8F1ypV2ZCQ2ut4FyFU=
cf-bgj
minify
server
cloudflare
etag
W/"4f6695918222291f0e9ea2b7954b00a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
689e81f5f8ded911-AMS
expires
Sun, 05 Sep 2021 12:42:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 22F6 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630496346997469"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteQRq5fzsl_Qd6ZnhISldpCOzcSSFIRsnT4ZaKKzLRQ9SPg8lBdgGt6cX6BVBrr1lKqaA8Gw5f7FRDOALf-gVOQAc2zGNWZcrkxuFAuta3MYbZRzLk9TBW4BioZ66kLUVHIBds3UnHdlLxrPdhRm5fziaH-nsmJuXUamYUYdfyhEB1juEt87637268r85j6y7CSiCmWyPc3jpbpGsDmGNTXz9QYbPSVsz-XR2nc7o_Gmro8D6wGLiDWPod75mHspvqpW82sVrbHpgAJvdx4Vg2vWp0Rj1q_47UUCoP4tsZg_UYTto0h0miSJ1eV1JcM_dyiRSKaw&sai=AMfl-YTbQKGFAOIBrWdaWfK6XXEtwBzJfDwNiwn72p0gRX3Nz73P_6YFeDuXLNBn6m6khwiiGQe7-ONsKENNptDM6OCKBIeYn3FKSDwyxCeouiM89XT_E5q0_vJNY5OfIhjy&sig=Cg0ArKJSzPdb7KndKNOvEAE&urlfix=1&adurl=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 05 Sep 2021 09:42:27 GMT
a1033279.js
js.genieessp.com/t/033/279/ Frame 7D11 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/t/033/279/a1033279.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.175 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
48de10584fe410c23cb2b66254afec8e62fca334d30d8fbddcbcc33750623b0b

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Jun 2021 02:54:54 GMT
Server
nginx
ETag
W/"60d939fe-2304"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=900, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Sun, 05 Sep 2021 09:57:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D11 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630496346997469"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:27 GMT
a1407456.js
js.genieessp.com/t/407/456/ Frame 764D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/t/407/456/a1407456.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.175 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
8d7f694b964a8615111f134c984dc830edd7906d35aa12e9906bf9df8bdc6c26

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Jun 2021 02:54:54 GMT
Server
nginx
ETag
W/"60d939fe-2a9a"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=900, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Sun, 05 Sep 2021 09:57:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 764D 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutE55yqwWY0jibgdPrhIbOomurtx5e8DHoRouk9LWv8TkkBWKH_FbMhG3d1Daj6tzlikrGnqi81WWud_wvlDF33Oi95OqP-trl7BHF3Vefp-t1iGLpUX-y_vUv9Bz0mqk9mXp9mBzABycllr3MxAbZOqBd6JeWEyeD0Ma15ni4w3-7iE0AWGPvxoECkcTXBC2kr8nHekCwNyQWZsS1j8WGD6qx-sKLJbnL6i8hc80GzV3YbtcckFaw_fvPLrpNh1MnTrpwcaZappx0rJVRHgtMU3sWtXx0Jq32WYgvqK5QQgn-DQ28i3tjwcdoWKw6C-J-F--sQg&sai=AMfl-YRKiOOCkqqMla7q9SYUlpNCSS8vMk5nW3mhxcs-JoyGvqhOBYX4-FB-ScZ_cmyH4ohg-mGL2tPc1DPDGPfv66WyfJWfTRlphlWkJYd3bCCBBSMko62_eGrMB9DPqpK9&sig=Cg0ArKJSzIY0QmoUSDP1EAE&urlfix=1&adurl=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 05 Sep 2021 09:42:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E847 		624 B
593 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4aTvAhi7392sATAB&v=APEucNXk2ocQooGl_ghdnjbZmY0ilpys59NbtMgQP3IaTWYCrtva5_f5eESRTHFdPsdAKqFlx1veXuyiNhps2OUm_Lx4lgUWRQYhk41sZ60tBQMWcYdnUkHTvDlMayuNGj2dgHm5XJcxeRmR-yMu46LXCDxKe21YGv4R2CQSRpynCMcRLUhvpOw
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMX_6gIQ4aTvAhi7392sATAB&v=APEucNXk2ocQooGl_ghdnjbZmY0ilpys59NbtMgQP3IaTWYCrtva5_f5eESRTHFdPsdAKqFlx1veXuyiNhps2OUm_Lx4lgUWRQYhk41sZ60tBQMWcYdnUkHTvDlMayuNGj2dgHm5XJcxeRmR-yMu46LXCDxKe21YGv4R2CQSRpynCMcRLUhvpOw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 05 Sep 2021 09:42:27 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnIwLwtOKoseBkRwTgm5z_KMIlQUsOWDC6167yYeXgdD_3hTIgAZAXgSjHI; expires=Fri, 30-Sep-2022 09:42:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 05 Sep 2021 09:42:27 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C964 		69 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0XCptDeCiqAQttydzMa4Cbfgj9tTMHvj2OojkZkLcSm7EfBK80dTTn02_Oo9YNpvr4ssfb242cErPN5vCGoslnr3ykPbPcwtCd7vy-haLU5Gg7JVkW8QSxvy7t9xzg6pawzzJgLwn8pEKvQwGz8CGtTu1UA&dbm_d=AKAmf-CF_edifPdvYF5-0ey8KysmCkNPCr1taiuJrZOojAPTp2siQTw30Qhr5ufvIDCbVbXhOq0UkVmk631x9Z-x6rAQ_XgRooeGsQcuCPVDmAcJCupAl9AFr4sPijl6h9XHbFVit03v967mElebD_VnwgCLpJTR6QPB0KSVLR_mpdF_cWCihx70aaVQQTdk4GWUGz_gJP5O0b6wUwWbdub7oRfF12DUvIU13egKhK9W-8vBl25UpOp-zc2RNL3HzqF3-LvZllDoMZyOIXZ4Nt2g8ct2kW6Lt-2Ab7rIdiQjLq_o8TcvlGMEN4Zfhjvpq-Uv-_CBKWFRAg5SY7XWkcz-IAdORPbO-OmNGY9i5vAStd8mj6VbhWD90tvQ-wpFm710dyqPKPCe0_luqML3C5kMhdDv5T5lR05iGWwq2wx7-JzJ0Y0Z5IQTjz4YhaiScMce8zNI0-_SuKgs_t81qi-T3U9W0T2O_FdJF2OOBrzMUyqGV60cV_gpUPchv0AfrKeg3Wwwkly19XgalZ1wiVjsNnHsqPSejXiHRijDWWJvk8tZXKyB_qXT0XJ4Krq8VqfIJFRk_8kZzYBP4ESP-wzeDWoqm-YASF1xUvSjK0nA-LaEpJyDAoDzFHeh9jdMeNoL-_YNXGtPyGOTzLHk5GHuaALVkeFPj1aWpO1f393fINniNgeoJzBWW1s2a7WX6tP4TiC_lEYpXA2RPXAMO8YkXxSZdDH3QaGQ35tCTUVX_Q_BNBUyTT16r-4f-FTw3rxVy2zB1ENMdwPX5i9Ii7Nh9tzUJcK3QCmmEFlFNgqOIeADk8qHzuZro3b0w32GirpycbGBQGdtFlP6hEDbhr-tgl20i7ILrLA2UrWEWBphQgaMEx0QiZ5sXHZvHCZv3vj-MP-sNKUS7IikngnsAMElCnqRraOeOJopsDYwiMwE2c7ePkJbNSY7IgrCIBaLxkUe6JdhTZ-8hyPImHeQcsdV4p4oOn2HIe_SzqIg40mOGoSEENz4-rjQrFERKehUO9bkXt6qJ6cJvKKS4YyXLGK8JULpOSA99pnwHBxC31-WXNox-0Xx3PrgNUYfCgci4XgvpROz4OTa3-N7rpJuqgW-i0AxlJvh6Y0rcbHSFVJf0igPbrzPr9m-pMuu55fpLrZhgqgTzo0qATuxDakzEL7HjdosbYtDTGNrW4FogYoWFpgZnlR-7Hgawi_rnwh62DoGW5Y6iuHHeAZ0acftyQ26iffNQ_ohr7mfsWs3zfWYWvQ-Mj-Om26TMaDpwUPTiLEzyFpCa53Qrw0xmobrqE0reFyMrt5w_gfB09mmSBmM3SxlTKte5xAhTkqlBRKjb5EfefbKcqHIBUnGr67FwW4JBTtNw067wadQzIzrFVzkKWhRYhTtHv021M1uXSr_Knyj2e8ERrRgu5MNR5JJ5sjN_c36lQYxC3PtSUXhttpB1wUdFoz4G19i37exF1MhtdZaEfl1NOXJZdfdOL_LuUAvvHVg3rE63LIcEIy40SoqQskdw3YeKyZ5pWs2c4NwjdcvGt4Pto3irt5raQxV-DWD11Xnulfdr9cKBg4Oe9nZ3gBKxUj7q2WCV6wn-mTSK_ezFa6EGgPgH3dBZugNRLcqIzV1M6bp53TkCNVq81AEZER-r_OnxxCjwYK2-Q0XUWlxu4dCvWQ8yP3Z9UKBEpWMsb4zlxAYf7uqOxdEx0czTLjSCAa_ddmsxUrxzlRot81yxilotauwB0Gbs40Y8nBc-EmG--_QFPwB7S0Fqfu1fUr7XZN78HaRGNMCvw-pPwF_k7iMU3jT-ba5xE30Q0XGG6SQDiCB-1k6G4zol_e_cxv_DJsWwiQ5dKlNUIEEUxqyOHFeHmthBMdnTKErMsFHlom9fvbtIi7668HvPeWcgm-2CH8m1OR9WMR03ZMVU1LcBgGtx68wkb1pNwzEDdRT54YHdmTp28z6ylOn0tFM9BsQZJ0kpDVO2aWX5TdhXdSz936WLx7yqTZaqe4yMgk1skJ_-98MkGU0Bgylg5F5H1w7F1pmixYRrRWZZZjggEutknzD52Jb0x-1OXee-xdQFpEbx3UvQYG-74cFKfbYk__CZoQ_7u7q4lkmCOmY6qFwyl5g73ucMK6Zc2SU0HJbVGTLd46qV2UEpYdp1MeutZQciCgxn4mvGzjJ0AI6ZmO3OFv7SIB6GkZ6ngNXwV7NwiK7937J9UYsr81W0c-KzTjPI67a7nNAKT6OSDJTmgEnY-uc-s7MwWCBt8IbklowrTfqK70PR1xoBtRYNelgqIq-CYEAOoe6Y5v17PwJrO0BQ2qeIksU_d4OEWdXicFWGSKKmchUeSbcBHN4Majo-lMfTT4rcsHIaARPxunO9gjgXhEeb9HZzXfOrOJzS7XmyybhgseJMcwUdQcGcCueBlg4YwFFFXwKdzZL8N3aghQ4rLzb2j_iKcCiB64k4bJbjayveZC5k7CZL4xEPODtlYJOS-0FCYtk1Xpv5Jv32Di7jjXuYMhGzsfYr6cQf8kH64LVAaTb9SKCrpWucfp5AADoY4wYXYp0kRmPbhs-tj_t6HfzNxkg_f00GxAtiXinB5P8f0_Ruud7pFouZQpphkJXMotI6UYfQKFuaQB91qOHCLnS9kRxSqqxuRFd8FN8sruyKUoODFDCoSaxCeyuYXn-BEquQHqjFMzyil6qy6VkRkUQrH46QG947oMqTluGwZFkQpAFkD29S6TKTDREKo7UWAsRNXbsUZXzEjQpLuVXSAvQDS_qRIZqF71qaOfJOA7x8yzGvCjRZZSQ7h2-1TEOALFaku3FnL20y0k1elbBry1baAlVIfJxvCo1bi3pHmYplVmFSG9VyzRO3aWokfrkQQV1t2DALfnh8TesIlgqq8NAb_z4nKJh9rWoZ3mHtsPgHdoENLSVTcjg7mYV5GVtqiPXILEKCgldkj3kxaZgz9HzIItldgc55LrtnsU5USbObHKkgHPwBhIO4XIRz7yy6z_dCrKojSscPzlNHo9mVFsmR8Tr6h9Lh1G4xgE0KCycFJnkiG6ia7S9AiQvdCG_SrOWXaFaYNzuwmzUWC-wHtcTpdW5xbNCOqq36kVa_VXFAGo-gg&cid=CAASFeRoFboB-PpqRIZF87-IkAfryovu4A&rfl=1%2Chttps%253A%252F%252Fmedan.tribunnews.com%252F%240
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
209eb7f67a5077440a9c95cb6c70481f18f245cf979e11238a596cfce177d493
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C964 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CB4jfdKdTLXA8rZotArzha2clRsmmw-rPvO6RE6_cqDTm7lOBTn8hdEovwKg7ib9_CkEPnwSdIDoxxLirD2WnCSBJEzSK7rbTcp2pVs7VyTT0hkcg
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame C964 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
411
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Sep 2021 09:35:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C964 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630496346997469"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame C964 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:37:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Sep 2021 09:37:03 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 126C 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQg4LmAhjX8MCzATAB&v=APEucNXrweLHLdKN_buiDVMu169IPjbC1WmQvrswWm1kHgzTqROzRDle7MZyEDvRNq5uY9emKrBOQjFfmK5EJoneO6GmmljaGbmaCb_FClLmDKHe0Qyhvch0wM-GquiJxXRXNJFf5EA7Lu57H7g1_0nSUD2-1_Ua47BPD_rw4JSXRmdluF0N74M
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJKm1AIQg4LmAhjX8MCzATAB&v=APEucNXrweLHLdKN_buiDVMu169IPjbC1WmQvrswWm1kHgzTqROzRDle7MZyEDvRNq5uY9emKrBOQjFfmK5EJoneO6GmmljaGbmaCb_FClLmDKHe0Qyhvch0wM-GquiJxXRXNJFf5EA7Lu57H7g1_0nSUD2-1_Ua47BPD_rw4JSXRmdluF0N74M
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmMmC5lOpfe-Td1Ql_Ua__dE5SyLeBDq25P8Kz1hBa5RBQUuTvdcn1Qzjg4cm4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 05 Sep 2021 09:42:27 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 0B8A 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1095
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7645
x-xss-protection
0
server
cafe
etag
13200147268341533873
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Sep 2021 09:24:12 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/ Frame 0B8A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:40:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2627
x-xss-protection
0
server
cafe
etag
17449454297928180344
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Sep 2021 09:40:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0B8A 		0
107 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2fsqY_jQjbs5dSm28k1LnPH6tTj--1dreIBGx_XNupFK0i4Fwpk9DR06H7Nt0-r01GQVrkkSRLxILWLHrUySLw_yoHUgyL9HyeNFGR4E3kOGQibM4cN0V4ZatdAdMpB2-MN36toI6her_8glFJzyTFhByPOsBJf3b8wWBvvyPegmkVpjHyTNbUm8vqapqa_5It2XoTJMeJUi6fcVMJDOehkL3yufQFvmjEfDXQTmQMD1TSE0LDH5vWWQrtRTvMtlIy0ZChYxgCuEw_OYIwZVvk9cSD68-lcxY8kQNENJH8IHA6Hq1UzTLj5IwX1kR33DmUYTi4sJJx2s1TW1jsmA32fDi9V8K8RX8-yFfyad-XNq-pYPP_tAcw90h108sgd3lkGVIA4Z0wZ-4smsAorzr7jpbqaNAanu5YlfSeNMkbQjNzezRpWAJOp-JmR1qjpY8BjeUnnTAVt8vZJmHF4okON5JbYQ83geqP0TOVBKS_gydtJE1HZaJl3-03SgVYOCbD4xA5k0rdazh1lXKCYy_sgsvg0PHwqoUnle2YuFYY5dqYxvSd529e6SiDUinAnVgfMwPBu7eqdfMdrb89eRdS7ql5Ov_7RbaL7fKE8d8LyFYizgc9vp-f7ay0qP_SNQTeHsjY_h_OvII50qQ_dCNbyN51QlBkFsMR_EShRYVrblla8X-PQMdnFOztG_2vV426qiMC3IrzSUSuO36rH-F6ozQJ9s_j0CryFuHiocKPPPnzVgd6PtKhD_Ekl6qSKuxZ1fkyzwdt9AyBuJK7nTBvy6pDFi7O59jKkD-C8BDVnJfqPqGiGT_MoKnzn3MqUi9O675_PikrqyiluVOhOo9YSeXOTiRgMF8mQTJ1PU0m73i_yk6cCsFudiqALwcrRi9iu-Tf2Ir0mkS2LAZwnbAN5sOGYxSLGIxOurtAaqX_fQkScbTNRawIJFNqvfrXBvykKcJokqt7ADcGI-MEhU6NvaKMEXYDvKJ-Z3-WfDWQAMdgji2bWGLhWl5ZMpO_Xh6m7v_4JZ1BDZN0Yy4kdcYJxBft-TeuK5bFXOPpb11FVhfPbeCE4wMwhB6fdStiZneZ8URUwX2flnG7n0yYvehWA9ioEFegOIE5jzTyw&sai=AMfl-YRl5pX0naCxZs4LMjV3ggsOpLd0QDwtBqmbppacSSJGFb_2p_T-d2Iu-5su8o_T_04BD9bqAAq00UFhSxmxfTWtI21rhHzedpgW85aBXiF6I3N7vBu0HoHBpUdTS4xUjpW4VPS9ps9uD4VzmIScKTd5rSRQ-2nsLIZsnc7V4F9803yBnMAdx7biDCUKgnjZ6qTLbbItNWUCgyKcF1q3LQCOMWE9DcHG4z2P1MA60Xg6K0zbawrBggP89f4uEHBSgDWN7JiwO3CJtgg_HugKvoolKK33PI4quMecNUfV3wFBMGzSighIMcwQKl3T0q1bWV4Ze-Xo_w-JxA9uimUHibRU3DSiL880dYPl7fov4aNeHrntEot2v_8xtfkKks1MMZik9fSD&sig=Cg0ArKJSzPBtKGiR1MTJEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210831.53963&adurl=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 05 Sep 2021 09:42:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0B8A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 21:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Sep 2022 21:00:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B8A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AyVCDlqB9pJXfJAkxqnzxFPiI3JJKIRLzzEmBt1uWE3AQ0Js3_upTpZfCvYWEld9Xecve8pXcJkBOtf4zOUTzXLrbeaEpd_OZJV2Z9x_sA7iY9Y8I
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 0B8A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
411
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Sep 2021 09:35:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B8A 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630496346997469"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 0B8A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:37:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Sep 2021 09:37:03 GMT
l
www.google.com/ads/measurement/ Frame 0B8A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPAD8ALEqaz3vZMO-ZSvzECSQY8OD15-FeMr0YdJ1zmgjS7Fny-YqtUXg-qQojvbC2u1xtlwip9Ti0_DTYJpKRdQLxoA
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
7050846742904454038
s0.2mdn.net/simgad/ Frame 0B8A 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7050846742904454038
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e764e9eeccf27073f8c08f6fb22baf94e5d338a4331b504b9234837512f81147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 14:45:48 GMT
x-content-type-options
nosniff
age
327399
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130512
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 10:12:04 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Sep 2022 14:45:48 GMT
truncated
/ Frame 22F6 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bcc073b4188f7fe715733d4061bdc9be08c3efa394014878f51d5a90f786c9a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7271 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30c3c87bf45743d6480bb3ba55de7e3c7d3ed9217b76b59b839dee9ca61344de

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame C964 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 19:06:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Sep 2021 19:06:49 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210901/r20110914/elements/html/ Frame C964 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210901/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0XCptDeCiqAQttydzMa4Cbfgj9tTMHvj2OojkZkLcSm7EfBK80dTTn02_Oo9YNpvr4ssfb242cErPN5vCGoslnr3ykPbPcwtCd7vy-haLU5Gg7JVkW8QSxvy7t9xzg6pawzzJgLwn8pEKvQwGz8CGtTu1UA&dbm_d=AKAmf-CF_edifPdvYF5-0ey8KysmCkNPCr1taiuJrZOojAPTp2siQTw30Qhr5ufvIDCbVbXhOq0UkVmk631x9Z-x6rAQ_XgRooeGsQcuCPVDmAcJCupAl9AFr4sPijl6h9XHbFVit03v967mElebD_VnwgCLpJTR6QPB0KSVLR_mpdF_cWCihx70aaVQQTdk4GWUGz_gJP5O0b6wUwWbdub7oRfF12DUvIU13egKhK9W-8vBl25UpOp-zc2RNL3HzqF3-LvZllDoMZyOIXZ4Nt2g8ct2kW6Lt-2Ab7rIdiQjLq_o8TcvlGMEN4Zfhjvpq-Uv-_CBKWFRAg5SY7XWkcz-IAdORPbO-OmNGY9i5vAStd8mj6VbhWD90tvQ-wpFm710dyqPKPCe0_luqML3C5kMhdDv5T5lR05iGWwq2wx7-JzJ0Y0Z5IQTjz4YhaiScMce8zNI0-_SuKgs_t81qi-T3U9W0T2O_FdJF2OOBrzMUyqGV60cV_gpUPchv0AfrKeg3Wwwkly19XgalZ1wiVjsNnHsqPSejXiHRijDWWJvk8tZXKyB_qXT0XJ4Krq8VqfIJFRk_8kZzYBP4ESP-wzeDWoqm-YASF1xUvSjK0nA-LaEpJyDAoDzFHeh9jdMeNoL-_YNXGtPyGOTzLHk5GHuaALVkeFPj1aWpO1f393fINniNgeoJzBWW1s2a7WX6tP4TiC_lEYpXA2RPXAMO8YkXxSZdDH3QaGQ35tCTUVX_Q_BNBUyTT16r-4f-FTw3rxVy2zB1ENMdwPX5i9Ii7Nh9tzUJcK3QCmmEFlFNgqOIeADk8qHzuZro3b0w32GirpycbGBQGdtFlP6hEDbhr-tgl20i7ILrLA2UrWEWBphQgaMEx0QiZ5sXHZvHCZv3vj-MP-sNKUS7IikngnsAMElCnqRraOeOJopsDYwiMwE2c7ePkJbNSY7IgrCIBaLxkUe6JdhTZ-8hyPImHeQcsdV4p4oOn2HIe_SzqIg40mOGoSEENz4-rjQrFERKehUO9bkXt6qJ6cJvKKS4YyXLGK8JULpOSA99pnwHBxC31-WXNox-0Xx3PrgNUYfCgci4XgvpROz4OTa3-N7rpJuqgW-i0AxlJvh6Y0rcbHSFVJf0igPbrzPr9m-pMuu55fpLrZhgqgTzo0qATuxDakzEL7HjdosbYtDTGNrW4FogYoWFpgZnlR-7Hgawi_rnwh62DoGW5Y6iuHHeAZ0acftyQ26iffNQ_ohr7mfsWs3zfWYWvQ-Mj-Om26TMaDpwUPTiLEzyFpCa53Qrw0xmobrqE0reFyMrt5w_gfB09mmSBmM3SxlTKte5xAhTkqlBRKjb5EfefbKcqHIBUnGr67FwW4JBTtNw067wadQzIzrFVzkKWhRYhTtHv021M1uXSr_Knyj2e8ERrRgu5MNR5JJ5sjN_c36lQYxC3PtSUXhttpB1wUdFoz4G19i37exF1MhtdZaEfl1NOXJZdfdOL_LuUAvvHVg3rE63LIcEIy40SoqQskdw3YeKyZ5pWs2c4NwjdcvGt4Pto3irt5raQxV-DWD11Xnulfdr9cKBg4Oe9nZ3gBKxUj7q2WCV6wn-mTSK_ezFa6EGgPgH3dBZugNRLcqIzV1M6bp53TkCNVq81AEZER-r_OnxxCjwYK2-Q0XUWlxu4dCvWQ8yP3Z9UKBEpWMsb4zlxAYf7uqOxdEx0czTLjSCAa_ddmsxUrxzlRot81yxilotauwB0Gbs40Y8nBc-EmG--_QFPwB7S0Fqfu1fUr7XZN78HaRGNMCvw-pPwF_k7iMU3jT-ba5xE30Q0XGG6SQDiCB-1k6G4zol_e_cxv_DJsWwiQ5dKlNUIEEUxqyOHFeHmthBMdnTKErMsFHlom9fvbtIi7668HvPeWcgm-2CH8m1OR9WMR03ZMVU1LcBgGtx68wkb1pNwzEDdRT54YHdmTp28z6ylOn0tFM9BsQZJ0kpDVO2aWX5TdhXdSz936WLx7yqTZaqe4yMgk1skJ_-98MkGU0Bgylg5F5H1w7F1pmixYRrRWZZZjggEutknzD52Jb0x-1OXee-xdQFpEbx3UvQYG-74cFKfbYk__CZoQ_7u7q4lkmCOmY6qFwyl5g73ucMK6Zc2SU0HJbVGTLd46qV2UEpYdp1MeutZQciCgxn4mvGzjJ0AI6ZmO3OFv7SIB6GkZ6ngNXwV7NwiK7937J9UYsr81W0c-KzTjPI67a7nNAKT6OSDJTmgEnY-uc-s7MwWCBt8IbklowrTfqK70PR1xoBtRYNelgqIq-CYEAOoe6Y5v17PwJrO0BQ2qeIksU_d4OEWdXicFWGSKKmchUeSbcBHN4Majo-lMfTT4rcsHIaARPxunO9gjgXhEeb9HZzXfOrOJzS7XmyybhgseJMcwUdQcGcCueBlg4YwFFFXwKdzZL8N3aghQ4rLzb2j_iKcCiB64k4bJbjayveZC5k7CZL4xEPODtlYJOS-0FCYtk1Xpv5Jv32Di7jjXuYMhGzsfYr6cQf8kH64LVAaTb9SKCrpWucfp5AADoY4wYXYp0kRmPbhs-tj_t6HfzNxkg_f00GxAtiXinB5P8f0_Ruud7pFouZQpphkJXMotI6UYfQKFuaQB91qOHCLnS9kRxSqqxuRFd8FN8sruyKUoODFDCoSaxCeyuYXn-BEquQHqjFMzyil6qy6VkRkUQrH46QG947oMqTluGwZFkQpAFkD29S6TKTDREKo7UWAsRNXbsUZXzEjQpLuVXSAvQDS_qRIZqF71qaOfJOA7x8yzGvCjRZZSQ7h2-1TEOALFaku3FnL20y0k1elbBry1baAlVIfJxvCo1bi3pHmYplVmFSG9VyzRO3aWokfrkQQV1t2DALfnh8TesIlgqq8NAb_z4nKJh9rWoZ3mHtsPgHdoENLSVTcjg7mYV5GVtqiPXILEKCgldkj3kxaZgz9HzIItldgc55LrtnsU5USbObHKkgHPwBhIO4XIRz7yy6z_dCrKojSscPzlNHo9mVFsmR8Tr6h9Lh1G4xgE0KCycFJnkiG6ia7S9AiQvdCG_SrOWXaFaYNzuwmzUWC-wHtcTpdW5xbNCOqq36kVa_VXFAGo-gg&cid=CAASFeRoFboB-PpqRIZF87-IkAfryovu4A&rfl=1%2Chttps%253A%252F%252Fmedan.tribunnews.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:39:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Sep 2021 09:39:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210901/r20110914/ Frame C964 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210901/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0XCptDeCiqAQttydzMa4Cbfgj9tTMHvj2OojkZkLcSm7EfBK80dTTn02_Oo9YNpvr4ssfb242cErPN5vCGoslnr3ykPbPcwtCd7vy-haLU5Gg7JVkW8QSxvy7t9xzg6pawzzJgLwn8pEKvQwGz8CGtTu1UA&dbm_d=AKAmf-CF_edifPdvYF5-0ey8KysmCkNPCr1taiuJrZOojAPTp2siQTw30Qhr5ufvIDCbVbXhOq0UkVmk631x9Z-x6rAQ_XgRooeGsQcuCPVDmAcJCupAl9AFr4sPijl6h9XHbFVit03v967mElebD_VnwgCLpJTR6QPB0KSVLR_mpdF_cWCihx70aaVQQTdk4GWUGz_gJP5O0b6wUwWbdub7oRfF12DUvIU13egKhK9W-8vBl25UpOp-zc2RNL3HzqF3-LvZllDoMZyOIXZ4Nt2g8ct2kW6Lt-2Ab7rIdiQjLq_o8TcvlGMEN4Zfhjvpq-Uv-_CBKWFRAg5SY7XWkcz-IAdORPbO-OmNGY9i5vAStd8mj6VbhWD90tvQ-wpFm710dyqPKPCe0_luqML3C5kMhdDv5T5lR05iGWwq2wx7-JzJ0Y0Z5IQTjz4YhaiScMce8zNI0-_SuKgs_t81qi-T3U9W0T2O_FdJF2OOBrzMUyqGV60cV_gpUPchv0AfrKeg3Wwwkly19XgalZ1wiVjsNnHsqPSejXiHRijDWWJvk8tZXKyB_qXT0XJ4Krq8VqfIJFRk_8kZzYBP4ESP-wzeDWoqm-YASF1xUvSjK0nA-LaEpJyDAoDzFHeh9jdMeNoL-_YNXGtPyGOTzLHk5GHuaALVkeFPj1aWpO1f393fINniNgeoJzBWW1s2a7WX6tP4TiC_lEYpXA2RPXAMO8YkXxSZdDH3QaGQ35tCTUVX_Q_BNBUyTT16r-4f-FTw3rxVy2zB1ENMdwPX5i9Ii7Nh9tzUJcK3QCmmEFlFNgqOIeADk8qHzuZro3b0w32GirpycbGBQGdtFlP6hEDbhr-tgl20i7ILrLA2UrWEWBphQgaMEx0QiZ5sXHZvHCZv3vj-MP-sNKUS7IikngnsAMElCnqRraOeOJopsDYwiMwE2c7ePkJbNSY7IgrCIBaLxkUe6JdhTZ-8hyPImHeQcsdV4p4oOn2HIe_SzqIg40mOGoSEENz4-rjQrFERKehUO9bkXt6qJ6cJvKKS4YyXLGK8JULpOSA99pnwHBxC31-WXNox-0Xx3PrgNUYfCgci4XgvpROz4OTa3-N7rpJuqgW-i0AxlJvh6Y0rcbHSFVJf0igPbrzPr9m-pMuu55fpLrZhgqgTzo0qATuxDakzEL7HjdosbYtDTGNrW4FogYoWFpgZnlR-7Hgawi_rnwh62DoGW5Y6iuHHeAZ0acftyQ26iffNQ_ohr7mfsWs3zfWYWvQ-Mj-Om26TMaDpwUPTiLEzyFpCa53Qrw0xmobrqE0reFyMrt5w_gfB09mmSBmM3SxlTKte5xAhTkqlBRKjb5EfefbKcqHIBUnGr67FwW4JBTtNw067wadQzIzrFVzkKWhRYhTtHv021M1uXSr_Knyj2e8ERrRgu5MNR5JJ5sjN_c36lQYxC3PtSUXhttpB1wUdFoz4G19i37exF1MhtdZaEfl1NOXJZdfdOL_LuUAvvHVg3rE63LIcEIy40SoqQskdw3YeKyZ5pWs2c4NwjdcvGt4Pto3irt5raQxV-DWD11Xnulfdr9cKBg4Oe9nZ3gBKxUj7q2WCV6wn-mTSK_ezFa6EGgPgH3dBZugNRLcqIzV1M6bp53TkCNVq81AEZER-r_OnxxCjwYK2-Q0XUWlxu4dCvWQ8yP3Z9UKBEpWMsb4zlxAYf7uqOxdEx0czTLjSCAa_ddmsxUrxzlRot81yxilotauwB0Gbs40Y8nBc-EmG--_QFPwB7S0Fqfu1fUr7XZN78HaRGNMCvw-pPwF_k7iMU3jT-ba5xE30Q0XGG6SQDiCB-1k6G4zol_e_cxv_DJsWwiQ5dKlNUIEEUxqyOHFeHmthBMdnTKErMsFHlom9fvbtIi7668HvPeWcgm-2CH8m1OR9WMR03ZMVU1LcBgGtx68wkb1pNwzEDdRT54YHdmTp28z6ylOn0tFM9BsQZJ0kpDVO2aWX5TdhXdSz936WLx7yqTZaqe4yMgk1skJ_-98MkGU0Bgylg5F5H1w7F1pmixYRrRWZZZjggEutknzD52Jb0x-1OXee-xdQFpEbx3UvQYG-74cFKfbYk__CZoQ_7u7q4lkmCOmY6qFwyl5g73ucMK6Zc2SU0HJbVGTLd46qV2UEpYdp1MeutZQciCgxn4mvGzjJ0AI6ZmO3OFv7SIB6GkZ6ngNXwV7NwiK7937J9UYsr81W0c-KzTjPI67a7nNAKT6OSDJTmgEnY-uc-s7MwWCBt8IbklowrTfqK70PR1xoBtRYNelgqIq-CYEAOoe6Y5v17PwJrO0BQ2qeIksU_d4OEWdXicFWGSKKmchUeSbcBHN4Majo-lMfTT4rcsHIaARPxunO9gjgXhEeb9HZzXfOrOJzS7XmyybhgseJMcwUdQcGcCueBlg4YwFFFXwKdzZL8N3aghQ4rLzb2j_iKcCiB64k4bJbjayveZC5k7CZL4xEPODtlYJOS-0FCYtk1Xpv5Jv32Di7jjXuYMhGzsfYr6cQf8kH64LVAaTb9SKCrpWucfp5AADoY4wYXYp0kRmPbhs-tj_t6HfzNxkg_f00GxAtiXinB5P8f0_Ruud7pFouZQpphkJXMotI6UYfQKFuaQB91qOHCLnS9kRxSqqxuRFd8FN8sruyKUoODFDCoSaxCeyuYXn-BEquQHqjFMzyil6qy6VkRkUQrH46QG947oMqTluGwZFkQpAFkD29S6TKTDREKo7UWAsRNXbsUZXzEjQpLuVXSAvQDS_qRIZqF71qaOfJOA7x8yzGvCjRZZSQ7h2-1TEOALFaku3FnL20y0k1elbBry1baAlVIfJxvCo1bi3pHmYplVmFSG9VyzRO3aWokfrkQQV1t2DALfnh8TesIlgqq8NAb_z4nKJh9rWoZ3mHtsPgHdoENLSVTcjg7mYV5GVtqiPXILEKCgldkj3kxaZgz9HzIItldgc55LrtnsU5USbObHKkgHPwBhIO4XIRz7yy6z_dCrKojSscPzlNHo9mVFsmR8Tr6h9Lh1G4xgE0KCycFJnkiG6ia7S9AiQvdCG_SrOWXaFaYNzuwmzUWC-wHtcTpdW5xbNCOqq36kVa_VXFAGo-gg&cid=CAASFeRoFboB-PpqRIZF87-IkAfryovu4A&rfl=1%2Chttps%253A%252F%252Fmedan.tribunnews.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9263
x-xss-protection
0
server
cafe
etag
16747441857000454541
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Sep 2021 09:02:27 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AE9C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 04 Sep 2021 13:40:05 GMT
expires
Sun, 04 Sep 2022 13:40:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
72142
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 0B8A 		0
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2fsqY_jQjbs5dSm28k1LnPH6tTj--1dreIBGx_XNupFK0i4Fwpk9DR06H7Nt0-r01GQVrkkSRLxILWLHrUySLw_yoHUgyL9HyeNFGR4E3kOGQibM4cN0V4ZatdAdMpB2-MN36toI6her_8glFJzyTFhByPOsBJf3b8wWBvvyPegmkVpjHyTNbUm8vqapqa_5It2XoTJMeJUi6fcVMJDOehkL3yufQFvmjEfDXQTmQMD1TSE0LDH5vWWQrtRTvMtlIy0ZChYxgCuEw_OYIwZVvk9cSD68-lcxY8kQNENJH8IHA6Hq1UzTLj5IwX1kR33DmUYTi4sJJx2s1TW1jsmA32fDi9V8K8RX8-yFfyad-XNq-pYPP_tAcw90h108sgd3lkGVIA4Z0wZ-4smsAorzr7jpbqaNAanu5YlfSeNMkbQjNzezRpWAJOp-JmR1qjpY8BjeUnnTAVt8vZJmHF4okON5JbYQ83geqP0TOVBKS_gydtJE1HZaJl3-03SgVYOCbD4xA5k0rdazh1lXKCYy_sgsvg0PHwqoUnle2YuFYY5dqYxvSd529e6SiDUinAnVgfMwPBu7eqdfMdrb89eRdS7ql5Ov_7RbaL7fKE8d8LyFYizgc9vp-f7ay0qP_SNQTeHsjY_h_OvII50qQ_dCNbyN51QlBkFsMR_EShRYVrblla8X-PQMdnFOztG_2vV426qiMC3IrzSUSuO36rH-F6ozQJ9s_j0CryFuHiocKPPPnzVgd6PtKhD_Ekl6qSKuxZ1fkyzwdt9AyBuJK7nTBvy6pDFi7O59jKkD-C8BDVnJfqPqGiGT_MoKnzn3MqUi9O675_PikrqyiluVOhOo9YSeXOTiRgMF8mQTJ1PU0m73i_yk6cCsFudiqALwcrRi9iu-Tf2Ir0mkS2LAZwnbAN5sOGYxSLGIxOurtAaqX_fQkScbTNRawIJFNqvfrXBvykKcJokqt7ADcGI-MEhU6NvaKMEXYDvKJ-Z3-WfDWQAMdgji2bWGLhWl5ZMpO_Xh6m7v_4JZ1BDZN0Yy4kdcYJxBft-TeuK5bFXOPpb11FVhfPbeCE4wMwhB6fdStiZneZ8URUwX2flnG7n0yYvehWA9ioEFegOIE5jzTyw&sai=AMfl-YRl5pX0naCxZs4LMjV3ggsOpLd0QDwtBqmbppacSSJGFb_2p_T-d2Iu-5su8o_T_04BD9bqAAq00UFhSxmxfTWtI21rhHzedpgW85aBXiF6I3N7vBu0HoHBpUdTS4xUjpW4VPS9ps9uD4VzmIScKTd5rSRQ-2nsLIZsnc7V4F9803yBnMAdx7biDCUKgnjZ6qTLbbItNWUCgyKcF1q3LQCOMWE9DcHG4z2P1MA60Xg6K0zbawrBggP89f4uEHBSgDWN7JiwO3CJtgg_HugKvoolKK33PI4quMecNUfV3wFBMGzSighIMcwQKl3T0q1bWV4Ze-Xo_w-JxA9uimUHibRU3DSiL880dYPl7fov4aNeHrntEot2v_8xtfkKks1MMZik9fSD&sig=Cg0ArKJSzPBtKGiR1MTJEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=132&vt=11&dtpt=132&dett=2&cstd=0&cisv=r20210831.53963&adurl=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7271 		346 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: universal.jixie.io
URL: https://universal.jixie.io/js/jxvideo.1.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a876f6cbd09c5f245491f6877db2a6bb7faa356893ae8a5f8881b2ad6c64212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121776
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:27 GMT
rum
dsum-sec.casalemedia.com/ Frame E847
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4aTvAhi7392sATAB&v=APEucNXk2ocQooGl_ghdnjbZmY0ilpys59NbtMgQP3IaTWYCrtva5_f5eESRTHFdPsdAKqFlx1veXuyiNhps2OUm_Lx4lgUWRQYhk41sZ60tBQMWcYdnUkHTvDlMayuNGj2dgHm5XJcxeRmR-yMu46LXCDxKe21YGv4R2CQSRpynCMcRLUhvpOw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 05 Sep 2021 09:42:27 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Sun, 05 Sep 2021 09:42:27 GMT
rum
dsum-sec.casalemedia.com/ Frame E847
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YTSRAxtJD9OH08jKu5I7aAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4aTvAhi7392sATAB&v=APEucNXk2ocQooGl_ghdnjbZmY0ilpys59NbtMgQP3IaTWYCrtva5_f5eESRTHFdPsdAKqFlx1veXuyiNhps2OUm_Lx4lgUWRQYhk41sZ60tBQMWcYdnUkHTvDlMayuNGj2dgHm5XJcxeRmR-yMu46LXCDxKe21YGv4R2CQSRpynCMcRLUhvpOw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 05 Sep 2021 09:42:27 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E847
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIMfbG47j8T9Yjq3BMaBgj0&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIMfbG47j8T9Yjq3BMaBgj0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4aTvAhi7392sATAB&v=APEucNXk2ocQooGl_ghdnjbZmY0ilpys59NbtMgQP3IaTWYCrtva5_f5eESRTHFdPsdAKqFlx1veXuyiNhps2OUm_Lx4lgUWRQYhk41sZ60tBQMWcYdnUkHTvDlMayuNGj2dgHm5XJcxeRmR-yMu46LXCDxKe21YGv4R2CQSRpynCMcRLUhvpOw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
bb8580ed-31df-493e-a132-20b2f37753b8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIMfbG47j8T9Yjq3BMaBgj0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E847
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQwMjkzNTc4ODk1Mjk4MzY2OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQwMjkzNTc4ODk1Mjk4MzY2OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4aTvAhi7392sATAB&v=APEucNXk2ocQooGl_ghdnjbZmY0ilpys59NbtMgQP3IaTWYCrtva5_f5eESRTHFdPsdAKqFlx1veXuyiNhps2OUm_Lx4lgUWRQYhk41sZ60tBQMWcYdnUkHTvDlMayuNGj2dgHm5XJcxeRmR-yMu46LXCDxKe21YGv4R2CQSRpynCMcRLUhvpOw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
18a6028f-6a4b-478a-9c0e-6ea5cae54c3b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQwMjkzNTc4ODk1Mjk4MzY2OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 126C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQg4LmAhjX8MCzATAB&v=APEucNXrweLHLdKN_buiDVMu169IPjbC1WmQvrswWm1kHgzTqROzRDle7MZyEDvRNq5uY9emKrBOQjFfmK5EJoneO6GmmljaGbmaCb_FClLmDKHe0Qyhvch0wM-GquiJxXRXNJFf5EA7Lu57H7g1_0nSUD2-1_Ua47BPD_rw4JSXRmdluF0N74M
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 05 Sep 2021 09:42:27 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Sun, 05 Sep 2021 09:42:27 GMT
rum
dsum-sec.casalemedia.com/ Frame 126C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YTSRAyxbDfadm8mvLoJUGwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQg4LmAhjX8MCzATAB&v=APEucNXrweLHLdKN_buiDVMu169IPjbC1WmQvrswWm1kHgzTqROzRDle7MZyEDvRNq5uY9emKrBOQjFfmK5EJoneO6GmmljaGbmaCb_FClLmDKHe0Qyhvch0wM-GquiJxXRXNJFf5EA7Lu57H7g1_0nSUD2-1_Ua47BPD_rw4JSXRmdluF0N74M
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 05 Sep 2021 09:42:27 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECU-vatt5raLgMkn4ST7BjA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 126C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIMfbG47j8T9Yjq3BMaBgj0&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIMfbG47j8T9Yjq3BMaBgj0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQg4LmAhjX8MCzATAB&v=APEucNXrweLHLdKN_buiDVMu169IPjbC1WmQvrswWm1kHgzTqROzRDle7MZyEDvRNq5uY9emKrBOQjFfmK5EJoneO6GmmljaGbmaCb_FClLmDKHe0Qyhvch0wM-GquiJxXRXNJFf5EA7Lu57H7g1_0nSUD2-1_Ua47BPD_rw4JSXRmdluF0N74M
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5df28942-ef9c-4092-901d-905c92e53262
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIMfbG47j8T9Yjq3BMaBgj0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 126C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQwMjkzNTc4ODk1Mjk4MzY2OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQwMjkzNTc4ODk1Mjk4MzY2OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQg4LmAhjX8MCzATAB&v=APEucNXrweLHLdKN_buiDVMu169IPjbC1WmQvrswWm1kHgzTqROzRDle7MZyEDvRNq5uY9emKrBOQjFfmK5EJoneO6GmmljaGbmaCb_FClLmDKHe0Qyhvch0wM-GquiJxXRXNJFf5EA7Lu57H7g1_0nSUD2-1_Ua47BPD_rw4JSXRmdluF0N74M
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:27 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
7cab76c7-451c-479c-9db0-a0c41b8b900f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQwMjkzNTc4ODk1Mjk4MzY2OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 0B8A 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
078977f8339a2778de55c4732c1e03bc5cf1894ce6b531adce7100fbfa980699

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 7271 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQ2waGxLtt4SbO2eozH2S-9QPo95WPB6UWYk39m1RqCnpz2EdoWYbZrZ2QkrRNbsPuCKJSsyt8ij1UNuzja_7Ht9HxhQs_89bWi_qFYz78n-2f1CwHlr82GDb36QEkt0X38zbHHbwCU-3CRZ9V7SP_cV_RVR0wbU8eq76SON1jszp84Ty0nLIIKNL_AnmndASqe2HfucflpSpZrn6eaCih87z57fvtsd7YNvYHdSOQ9tchr_5aZTy9LPKjLnecmE9ic8qXwOYZvfnaW8Cb6JHw7FNXDsVfQr_C8kJmkfROPmpLjv8zE2SqZfxNpzY2QVm1D4BFM5c&sai=AMfl-YRe630BD_obv4nUGNhpTPnf9RsaoFqkWrbkJ7nZzKeZa_89LoyU2n-VQfTP81k4-5N39K_T0jZ5hQ2XlQS1LioD_64EMBO54DnpOYn7EOQeM8znMMTrk_N2H0beBpsB&sig=Cg0ArKJSzJr1pdr3TvOjEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 05 Sep 2021 09:42:27 GMT
index.html
s0.2mdn.net/9957158/1622818134107/Template_160x600/ Frame 3D8A 		86 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10e8cc21c2a2cb67e7dc9c0f9dee955639fc32a1154a9ee7675741f00c81e944
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9957158/1622818134107/Template_160x600/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
22571
date
Sat, 04 Sep 2021 13:34:38 GMT
expires
Sun, 05 Sep 2021 13:34:38 GMT
last-modified
Fri, 04 Jun 2021 14:48:54 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
72469
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame C964 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqUqH4Cbqa9YW4zWB7O9sq32itG0hM_FDhrdd6rrWK3MHSiVOdZoJkyA3QiVkHzFnGfj0tcj-TUftd78cTwF-xF5KkVJ6eIvbVG0d1W92SpetLIQ3baoTOWPoGS-6AjMC0lGISz5GwPSmm1Jsh_IU2z9iP5ynGzujGZ6rMUT9kU7dg4nE83WP1Esz45mFV50eUnAF6ewb6FoZiFwyCGm9Eh-P_GDk-AYlqZXBWxN1ETFoHg8TDPToHXxCvdTNqjxpN7H1MLRF6knsDtAfyPhJL-G_0wislWvOuCyIVOhEEG8IzZ2hWLbkwvufW81uN2gJmb_djUKvUJGk5CLm6XooEHUr4pb4H1Pic8t-msuPiFnGLIu9m96BmEXfz1WOKxnvznEOdTaqrehfKw1WPFgYR-WqEERewhdyvXz7AYdOdfROy6bEmYJUqNbi7bCL_59sSkCY5-PyOWCR7w4MfvzMq82zJB6OiV0NsCQ3Fbe27wufNEf1G5HnQoqQyMXNsuaBqGT1Zo7FCWwdkg1vw0ITnLfQ4qXHMQObTsXijDZ2SHyuCQcEef7v7xFyUd4ILMiHa2UmS8g3rFVwpoYgjM4ipRhzNThAUudhlgLMbuAHYPE5PvJxSJl6Z0gW0PekZ7SsON7J2S25mCa-fxbEaIAxn9MLCWkmW2sk1f8AIdLqCgqV1WtwgPggrItKRmol7H1GyKK38ivrQTtYi_ELd2Gm117ooCvjFgwltY5qpjHQJI4b7a9tklHpH0t01MLuwn0-gwJmThXoi9QiuFgqlP_exHt3Q1Bt5oijqNl6_h2VB22rUZVPEOSOE1nwuOFmFYo6FF0tFLiMiIHe3_zoq1mvrQxLzwc8FjMG-6k0foHkvgA_Wus46ETv9rzyKZMNobm1f8aEj_705BPR6l6NrX7BBVE7eDG4wWn3qEfWf0N1lHJNppB59ru8JkBYC4pKe9MqzmAd1rqJhegAtgfUeM9v4eryYabft8eLplQkahSiDfw0NCACThAyIwj6qQlsuD1sgsqB85YqlEPe9Q5bnQa-It6WqvsvT-2lNw-qVwDt1xrMw6fp0cTT3JwbHtGs193hcc0bZGjEYn7-wAwYXjkTN7OyjmUeNeaN7BUeWthOVDJMPpfWfwfGlBdGty9NE8gi5x5GUe8Y3s8cil-ja&sai=AMfl-YRlX2jkhDMUustCVsF2jUbcd83ST3KOy0SlPgY3A6ZVzHBMKvaL2Wth5a0Lt31qBWUmGN3RgDW3MgN0a85WKohj-78aABEluT05cd8KY_1H9WSwEw-92aGes71DDJAN96qJZBsJmmHk6o464e0umY6SVYS1eoQMwsawFHM&sig=Cg0ArKJSzId3dl45K0YTEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cstd=89&cisv=r20210901.67416&adurl=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 05 Sep 2021 09:42:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C964 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 21:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Sep 2022 21:00:57 GMT
truncated
/ Frame C964 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b63001737278bd7ed52993c7eab5bc1924d134f2f2103dc96e8d164cfab2c8a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
bridge3.478.2_en.html
imasdk.googleapis.com/js/core/ Frame 2AF7 		574 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ba74b0b7223564fe5de95a05498160da36162274673a6c4583a757d233c41b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.478.2_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medan.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192508
date
Fri, 03 Sep 2021 19:55:47 GMT
expires
Sat, 03 Sep 2022 19:55:47 GMT
last-modified
Fri, 03 Sep 2021 19:50:18 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
136000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 7271 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:27 GMT
defaultloading.png
adsimg.kompas.com/html5/assets_ads/inslider/update/image/ Frame 7271 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adsimg.kompas.com/html5/assets_ads/inslider/update/image/defaultloading.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-2.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3c30147f898492172686ccaad23f1bf4d112f501b4cf55f20388db5253622ad5

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 01:38:26 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
last-modified
Thu, 30 Apr 2020 04:41:06 GMT
server
nginx
age
288240
etag
"5eaa56e2-1d00"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
7424
x-amz-cf-id
KkIAR7boPohMIPzFdp-dOBgRu15pqMY4oTf1Gab5yxSnfHMTriRIRw==
expires
Fri, 02 Sep 2022 01:38:26 GMT
integrator.js
adservice.google.com/adsid/ Frame 7271 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=medan.tribunnews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1E3A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 04 Sep 2021 13:40:05 GMT
expires
Sun, 04 Sep 2022 13:40:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
72142
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_KGu62JP3w4V72mm3cmDaqkgOPwqP-vkWuOQlm7wfU0.js
pagead2.googlesyndication.com/bg/ Frame AE9C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_KGu62JP3w4V72mm3cmDaqkgOPwqP-vkWuOQlm7wfU0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fca1aeeb624fdf0e15ef69a6ddc9836aa92038fc2a3febe45ae390966ef07d4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 15:27:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
411291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13240
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 12:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 15:27:36 GMT
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 3D8A 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 19:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51968
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Sep 2021 19:16:19 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 646B 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 05 Sep 2021 10:41:24 GMT
tribunnews.com.1178609.es6.js
jsc.mgid.com/t/r/ Frame 22F6 		242 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/r/tribunnews.com.1178609.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178609.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
387b9045520dba71aee09805912f3e795b219582055cf207743d81d3d9d77619

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:27 GMT
content-encoding
br
cf-cache-status
HIT
age
6851
last-modified
Mon, 30 Aug 2021 08:37:29 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
C971TWCGXSCSG05P
x-amz-id-2
HOYGT1M45ok2elultQAxB9zkVk0xfNohMutzwmF8zMsTs6tNS2fvo00D0Hjdf5lQu0j51uVPNtM=
cf-bgj
minify
server
cloudflare
etag
W/"838fafc4a343bfa7adc9ce23bf5afcbb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
689e81f69ab2425a-AMS
expires
Sun, 05 Sep 2021 12:42:27 GMT
null
s0.2mdn.net/9957158/1622818134107/Template_160x600/ Frame 3D8A 		43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9957158/1622818134107/Template_160x600/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:28 GMT
x-content-type-options
nosniff
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:57:28 GMT
WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js
pagead2.googlesyndication.com/bg/ Frame 1E3A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 08:42:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
3582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13351
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 12:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 08:42:45 GMT
overlay.png
s0.2mdn.net/9957158/1622818134107/Template_160x600/ Frame 3D8A 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9957158/1622818134107/Template_160x600/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d543e0938a92f50488bf5895451508ca03e18dfa31306268a1fa606788b9c060
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 06:19:48 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 14:48:54 GMT
server
sffe
age
12159
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24835
x-xss-protection
0
expires
Mon, 06 Sep 2021 06:19:48 GMT
texture1.jpg
s0.2mdn.net/9957158/1622818134107/Template_160x600/ Frame 3D8A 		395 KB
395 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9957158/1622818134107/Template_160x600/texture1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a98a608e9ac0e6a7ac95ed570a1f6f854827d472bd69a78c70f2585250aac26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 14:39:36 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 14:48:54 GMT
server
sffe
age
68571
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
404787
x-xss-protection
0
expires
Sun, 05 Sep 2021 14:39:36 GMT
video
ad.jixie.io/v1/ Frame 2AF7 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.jixie.io/v1/video?source=sdk&domain=jixie.io&creativeid=1437
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.121.89 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-121-89.ap-southeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
b602d69bfdce14a18bfbcabf503f9bc7a2498fbf6b792573d50fb29f4deacf34

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:28 GMT
content-encoding
gzip
x-powered-by
Express
etag
9445c3c0-0e2d-11ec-9b7e-f511fedb537d
vary
Accept-Encoding
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame 22F6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgvvIxG6BdOUMwmrZns6KtEsTzrwOc7i3di9WonldhPg2rJ6D0ScdXPNm-D6Ps7lcmqQk9wvbFCoJ2NzcPNfdp1DVGClnDj6qrsJWRjXhFeRNOaWN7JorKW_-zItDUffd1flSyzj7Ozaz2CdqJMvnRw5hQbLCEmdVv8IQ4RZ88i45RbdKvsdWy9nPX_PxF2ilXqCpSLfrm4qePu4cIXTqLvjE1C4FD6BjdLoNBFCT5c6fvyjiNZPkiEHqGY8sXkoR1HSw3hYuwkHeHjiA7Ix5A9a6fLqHlcpFNrohpobSazYv3pSFexUchblG2d3tEjFhB9NWZZa3_&sai=AMfl-YQLzfAq6HgIRoh8e3296jCE8uRmSjEJxT5DbxQenK-KvIdw3qJ0XN-rrv_o1UkgxYkeDl-TYrGO4trwkpxlDz2ogVQTuXM8A8Vns91ueBFVEJRfJz1r1FgbZqVsqOuj&sig=Cg0ArKJSzJDb93gs2ogMEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 05 Sep 2021 09:42:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE9C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8iqDApE0YYLaMNbjgQfy_rtgAAAAADgB4AQC&bg=!q6ilqOzNAAYJpm41CaY7ACkAdvg8Wv0eXY466QZkgFz6yF9L_jLkZffOe3bknPZYkU1ai3QODFWXMwIAAAEtUgAAABdoAQeZAsrXTPU7aQUC1edb-OETrKzzMLtEhVtAvmz0eUPh3-NmBNOcWDM9hiQ4Jqy8aMHn6RUrizcp082Js0d0Z4bW9bLfBVpadZgt6KWST5k3bED0RvTuxX8TQ7q7qbJh-3Y3-HvN-yy00G3S-P2LVcbVYG1f-rJkfaDJPOhMqg9rC_RaKeVp3u57Vied5hSuus_rGHmxNmQo170AAcsgAkY4IJJcK7g6nj12lUzmpg9UzovzwWmKr9cReVZBOTESLR-xUSayzKCI3C0jGC77Bx1pyUt1yKYiZp4MNk7Wzt2WGuMfA19_IE6ecsM1_vgkg5u7T4HTV0pEqAvtdASVeLfPaF8gMkcIErTnOkJJxPdeFNna2Usyt1HNGzRk2w_j5YuCgpoDqqYpvjFAVhBIk4J2Bt2GbjZmH7qX0uBNWkveCLx4Jlwi6wkYcziT7NXgHe2dJ7-IqAgbizfEJ7luq0WUyUxAr6cRK0e-Oeh72JMWNaFugTJGI3lFjZP_auZun_gyg0ikWlRYCgIea1ZnA0c6_AffdU0laKZKUVBXRhuT_nWS7CyYvUAjpf4q9di68Cxh_1JO-J8gXBOi6g9vXx3pjYqajzn8ce931IQHe0UCOisvhfLmCMp6Ger-OxYsfo4z7w2_VPrXscvtTC7ffEBSGoURFRhDjJ-vP9GioCJRtx8VV3v9nFiRXQBzJ06gwfUuBJ7sGIyh4v3mehluwDylU5OCJEOFJrJanVIu_clbUySyTFlV3xr3niMvmfbD4p2WLdaGygvm2iblQB3oRyVhowZ_lLqkgbutGMrzu6KY3jTi1DitjPzh_Kxlz4HMzvfZ06NR4lU2mg182mfyfT33SB1S9pgTvrdGYGgC7HC1I9D5PqraZLJjAxfxJPVw_9U6iv81qLHIbA0u1_2EJckAksv7hHw-B2kK7jS1XzVA9oJ466hScqDY9RuO2Nc
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E3A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDcLGA5E0YfLhD8rK7_UPms-HoAkAAAAAOAHgBAI&bg=!8POl87fNAAYJpm41CaY7ACkAdvg8WjZku3E5o-hK-wSd2K5XKSU83dXsE1Rc3L-n4x6FFPHBpM5iJQIAAAC_UgAAAA1oAQeZAsyHqCCX47upeK8fbXMTXAstdnlM-4WUrwk8S5bmP4euAZA1hc8iukkB6Oa5momvgFWTgWQt6MNORjNvzEQ_9JSGGmRsrWgW5yZ04tas5zL_ENtC4alhU6PC6SlRi-yJucYwMrdsXnFcePxC75MZ6pQzyFpvF7CGbYy3MvF-RijfJ4a-CTHYwdTSW9_iZUMguLfSVfKdwRz7SPsBMDr-F6r6vgW1ZJbWs7QuSim29pC2_V5QxLHgNOqKvI_w0i63gjnAaWd6d-cb1QB_frUyffzTz8TwQCmD2vObg-4Wi0eFHURqqdeuQv4OAAEPwOMkuWbCWDhsZDZMP3J4-JpAgEL5kJLCLrP9RxtdEvNF97zaj_dta9mrg4gf862zfy4VxcBqIKsbjnVtrcN7gMAe2NnW-wwSmtU5wawqhfZSbhOZm85OH6Gdz75SpJPX46lCdxbWsIh9oyxHxjzVcW0JqqWrwVOuFljiE4v3ZgjfFPGrTdBeqyIKFGtO4Fd2RFJGLYRHa1vgdY9Wbuu5P8Yobzj8uCVif-y9DvzKCIIOCDfpyJnMGOkce3h-igAlhdpNXZ8wrIICyyvRUR7SaMLervzM3WisOdSh92UMg55a7jlQ5m_qANENOnxFoK25HW1r6WLBV6_OXsAu0pd9cuRK6nXRvcNXoSN8itkWiIpQHtwlmkR1vVQxCmrw8uwVhkxSTBuruaxoFRTK3wDLdEutqYylSgWrkd6nKhM1ewP-r4nrRjFEtWvIm3TJquSdlJNzKWfzHczCM9CHONpf51hE3mbaJ06bv2WtXOoRZQRR8UX-0ONZ_H64XQTKWOx4L7y_m7q5LVE5FaLil8MKbiLmBMR1k2GRVSdqnXWsB9Eh2UrZCfuBdvn9dt38wuU_xJ7SNtbTQFMIyl1DvyzpEnLh-voZoOb6Fw28O5MPwceRG5NSazdd3rT-kZtVYd2tug
Requested by
Host: 4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
URL: https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.mgid.com/pv/ Frame 22F6 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1630834948063722636023&uniqId=12bc9&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fmedan.tribunnews.com%2F&lu=https%3A%2F%2Fmedan.tribunnews.com%2F&sessionId=61349104-04030&pageView=1&pvid=17bb55677e0a9496cf0&site=535833&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178609.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
689e81f97bf5d911-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/ Frame 22F6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:28 GMT
content-encoding
br
cf-cache-status
HIT
age
5603
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
26D5PESFJ3W3C6DA
x-amz-id-2
eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
689e81f99c08d911-AMS
expires
Mon, 06 Sep 2021 09:42:28 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 22F6 		836 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:28 GMT
content-encoding
br
cf-cache-status
HIT
age
86
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
689e81f99c09d911-AMS
expires
Mon, 06 Sep 2021 09:42:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C964 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqUqH4Cbqa9YW4zWB7O9sq32itG0hM_FDhrdd6rrWK3MHSiVOdZoJkyA3QiVkHzFnGfj0tcj-TUftd78cTwF-xF5KkVJ6eIvbVG0d1W92SpetLIQ3baoTOWPoGS-6AjMC0lGISz5GwPSmm1Jsh_IU2z9iP5ynGzujGZ6rMUT9kU7dg4nE83WP1Esz45mFV50eUnAF6ewb6FoZiFwyCGm9Eh-P_GDk-AYlqZXBWxN1ETFoHg8TDPToHXxCvdTNqjxpN7H1MLRF6knsDtAfyPhJL-G_0wislWvOuCyIVOhEEG8IzZ2hWLbkwvufW81uN2gJmb_djUKvUJGk5CLm6XooEHUr4pb4H1Pic8t-msuPiFnGLIu9m96BmEXfz1WOKxnvznEOdTaqrehfKw1WPFgYR-WqEERewhdyvXz7AYdOdfROy6bEmYJUqNbi7bCL_59sSkCY5-PyOWCR7w4MfvzMq82zJB6OiV0NsCQ3Fbe27wufNEf1G5HnQoqQyMXNsuaBqGT1Zo7FCWwdkg1vw0ITnLfQ4qXHMQObTsXijDZ2SHyuCQcEef7v7xFyUd4ILMiHa2UmS8g3rFVwpoYgjM4ipRhzNThAUudhlgLMbuAHYPE5PvJxSJl6Z0gW0PekZ7SsON7J2S25mCa-fxbEaIAxn9MLCWkmW2sk1f8AIdLqCgqV1WtwgPggrItKRmol7H1GyKK38ivrQTtYi_ELd2Gm117ooCvjFgwltY5qpjHQJI4b7a9tklHpH0t01MLuwn0-gwJmThXoi9QiuFgqlP_exHt3Q1Bt5oijqNl6_h2VB22rUZVPEOSOE1nwuOFmFYo6FF0tFLiMiIHe3_zoq1mvrQxLzwc8FjMG-6k0foHkvgA_Wus46ETv9rzyKZMNobm1f8aEj_705BPR6l6NrX7BBVE7eDG4wWn3qEfWf0N1lHJNppB59ru8JkBYC4pKe9MqzmAd1rqJhegAtgfUeM9v4eryYabft8eLplQkahSiDfw0NCACThAyIwj6qQlsuD1sgsqB85YqlEPe9Q5bnQa-It6WqvsvT-2lNw-qVwDt1xrMw6fp0cTT3JwbHtGs193hcc0bZGjEYn7-wAwYXjkTN7OyjmUeNeaN7BUeWthOVDJMPpfWfwfGlBdGty9NE8gi5x5GUe8Y3s8cil-ja&sai=AMfl-YRlX2jkhDMUustCVsF2jUbcd83ST3KOy0SlPgY3A6ZVzHBMKvaL2Wth5a0Lt31qBWUmGN3RgDW3MgN0a85WKohj-78aABEluT05cd8KY_1H9WSwEw-92aGes71DDJAN96qJZBsJmmHk6o464e0umY6SVYS1eoQMwsawFHM&sig=Cg0ArKJSzId3dl45K0YTEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=800&vt=11&dtpt=708&dett=3&cstd=89&cisv=r20210901.67416&adurl=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
1
servicer.mgid.com/1178609/ Frame 22F6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1178609/1?pv=5&cbuster=1630834948339395843863&uniqId=12bc9&niet=4g&nisd=false&jsv=es6&w=1600&h=250&p1_w=300&p1_h=250&maxw_1=300&maxh_1=250&cols=1&ref=&cxurl=https%3A%2F%2Fmedan.tribunnews.com%2F&lu=https%3A%2F%2Fmedan.tribunnews.com%2F&sessionId=61349104-04030&pageView=1&pvid=17bb55677e0a9496cf0&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178609.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e24210ebb733964384999ba2e272d7daf9c569dc8533c773f4f8c22db6a154f6

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
689e81fb3dc1d911-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
csi
csi.gstatic.com/ Frame 2AF7 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kt710r4b&c=3710639807144&slotId=1855319903572&fb=ima_html5-lima&sdkv=h.3.478.2&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=210640812%2C44737473
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400a:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader20.html
tpc.googlesyndication.com/pagead/js/ Frame 8CBB 		51 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/loader20.html?https://creatives.b-cdn.net/js/jxvpaid_1_0.min.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e5889395974c20cb35a4981f12dbf0112b108459eb045b9df81b9bfa2f73392
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/pagead/js/loader20.html?https://creatives.b-cdn.net/js/jxvpaid_1_0.min.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://imasdk.googleapis.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://imasdk.googleapis.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 05 Sep 2021 03:23:59 GMT
expires
Mon, 06 Sep 2021 03:23:59 GMT
content-type
text/html; charset=UTF-8
etag
15578078210308968909
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
18563
x-xss-protection
0
age
22709
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
jxvpaid_1_0.min.js
creatives.b-cdn.net/js/ Frame 8CBB 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creatives.b-cdn.net/js/jxvpaid_1_0.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://creatives.b-cdn.net/js/jxvpaid_1_0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
7602071b0397669a1642355c0c4d098f2d63f2d09bbd57958cdff45fd7253ab1

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:29 GMT
content-encoding
br
cdn-edgestorageid
756
x-amz-request-id
R0T067T12C7KAZPN
cdn-cachedat
08/26/2021 12:45:31
cdn-pullzone
138560
x-amz-version-id
wFm2lB2hogwYp4SqI2ALgkCMcgb1ZL3W
x-amz-id-2
9n3aQLyyMF33dp5lcrmC1IL5SExgly3QSSYdAR1+o5Ahz1BrLb74IQUfE1F4Uo6xob3qv5CqnCQ=
server
BunnyCDN-DE1-756
last-modified
Thu, 26 Aug 2021 10:39:25 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
e892056a-957b-44dd-895f-27488eec4ff9
cache-control
public, max-age=2592000
cdn-requestid
5f8a4b0ca259b10ebe0098f7d79af8c1
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
MGID_plus.svg
cdn.mgid.com/images/logos/ Frame 22F6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178609.es6.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:28 GMT
content-encoding
br
cf-cache-status
HIT
age
5603
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
26D5PESFJ3W3C6DA
x-amz-id-2
eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
689e81fbb970425a-AMS
expires
Mon, 06 Sep 2021 09:42:28 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 22F6 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178609.es6.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:28 GMT
content-encoding
br
cf-cache-status
HIT
age
86
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
689e81fbb972425a-AMS
expires
Mon, 06 Sep 2021 09:42:28 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0B8A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVyG1ZZ_Qf8w8P3CrqzIPFzpjVUjI3pRhAKUDTCzZXRKHmC9c2NngluX6IfO7sRkOXwpGO4xG3H18q_F2KI78yqhHti8G5jcDU39c_STKyB63itjqBB63s6kdprg&sai=AMfl-YSDM1fxStvb8hBvHvLA27hiTz-5n9qCfPqNpBcCv78Zlw3EawUT_Uq--yRXaw11WLmAVYGT4nU5ozqN3Suwdbol4syIdWKwJBK2R5n6n8vuSWoacOw1-MPOu_x3gpfq&sig=Cg0ArKJSzORHyTvLritaEAE&cid=CAASFeRoOkLylSDbCtoXeWijOiIxJShM0A&id=lidar2&mcvt=1000&p=537,1075,1141,1375&asp=537,1075,1141,1375&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=645028135&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630834947205&rpt=213&isd=0&lsd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mgWidget_1.11.43.js
cdn.mgid.com/js/wglibs/ Frame 22F6 		333 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.43.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178609.es6.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d6d7c6672496b8581727ace0d23415516ad3740609573cb30138dad68dcc72

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:28 GMT
content-encoding
br
cf-cache-status
HIT
age
3996
last-modified
Tue, 31 Aug 2021 10:29:39 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
YM9YVD1HHQ2YHPH6
x-amz-id-2
6cQ7tmQ+KNWXhLS6RhIP/6nm7fQe+XQp5prPsUxy8fSswnW4X5TP1MLF+18kwR4wEd9D9LKoc1g=
cf-bgj
minify
server
cloudflare
etag
W/"d1681da9425370f72d261009b7f67248"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
689e81fbd981425a-AMS
expires
Mon, 06 Sep 2021 09:42:28 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp
s-img.mgid.com/g/8164868/492x277/0x183x565x376/ Frame 22F6 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164868/492x277/0x183x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp?v=1630834948-KT3U6dYyAchDl0EJWCKyMG2KGww9IXY-EYF1jrfZ3cY
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535ad238c9a291aa3e4d7e24cf16ad7c96398bb1f9a8e3590320daab393a2262

Request headers

Origin
https://medan.tribunnews.com
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:29 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:25:28 GMT
x-mg-request-uuid
da27133c-9a47-4fdd-a099-fa5d03a7c52f
age
808879
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
689e82028c940c69-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17696
server
cloudflare
activeview
pagead2.googlesyndication.com/pcs/ Frame 7271 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEilCl8je5kEnx2rx-CpsBWLXxzXtlwN8atZomVpTOVes1ujSyxEiSRYaMnLOYxIgaKOn4e1I8GC9FnbakVAsmMxbnllVhgqDM6tTiQ32bU2v-G_NI&sig=Cg0ArKJSzFlwqwOXsVzcEAE&id=lidar2&mcvt=1001&p=100,315,350,1285&asp=100,315,350,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210901&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1151295369&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630834947174&rpt=270&isd=0&lsd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.js
cm.mgid.com/ Frame 22F6 		1 KB
865 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1630834948488611495768
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178609.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a19561cea75ef58d9d9a73d4b29d8e65308aed61e40a88b40acf29842a7538b

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
0c7f1b2f-3542-43c6-8d13-c327df1d6a51
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
689e81fc1ec1d911-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
i-noref.js
cm.mgid.com/ Frame 6575 		19 B
173 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1630834948516585236640
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178609.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
90bfc1df-42e9-4178-aa05-1541963e19b8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
689e81fc4f08d911-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
spt
tg1.aniview.com/api/adserver/ Frame 22F6 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=60e6c98e8ca2e373fa016445&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178609.es6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6cdb40aed4b5d2b61fd09b122d089b0ae4610fe7766ac43547e4a3e1f6215316

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
4771
Expires
Sun, 05 Sep 2021 09:47:28 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C964 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsup3LTHVlI-qN4fMq4ZKspsatSQFajsOW5lcV3yMX4_7HT6RNpyVRwaNkBZHDQupF2nQw0xUZM208ZMLRBWpRoYLAT2dx8YwIWj6kHUCpv_azMhAJOuC_hnr0uO8A&sai=AMfl-YSqnhq57lXqeB0GOi7xLrZKMriWPpNc9zxj4vnOHQbPhNX0nirhdM72OI3_tC2cPz2vbMIrPBsklNhaRv5FyJK8fojOBCn_1Xp73PRuSU3Pw9pQya9wYbz0T2O8UOx6&sig=Cg0ArKJSzNmPtgocZpveEAE&cid=CAASFeRoFboB-PpqRIZF87-IkAfryovu4A&id=lidar2&mcvt=1018&p=537,225,1137,385&asp=537,225,1137,385&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1365649329&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630834947171&rpt=318&isd=0&lsd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
outstream.css
video-native.mgid.com/mgPlayer/css/1.11/ Frame 22F6 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/outstream.css
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.43.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d2f589c367232cf6c419f82020168f2b9b2fb839783ef91f17d60dc4a75ebeb9

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sun, 05 Sep 2021 09:42:28 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 10:44:50 GMT
server
nginx
etag
"4a15-5beaa923f66ec-gzip"
vary
Accept-Encoding
x-cached-since
2021-06-23T08:58:33+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
2730
expires
Thu, 23 Jun 2022 08:58:33 GMT
beacon.js
sb.scorecardresearch.com/ Frame 22F6 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178609.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 14:19:37 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
156163
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
OMqEV7EK3RrInID-8Zp_EkOgjPcnKhtkCzqo8jnc2reGyztnk-lX1w==
avcplayer.js
player.avplayer.com/script/2/v/ Frame 22F6 		241 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=60e6c98e8ca2e373fa016445&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1aaac8c7faa577fbb5e2d12a86c0ca350d2bbef197434b3a1941950edb9076c3

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:28 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvM7u-jibhbq8t16PCCtb9GBpGDv7u4IOBnx-qIbF3VKH2t9IB7q7z2cz2eC76899Z2VMUk3cm1lRASijEiP58
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
58536
last-modified
Wed, 01 Sep 2021 15:38:34 GMT
server
UploadServer
etag
"1969bdfd96cc39266035a7f8cfaf56f5"
vary
Accept-Encoding
x-goog-hash
crc32c=Kqo7Pw==, md5=GWm9/ZbMOSZgNaf4z69W9Q==
content-language
en
x-goog-generation
1630510714332104
cache-control
public, max-age=300
x-goog-stored-content-length
58536
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 05 Sep 2021 09:47:28 GMT
track
track1.aniview.com/ Frame 22F6 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5ac2203f073ef46a6856c7b0&cid=60d1f505d9832b26a44ef3b6&cb=1630834948564&r=medan.tribunnews.com&stagid=60e6c98e8ca2e373fa016445&stplid=60e6bb892012ca07822691f6&e=playerLoaded
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sync.html
s.adtelligent.com/ Frame 745D 		1 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1630834948488611495768
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://medan.tribunnews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

Server
VertaMedia 1.0
Date
Sun, 05 Sep 2021 09:42:28 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://medan.tribunnews.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 0B4D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1630834948488611495768
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://medan.tribunnews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 05 Sep 2021 09:42:29 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Sun, 05 Sep 2021 09:42:29 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
google
cm.mgid.com/ Frame 22F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDg1czl2c0VPY0cy&muidn=l85s9vsEOcG2
  • https://cm.mgid.com/google?muidn=l85s9vsEOcG2&google_ula={guid},5&google_gid=CAESEF9Proy9qJHtJ9Bn5kSMC4U&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l85s9vsEOcG2&google_ula={guid},5&google_gid=CAESEF9Proy9qJHtJ9Bn5kSMC4U&google_cver=1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
689e81fd2b17425a-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l85s9vsEOcG2&google_ula={guid},5&google_gid=CAESEF9Proy9qJHtJ9Bn5kSMC4U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 22F6
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l85s9vsEOcG2
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:30 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
cm.lentainform.com/setmuidn/ Frame 22F6 		0
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l85s9vsEOcG2
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
689e821e2e01012e-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
cm.idealmedia.io/setmuidn/ Frame 22F6 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l85s9vsEOcG2
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
689e82110f1ec853-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame 22F6
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l85s9vsEOcG2
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l85s9vsEOcG2
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=&gdpr_consent=&gdpr_pd=
1 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:31 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:422
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 05 Sep 2021 09:42:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
m
cm.mgid.com/ Frame 22F6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=ec30df9a-8de8-44ad-a1e7-3890fce2c6c3&ttl=1633426951
43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=ec30df9a-8de8-44ad-a1e7-3890fce2c6c3&ttl=1633426951
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:31 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
dea4a970-864b-46bc-9372-33266cc3cb8c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
689e820c0e4ad911-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=ec30df9a-8de8-44ad-a1e7-3890fce2c6c3&ttl=1633426951
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/ Frame 22F6
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=dUMz30MAnaz00mbZkBML&pi=mgid&tc=1
43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=dUMz30MAnaz00mbZkBML&pi=mgid&tc=1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:32 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
bf70f6b6-5c74-48ce-8037-186e6e40bb7f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
689e821469bf425a-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=dUMz30MAnaz00mbZkBML&pi=mgid&tc=1
pragma
no-cache
date
Sun, 05 Sep 2021 09:42:32 GMT, Sun, 05 Sep 2021 09:42:32 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/ Frame 22F6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=fb38c0b2-0522-4c43-82dc-1599cd524f50&ssp=mgid&user_group=1
  • https://cm.mgid.com/m?cdsp=433145&c=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=&gdpr_consent=&us_privacy=
43 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:33 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
31dd52da-0135-4aa4-a25c-1bc3362d2921
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
689e82190927425a-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=&gdpr_consent=&us_privacy=
date
Sun, 05 Sep 2021 09:42:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
b
sb.scorecardresearch.com/ Frame 22F6 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1630834948588&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fmedan.tribunnews.com%2F&c9=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:28 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
8_J4j77UYvz8ZK-HEkYsOz4vF_kc9cvfCnftB3307m56YduAZ_3NQQ==
x-cache
Miss from cloudfront
truncated
/ Frame 22F6 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 22F6 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 22F6 		251 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 22F6 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 22F6 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 22F6 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 22F6 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 22F6 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame 687E 		346 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1459debe4ae50fd8d33bf2b2ea987bb180ddb9a66014c4bec96ca790e7d123b1

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:28 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvLQxAAENPGHOr5NZjC_tyoO5WKEEW2C7BKhZG3wO4LXlPF_GxotWnFuB_1nS1Vo9jUZPAwEAPBJLtPLgXop98
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99995
last-modified
Wed, 25 Aug 2021 05:52:40 GMT
server
UploadServer
etag
"2272c99eaa1581a4dad17d82a7e6863a"
vary
Accept-Encoding
x-goog-hash
crc32c=0WMWDQ==, md5=InLJnqoVgaTa0X2Cp+aGOg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1629870760547112
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99995
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 05 Sep 2021 09:47:28 GMT
m
cm.mgid.com/ Frame 745D
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
  • https://cm.mgid.com/m?cdsp=617666&c=7aa0f497b0cb0671
43 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=617666&c=7aa0f497b0cb0671
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:29 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
2a5eb1d1-28e7-41f2-9024-371bf5770c2c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
689e82002f39425a-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare

Redirect headers

Location
https://cm.mgid.com/m?cdsp=617666&c=7aa0f497b0cb0671
Date
Sun, 05 Sep 2021 09:42:28 GMT
Server
VertaMedia 1.0
Etag
7aa0f497b0cb0671
Content-Length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=medan.tribunnews.com&sn=&ic=0&tgt=0&app=&wi=300&he=169&test=&apppkg=&fv=3&proto=https&pid=5ac2203f073ef46a6856c7b0&cid=60d1f505d9832b26a44ef3b6&stagid=60e6c98e8ca2e373fa016445&stplid=60e6bb892012ca07822691f6&e=inventory&vi=0&cb=1630834948703
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=60e6c98e8ca2e373fa016445&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fmedan.tribunnews.com%2F&AV_CHANNELID=60d1f505d9832b26a44ef3b6&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=medan.tribunnews.com&AV_DADPOS=3&AV_TAG=60e6c98e8ca2e373fa016445&AV_TEMPLATE=60e6bb892012ca07822691f6&v=6.1.1.243&avtoken=948703&AV_WIDTH=300&AV_HEIGHT=169&AV_DNT=0&cb=1630834948716
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.14.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-14-12.compute-1.amazonaws.com
Software
/
Resource Hash
b625775b5ac677e07998b78bad336572eccb87f5312136b6b4c5549f032010ca

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:29 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 24 Aug 2021 19:55:49 GMT
events.php
log.r2b2.io/ 		10 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.r2b2.io/events.php?u=https%3A%2F%2Fmedan.tribunnews.com%2F&hbDomain=tribunnews.com
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
webgarden-track-lb-ha.vshosting.cz
Software
nginx /
Resource Hash
cdfeca6a4dfccacdfaa7e4a1cb4e46da1ec31708bdae14e7535732795207f402

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:24 GMT
content-encoding
gzip
last-modified
Sun, 05 Sep 2021 09:42:29 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials
true
content-type
text/javascript; charset=utf-8
access-control-allow-headers
Content-Type
expires
Tue, 01 Jan 2000 00:00:00 GMT
rta.js
rtax.criteo.com/delivery/rta/ Frame 7D11 		0
55 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtax.criteo.com/delivery/rta/rta.js?netId=2495&cookieName=gen_crtg_rta&rnd=50790045839&varName=__geniee_rta
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/033/279/a1033279.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.166 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:29 GMT
server
nginx/1.20.1
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame 7D11 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1033279&cb=5799660717&charset=UTF-8&loc=https%3A%2F%2Fmedan.tribunnews.com%2F&sw=1200&sh=1600&topframe=0
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.65 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
8ba1e040a79dde56f75f6d9a6da16bc49c5df6b25ba95d695c82f01ba0ed4401

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:29 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 7D11 		2 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/033/279/a1033279.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5f65:4d45 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cc82b97b73bc92ff9e0ae24c9824c81d776bd70e8e8cab959a0e446ee6740ca6

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
742
/
s.vertamedia.com/ 		808 B
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.vertamedia.com/?vpaid_type=2&video_duration=&content_page_url=&width=300&height=169&cb=834949089&aid=620136
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
379b64340316bf82408b633791ffdff9a9890f26cc64a620ccdd3c90e1ce6ee7

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:28 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
498
vast.xml
video-ads.rubiconproject.com/video/9655/302790/2145068/203/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/9655/302790/2145068/203/vast.xml?tg_c.language=th&width=300&height=169&gdpr=1&gdpr_consent=&schain=%271.0,1!mgid.com,9655,1,,,%27
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
5907b1a40c7f365896161db244f0b9b9e3bbd248dc3ee09ce563c56658085bdc

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:30 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
970
Expires
Sun, 05 Sep 2021 09:42:30 GMT
/
ads.viralize.tv/vast/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fmedan.tribunnews.com%2F&cs=&cbb=834949090
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
7d0c1c9240ec0bf75e349a2c58a3814c3f0c09abb1d44c4d85d407914d736d47

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:29 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
expires
0
/
ads.viralize.tv/vast/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADvEF1c0MDsgN3F&u=https%3A%2F%2Fmedan.tribunnews.com%2F&cs=&cbb=834949091
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
440ec3d50185b607e670a4f52833c16dd353093b9aef848a4dd9e45e6c02edd3

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:29 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
expires
0
vast.xml
video-ads.rubiconproject.com/video/9655/302790/2145070/203/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/9655/302790/2145070/203/vast.xml?tg_c.language=th&width=300&height=169&gdpr=1&gdpr_consent=&schain=%271.0,1!mgid.com,9655,1,,,%27
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
b6d018299abf4ffbc22597ba7d87b10515f7e3b7a142c160e933dc857b2246ec

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:30 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
969
Expires
Sun, 05 Sep 2021 09:42:30 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=medan.tribunnews.com&rs=medan.tribunnews.com&sid=88924&t=1630834949&cip=213.232.87.179&sn=&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1630834949019-938893911703-008545-012-009072&cha=0.7&stagid=60e6c98e8ca2e373fa016445&stplid=60e6bb892012ca07822691f6&cb=67965005514&d9=1000&AV_WIDTH=300&AV_HEIGHT=169&nid=5ac2203f073ef46a6856c7b0&ncid=60d1f505d9832b26a44ef3b6&e=request&cb=1630834949092&asid=60f359ca16b20665f96cc568%2C60f359c7d2228a430057bec6%2C6062fbae8606f6394e00d938%2C612ce6f6f7ae40413d0947e4%2C5f6da35a57c64938c212257f%2C5f6da362ee3196679e2063fd%2C612ce7612c4ba41cff621eaa&ofpr=%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
im-uid.js
dmp.im-apps.net/sdk/ Frame 7D11 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5f65:4d45 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7b38de6bff343e55807ad3cb0cdc84a9a4609339b63fc805a8c8bae5fd269c36

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
PJSypkggeidUqSfFJLxVU3ZFUvjCbmHj
Content-Encoding
gzip
Last-Modified
Wed, 28 Jul 2021 07:03:20 GMT
ETag
"fabc608ec44e92c06f8f95581d775e7a"
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
Date
Sun, 05 Sep 2021 09:42:29 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
1967
get
audiencedata.im-apps.net/imuid/ Frame 7D11 		28 B
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?vid=01FETNCZ0JDRMW9P4C04XVEWVM&cid=3929
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
755d1e4731609262f48cd7bc897767e502f9cf1dd2f95670bcfdc07817020463

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:29 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
28
content-type
application/json
nad
ialaddin.genieesspv.jp/yie/ld/ Frame 764D 		43 B
502 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ialaddin.genieesspv.jp/yie/ld/nad?zoneid=1407456&callback=gnnative_1407456_callback&cb=99519176613&charset=UTF-8&loc=https%3A%2F%2Fmedan.tribunnews.com%2F&topframe=0&sw=1200&sh=1600
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/407/456/a1407456.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.65 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
559fe89cb5acdc0621e4f7ec04d628b98c1228f1b5ed2c5a43242d80a225364a

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:30 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/json; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 764D 		2 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/407/456/a1407456.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5f65:4d45 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cc82b97b73bc92ff9e0ae24c9824c81d776bd70e8e8cab959a0e446ee6740ca6

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
742
im-uid.js
dmp.im-apps.net/sdk/ Frame 764D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5f65:4d45 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7b38de6bff343e55807ad3cb0cdc84a9a4609339b63fc805a8c8bae5fd269c36

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
PJSypkggeidUqSfFJLxVU3ZFUvjCbmHj
Content-Encoding
gzip
Last-Modified
Wed, 28 Jul 2021 07:03:20 GMT
ETag
"fabc608ec44e92c06f8f95581d775e7a"
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
Date
Sun, 05 Sep 2021 09:42:29 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
1967
get
audiencedata.im-apps.net/imuid/ Frame 764D 		28 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?vid=01FETNCZ0JDRMW9P4C04XVEWVM&cid=3929
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
755d1e4731609262f48cd7bc897767e502f9cf1dd2f95670bcfdc07817020463

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:29 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
28
content-type
application/json
1178609
servicer.mgid.com/vpaid/ Frame 22F6 		849 B
930 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/vpaid/1178609
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.43.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c3b914842090890ae0f3fb17ac85e6f32b0cc36e2a336635856be88b57860a1

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-type
text/xml; charset=utf-8
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
689e8202db31425a-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
css
fonts.googleapis.com/ Frame 8CBB 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://creatives.b-cdn.net/js/jxvpaid_1_0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c109dc4b41df91368d22ad30014165fdc8c6129ebb8acf378bba4130f2ec986
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 05 Sep 2021 09:25:29 GMT
server
ESF
date
Sun, 05 Sep 2021 09:42:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Sep 2021 09:42:29 GMT
ad
traid.jixie.io/sync/ Frame 2AF7 		0
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traid.jixie.io/sync/ad?action=creativeView&mediaurl=https%3A%2F%2Fcreatives.b-cdn.net%2F80c8a13725c68736d9faf7e5858d51f1%2F422%2F1437%2Fvideo_desktop_480p.mp4&jxlb=1&cid=1437&cpid=422&source=sdk&adtype=video&engine=std.2.708&client_id=9445c3c0-0e2d-11ec-9b7e-f511fedb537d&offerid=na&unit=00000000000000000000000000000000&pageurl=https%3A%2F%2Fimasdk.googleapis.com%2F&domain=jixie.io&sid=1630834946-9445c3c0-0e2d-11ec-9b7e-f511fedb537d&device=desktop&sessionts=1630834948255&jxub=2&jxtok=3040021e0711036bddb75d6a790ef118f49e1f4b856e3bcc29320cf94b8530c957c9021e0a724912e70585aa8649cdcbd767007c0cfd86bda8785aa7e1a5379b0cae&stackidx=0&stackdepth=1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 05 Sep 2021 09:42:29 GMT
Cache-Control
private
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Vary
Origin
csi
csi.gstatic.com/ Frame 7271 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kt710r0b&c=3710639807144&slotId=1855319903572&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400a:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video_desktop_480p.mp4
creatives.b-cdn.net/80c8a13725c68736d9faf7e5858d51f1/422/1437/ Frame 7271 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://creatives.b-cdn.net/80c8a13725c68736d9faf7e5858d51f1/422/1437/video_desktop_480p.mp4
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash

Request headers

Referer
https://medan.tribunnews.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 05 Sep 2021 09:42:29 GMT
cdn-edgestorageid
756
x-amz-request-id
QQVDT224EY1SDE2Z
Content-Range
bytes 0-489829/489830
cdn-cachedat
09/04/2021 19:00:21
cdn-pullzone
138560
cdn-requestpullcode
200
x-amz-id-2
ZzfCAZPI3fpAXmZVpX+ooM8wsNyHuKhayJf5fPgVYTBbANm3wusis4XuYYTyyTfY6lQcJiPMcUo=
server
BunnyCDN-DE1-756
last-modified
Sat, 04 Sep 2021 05:44:42 GMT
cdn-proxyver
1.0
x-amz-meta-s3cmd-attrs
atime:1630734227/ctime:1630734227/gid:1000/gname:ubuntu/md5:9be5b237a48000784419840790987333/mode:33204/mtime:1630734227/uid:1000/uname:ubuntu
x-amz-version-id
j4UDc4iQvJ._4i4QwL2CxMhJD7qxSPfu
cdn-cache
HIT
cdn-uid
e892056a-957b-44dd-895f-27488eec4ff9
cache-control
public, max-age=2592000
cdn-requestid
978f4ca1c7f2302b10f6cdefb8227558
Content-Length
489830
content-type
video/mp4
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
mgvpaid.umd.js
video-native.mgid.com/scripts/ Frame 22F6 		132 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/scripts/mgvpaid.umd.js
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.43.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
358397cc830a4098def1c47def116498dacbb8711c1e7e4f68bb204fca577498

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sun, 05 Sep 2021 09:42:29 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 13:49:49 GMT
server
nginx
etag
"21165-5bdcfdf7e6872-gzip"
vary
Accept-Encoding
x-cached-since
2021-09-02T09:01:22+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
30661
expires
Fri, 02 Sep 2022 09:01:22 GMT
video_desktop_480p.mp4
creatives.b-cdn.net/80c8a13725c68736d9faf7e5858d51f1/422/1437/ Frame 7271 		30 KB
31 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://creatives.b-cdn.net/80c8a13725c68736d9faf7e5858d51f1/422/1437/video_desktop_480p.mp4
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
6cefc398bcfbba02fd570f89a81a5e40e1df88375a94cf6af7d7ae8766e1d6ef

Request headers

Referer
https://medan.tribunnews.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=458752-

Response headers

date
Sun, 05 Sep 2021 09:42:29 GMT
cdn-edgestorageid
756
x-amz-request-id
QQVDT224EY1SDE2Z
Content-Range
bytes 458752-489829/489830
cdn-cachedat
09/04/2021 19:00:21
cdn-pullzone
138560
cdn-requestpullcode
200
x-amz-id-2
ZzfCAZPI3fpAXmZVpX+ooM8wsNyHuKhayJf5fPgVYTBbANm3wusis4XuYYTyyTfY6lQcJiPMcUo=
server
BunnyCDN-DE1-756
last-modified
Sat, 04 Sep 2021 05:44:42 GMT
cdn-proxyver
1.0
x-amz-meta-s3cmd-attrs
atime:1630734227/ctime:1630734227/gid:1000/gname:ubuntu/md5:9be5b237a48000784419840790987333/mode:33204/mtime:1630734227/uid:1000/uname:ubuntu
x-amz-version-id
j4UDc4iQvJ._4i4QwL2CxMhJD7qxSPfu
cdn-cache
HIT
cdn-uid
e892056a-957b-44dd-895f-27488eec4ff9
cache-control
public, max-age=2592000
cdn-requestid
fd7eca6ad3778c5d6c463343024465c9
Content-Length
31078
content-type
video/mp4
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
mgvpaid.css
video-native.mgid.com/mgPlayer/css/ Frame 22F6 		945 B
513 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/mgvpaid.css
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f8fd19e664526e5667d00bed3e089e60559219501c1fcf5cea88feed079db74c

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sun, 05 Sep 2021 09:42:29 GMT
content-encoding
gzip
last-modified
Mon, 12 Oct 2020 11:17:31 GMT
server
nginx
etag
"3b1-5b17771cc0f4c-gzip"
vary
Accept-Encoding
x-cached-since
2021-07-26T21:50:10+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
389
expires
Tue, 26 Jul 2022 21:50:10 GMT
/
c.mgid.com/vs/ Frame 22F6 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1178609&e=initad&c=48352&o=%7B%22uuid%22%3A%2296164f7d-0e2d-11ec-b3e1-d094662c24f7%22%7D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
689e82036e34d911-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
servicer.mgid.com/1178609/ Frame 22F6 		0
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1178609/?vast=1&w=640&h=480&pl=1&page=https://medan.tribunnews.com/
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:29 GMT
x-mg-204-reason
video_ssp=0
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
689e82037c23425a-AMS
content-type
text/html
1178609
servicer.mgid.com/vast/ Frame 22F6 		27 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/vast/1178609
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-mg-reason
empty list of teasers
date
Sun, 05 Sep 2021 09:42:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
689e82038c26425a-AMS
content-type
text/xml
pragma
no-cache
/
c.mgid.com/vs/ Frame 22F6 		43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1178609&e=requestad&cin=0&c=37197&o=%7B%22uuid%22%3A%2296164f7d-0e2d-11ec-b3e1-d094662c24f7%22%2C%22index%22%3A0%7D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
689e8203ae63d911-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Sun, 05 Sep 2021 09:42:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN_BPMMmsQ0WBlwZaX3mnhc&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN_BPMMmsQ0WBlwZaX3mnhc&google_cver=1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:29 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN_BPMMmsQ0WBlwZaX3mnhc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzQxRTU5Q0MtNEEzMC00QTYyLTk0M0ItNUQyMDZFOENBRDM0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 05 Sep 2021 09:42:31 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:482
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
video_desktop_480p.mp4
creatives.b-cdn.net/80c8a13725c68736d9faf7e5858d51f1/422/1437/ Frame 7271 		446 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://creatives.b-cdn.net/80c8a13725c68736d9faf7e5858d51f1/422/1437/video_desktop_480p.mp4
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash

Request headers

Referer
https://medan.tribunnews.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=32768-

Response headers

date
Sun, 05 Sep 2021 09:42:29 GMT
cdn-edgestorageid
756
x-amz-request-id
QQVDT224EY1SDE2Z
Content-Range
bytes 32768-489829/489830
cdn-cachedat
09/04/2021 19:00:21
cdn-pullzone
138560
cdn-requestpullcode
200
x-amz-id-2
ZzfCAZPI3fpAXmZVpX+ooM8wsNyHuKhayJf5fPgVYTBbANm3wusis4XuYYTyyTfY6lQcJiPMcUo=
server
BunnyCDN-DE1-756
last-modified
Sat, 04 Sep 2021 05:44:42 GMT
cdn-proxyver
1.0
x-amz-meta-s3cmd-attrs
atime:1630734227/ctime:1630734227/gid:1000/gname:ubuntu/md5:9be5b237a48000784419840790987333/mode:33204/mtime:1630734227/uid:1000/uname:ubuntu
x-amz-version-id
j4UDc4iQvJ._4i4QwL2CxMhJD7qxSPfu
cdn-cache
HIT
cdn-uid
e892056a-957b-44dd-895f-27488eec4ff9
cache-control
public, max-age=2592000
cdn-requestid
88ee9f7ba6eb4d9c893030ff2736303c
Content-Length
457062
content-type
video/mp4
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
/
c.mgid.com/vs/ Frame 22F6 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1178609&e=requestad&cin=1&c=58536&o=%7B%22uuid%22%3A%2296164f7d-0e2d-11ec-b3e1-d094662c24f7%22%2C%22index%22%3A1%7D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
689e82055e76425a-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
c.mgid.com/vs/ Frame 22F6 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1178609&e=adbidempty&cin=1&c=99600&o=%7B%22uuid%22%3A%2296164f7d-0e2d-11ec-b3e1-d094662c24f7%22%2C%22index%22%3A1%2C%22rHash%22%3A%222227557176690718%22%7D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
689e82055e78425a-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
c.mgid.com/vs/ Frame 22F6 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1178609&e=aderror&cin=1&c=16555&o=%7B%22uuid%22%3A%2296164f7d-0e2d-11ec-b3e1-d094662c24f7%22%2C%22index%22%3A1%2C%22rHash%22%3A%222227557176690718%22%2C%22errMsg%22%3A%22VPAID%20ERROR%3A%20adbidempty.%20%5Bhttps%3A%2F%2Fservicer.mgid.com%2Fvast%2F1178609%5D%22%7D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
689e82055e7b425a-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
servicer.mgid.com/1178609/ Frame 22F6 		0
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1178609/?vast=1&w=640&h=480&pl=1&page=https://medan.tribunnews.com/
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:29 GMT
x-mg-204-reason
video_ssp=0
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
689e82042dcbbd87-AMS
content-type
text/html
/
c.mgid.com/vs/ Frame 22F6 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1178609&e=adbidempty&cin=0&c=89012&o=%7B%22uuid%22%3A%2296164f7d-0e2d-11ec-b3e1-d094662c24f7%22%2C%22index%22%3A0%7D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
689e8204ad94425a-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
c.mgid.com/vs/ Frame 22F6 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1178609&e=aderror&cin=0&c=19817&o=%7B%22uuid%22%3A%2296164f7d-0e2d-11ec-b3e1-d094662c24f7%22%2C%22index%22%3A0%2C%22errMsg%22%3A%22VPAID%20ERROR%3A%20adbidempty.%20%5Bhttps%3A%2F%2Fservicer.mgid.com%2F1178609%2F%3Fvast%3D1%26w%3D640%26h%3D480%26pl%3D1%26page%3Dhttps%3A%2F%2Fmedan.tribunnews.com%2F%5D%22%7D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
689e8204ad95425a-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
inview.20190130.min.js
js.genieessp.com/j/ Frame 7D11 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/j/inview.20190130.min.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.175 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Feb 2019 06:15:01 GMT
Server
nginx
ETag
W/"5c650765-13cd"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Mon, 05 Sep 2022 09:42:30 GMT
implement.js
fqtag.com/ Frame 7D11 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fqtag.com/implement.js?org=EHJCBJHzBd4DM1jx2bjz&s=8f18fc07-8e86-fa91-083f-478d038e4f72&p=4415&a=107285&cmp=1033279&fmt=banner&rd=https%3a%2f%2fmedan.tribunnews.com%2f&rt=display
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
c136f8922e43ea1b6eb5cb524b703ce5a8e17e6149ec774ff5c1cf791a4c16ed
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:31 GMT
via
1.1 google
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2623
x-xss-protection
0
expires
0
acs
ialaddin.genieesspv.jp/yie/ld/ Frame 7D11
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=criteo&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=criteo&v=y8dVQGccMh9dJPpW0SybAyhi2weUINSFZScc6gQJ0ZFgiBR8UjUaAoizqONWoTYmq02LW4V048sOdXMyahIqkQ&format=gif
43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=criteo&v=y8dVQGccMh9dJPpW0SybAyhi2weUINSFZScc6gQJ0ZFgiBR8UjUaAoizqONWoTYmq02LW4V048sOdXMyahIqkQ&format=gif
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.65 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:32 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CUR ADM OUR NOR STA NID

Redirect headers

Date
Sun, 05 Sep 2021 09:42:31 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CUR ADM OUR NOR STA NID
Location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=criteo&v=y8dVQGccMh9dJPpW0SybAyhi2weUINSFZScc6gQJ0ZFgiBR8UjUaAoizqONWoTYmq02LW4V048sOdXMyahIqkQ&format=gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/octet-stream
cs
cs.gssprt.jp/yie/ld/ Frame 7D11
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appnexus&format=gif&vid=2
  • https://secure.adnxs.com/getuid?https://cs.gssprt.jp/yie/ld/cs?dspid=appnexus&uid=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.gssprt.jp%2Fyie%2Fld%2Fcs%3Fdspid%3Dappnexus%26uid%3D%24UID
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appnexus&uid=4468883261977636728
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=appnexus&uid=4468883261977636728
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.254.173.146 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:34 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:33 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2b95e62b-e9c2-49b6-ad01-8228a956a39a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cs.gssprt.jp/yie/ld/cs?dspid=appnexus&uid=4468883261977636728
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gcs
rt.gsspat.jp/yie/ld/ Frame 7D11
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp
  • https://rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adN44CPV2R6AMx-EGi-iDoONrx0oLC5OU94MLqdqThfUdHVEU6MhzE6Qi5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adN44CPV2R6AMx-EGi-iDoONrx0oLC5OU94MLqdqThfUdHVEU6MhzE6Qi5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.230.178.21 Sapporo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:33 GMT
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:32 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
//rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adN44CPV2R6AMx-EGi-iDoONrx0oLC5OU94MLqdqThfUdHVEU6MhzE6Qi5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
text/html; charset=ISO-8859-1
Content-Length
1
Expires
Mon, 26 Jul 1997 05:00:00 GMT
acs
ialaddin.genieesspv.jp/yie/ld/ Frame 7D11
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAyfFf1ey5IpbNkc2U3XPzaM3KV9khaPEHAlnItVMapm08Rh4jj2v0U8vE_0Pb2Ggwg&format=gif
43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAyfFf1ey5IpbNkc2U3XPzaM3KV9khaPEHAlnItVMapm08Rh4jj2v0U8vE_0Pb2Ggwg&format=gif
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.65 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:33 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CUR ADM OUR NOR STA NID

Redirect headers

Date
Sun, 05 Sep 2021 09:42:32 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CUR ADM OUR NOR STA NID
Location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAyfFf1ey5IpbNkc2U3XPzaM3KV9khaPEHAlnItVMapm08Rh4jj2v0U8vE_0Pb2Ggwg&format=gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/octet-stream
cs
cs.gssprt.jp/yie/ld/ Frame 7D11
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2
  • https://g.c.appier.net/ge
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=zXHBsXNvAn6bvzQXCZE0YQ
43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=zXHBsXNvAn6bvzQXCZE0YQ
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.254.173.146 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:35 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=zXHBsXNvAn6bvzQXCZE0YQ
date
Sun, 05 Sep 2021 09:42:33 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
97
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
truncated
/ Frame 7D11 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57994a498f54fc5828eb9fcecd7984c2391141b791ef9dbeef94ea75a5bc7134

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
/
c.mgid.com/vs/ Frame 22F6 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=0&iid=1178609&e=error&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22955ca106-0e2d-11ec-a572-d094662c1c35%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%2C%22errorMessage%22%3A%22null%22%7D&t=0&c=50870
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
689e82054e67425a-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
usync.js
eus.rubiconproject.com/ Frame 0B4D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43f4577d7588548de2f77303efaa3a8d59a97136437fb1f36d178c7c5febaab6

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Aug 2021 22:28:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17621
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9359
Expires
Sun, 05 Sep 2021 14:36:11 GMT
khaos.jpg
token.rubiconproject.com/ Frame 0B4D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
truncated
/ Frame 764D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
173eac5ddcd632f1890ce6aeda8c3838585cca322eabea8670af96cf7e6e9c44

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
ad
traid.jixie.io/sync/ Frame 2AF7 		0
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traid.jixie.io/sync/ad?action=impression&mediaurl=https%3A%2F%2Fcreatives.b-cdn.net%2F80c8a13725c68736d9faf7e5858d51f1%2F422%2F1437%2Fvideo_desktop_480p.mp4&jxlb=1&cid=1437&cpid=422&source=sdk&adtype=video&engine=std.2.708&client_id=9445c3c0-0e2d-11ec-9b7e-f511fedb537d&offerid=na&unit=00000000000000000000000000000000&pageurl=https%3A%2F%2Fimasdk.googleapis.com%2F&domain=jixie.io&sid=1630834946-9445c3c0-0e2d-11ec-9b7e-f511fedb537d&device=desktop&sessionts=1630834948255&jxub=2&jxtok=3040021e0711036bddb75d6a790ef118f49e1f4b856e3bcc29320cf94b8530c957c9021e0a724912e70585aa8649cdcbd767007c0cfd86bda8785aa7e1a5379b0cae&stackidx=0&stackdepth=1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 05 Sep 2021 09:42:29 GMT
Cache-Control
private
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Vary
Origin
ad
traid.jixie.io/sync/ Frame 2AF7 		0
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traid.jixie.io/sync/ad?action=start&mediaurl=https%3A%2F%2Fcreatives.b-cdn.net%2F80c8a13725c68736d9faf7e5858d51f1%2F422%2F1437%2Fvideo_desktop_480p.mp4&jxlb=1&cid=1437&cpid=422&source=sdk&adtype=video&engine=std.2.708&client_id=9445c3c0-0e2d-11ec-9b7e-f511fedb537d&offerid=na&unit=00000000000000000000000000000000&pageurl=https%3A%2F%2Fimasdk.googleapis.com%2F&domain=jixie.io&sid=1630834946-9445c3c0-0e2d-11ec-9b7e-f511fedb537d&device=desktop&sessionts=1630834948255&jxub=2&jxtok=3040021e0711036bddb75d6a790ef118f49e1f4b856e3bcc29320cf94b8530c957c9021e0a724912e70585aa8649cdcbd767007c0cfd86bda8785aa7e1a5379b0cae&stackidx=0&stackdepth=1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 05 Sep 2021 09:42:29 GMT
Cache-Control
private
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Vary
Origin
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ Frame 8CBB 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://tpc.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 08:52:43 GMT
x-content-type-options
nosniff
age
89387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:52:43 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=medan.tribunnews.com&rs=medan.tribunnews.com&sid=88924&t=1630834949&cip=213.232.87.179&sn=&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1630834949019-938893911703-008545-012-009072&cha=0.7&stagid=60e6c98e8ca2e373fa016445&stplid=60e6bb892012ca07822691f6&cb=67965005514&d9=1000&AV_WIDTH=300&AV_HEIGHT=169&nid=5ac2203f073ef46a6856c7b0&ncid=60d1f505d9832b26a44ef3b6&e=bid&cb=1630834950236&asid=60f359ca16b20665f96cc568%2C60f359c7d2228a430057bec6%2C5f6da35a57c64938c212257f%2C5f6da362ee3196679e2063fd%2C6062fbae8606f6394e00d938%2C612ce6f6f7ae40413d0947e4%2C612ce7612c4ba41cff621eaa&ofpr=%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
viralize_vpaid.min.599438d1.js
static.viralize.tv/ Frame 9564 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=PL-163-c4f51e75
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
971e542a7e0f65a762336a33fb163b9f35f7d0a7b40b9bf8c4fd427556b293e9

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
br
cf-cache-status
HIT
age
150674
x-guploader-uploadid
ADPycdsDMi1szS6o3BXsrWz6ERnSRZImGKHJyy-mjisOGgJGITuQ_andHdt0xXwHodY07bZXl-Z06MurwvFe2ukYRLGsqQuTeA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 02 Sep 2021 15:43:36 GMT
server
cloudflare
etag
W/"599438d19b0b80ddb7a2c48bb111fa13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=K8m1UA==, md5=WZQ40ZsLgN23osSLsRH6Ew==
x-goog-generation
1630597416297066
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
62446
cf-ray
689e82126f892484-FRA
expires
Tue, 05 Oct 2021 09:42:32 GMT
viralize_vpaid.min.599438d1.js
static.viralize.tv/ Frame CDEE 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=ops
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
971e542a7e0f65a762336a33fb163b9f35f7d0a7b40b9bf8c4fd427556b293e9

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
br
cf-cache-status
HIT
age
1032355
x-guploader-uploadid
ADPycdu7NZSWK9gtsNLehgrlpv1WyiLdv24Kll5rX_W6ktNQwCWnn6qe7IYDPPGzE9iOnTTLmLkJjlOKwPTEJSfBpyc
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 24 Aug 2021 10:52:14 GMT
server
cloudflare
etag
W/"599438d19b0b80ddb7a2c48bb111fa13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=K8m1UA==, md5=WZQ40ZsLgN23osSLsRH6Ew==
x-goog-generation
1629802334461223
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
62446
cf-ray
689e82129ffe4de8-FRA
expires
Tue, 05 Oct 2021 09:42:32 GMT
bridge-31034.js
video-ads.rubiconproject.com/video/ Frame 79D1 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31034.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
2b173f65e9f2fb2bbc537a388272f7b1bcf71e7f69fb1982f1298baf1ea124a7

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Aug 2021 13:10:24 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"1013f-5c948575b9000-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
20021
overlay.png
s0.2mdn.net/9957158/1622818134107/Template_160x600/ Frame 3D8A 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9957158/1622818134107/Template_160x600/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d543e0938a92f50488bf5895451508ca03e18dfa31306268a1fa606788b9c060
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 06:19:48 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 14:48:54 GMT
server
sffe
age
12162
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24835
x-xss-protection
0
expires
Mon, 06 Sep 2021 06:19:48 GMT
texture2.jpg
s0.2mdn.net/9957158/1622818134107/Template_160x600/ Frame 3D8A 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9957158/1622818134107/Template_160x600/texture2.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
358cd5bbe4d42510a8ba89a31e1afc40be9ee38ffeaf505d81b23339b7617fca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 06:50:23 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 14:48:54 GMT
server
sffe
age
10327
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156702
x-xss-protection
0
expires
Mon, 06 Sep 2021 06:50:23 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame F735 		346 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a876f6cbd09c5f245491f6877db2a6bb7faa356893ae8a5f8881b2ad6c64212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121776
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:32 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 36FA 		346 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a876f6cbd09c5f245491f6877db2a6bb7faa356893ae8a5f8881b2ad6c64212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121776
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:32 GMT
pixel.js
cdn.fqtag.com/1.27.339-ccfb11a/ Frame 7D11 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by
Host: fqtag.com
URL: https://fqtag.com/implement.js?org=EHJCBJHzBd4DM1jx2bjz&s=8f18fc07-8e86-fa91-083f-478d038e4f72&p=4415&a=107285&cmp=1033279&fmt=banner&rd=https%3a%2f%2fmedan.tribunnews.com%2f&rt=display
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.36.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:29:31 GMT
age
782
x-guploader-uploadid
ADPycdurU3YUEV_g-JK8m0DCVCPjLbspZ12J2EH5HBD9me_y3MnhYFMoaOUe_edefyFlE06QIV-81VaNoNURTjgWnbE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89647
last-modified
Wed, 27 Jan 2021 19:48:44 GMT
server
UploadServer
etag
"e0eff30579598f76147c9ea12f490d21"
x-goog-hash
crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
content-language
en
x-goog-generation
1611776924905378
x-goog-expiration
Sun, 11 Nov 2294 19:48:44 GMT
cache-control
public, max-age=3600
x-goog-stored-content-length
89647
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 05 Sep 2021 10:29:31 GMT
userSync.js
ads.pubmatic.com/AdServer/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:14 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300709-1af3-5c4c7cca9e573"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=34867
accept-ranges
bytes
content-type
text/javascript
content-length
2267
expires
Sun, 05 Sep 2021 19:23:41 GMT
usync.html
eus.rubiconproject.com/ Frame 6330 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://medan.tribunnews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 05 Sep 2021 09:42:31 GMT
Connection
keep-alive
Vary
Accept-Encoding
userconnect.js
js.adscale.de/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
JOg_VgCpx79FzQuaD17xTSq4V76j2Fas
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 08:57:04 GMT
server
AmazonS3
age
2724
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Sun, 05 Sep 2021 08:57:09 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
oYIWNnj6ebGCCk2gsWJ4E32d8YAWQ4D-Rut9ipz0wBLrvz-ZTJwVjQ==
ad
traid.jixie.io/sync/ Frame 8CBB 		0
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/ad?action=visible&sound=mute&jxlb=1&cid=1437&cpid=422&source=sdk&adtype=video&engine=std.2.708&client_id=9445c3c0-0e2d-11ec-9b7e-f511fedb537d&offerid=na&unit=00000000000000000000000000000000&pageurl=https%3A%2F%2Fimasdk.googleapis.com%2F&domain=jixie.io&sid=1630834946-9445c3c0-0e2d-11ec-9b7e-f511fedb537d&device=desktop&sessionts=1630834948255&jxub=2&jxtok=3040021e0711036bddb75d6a790ef118f49e1f4b856e3bcc29320cf94b8530c957c9021e0a724912e70585aa8649cdcbd767007c0cfd86bda8785aa7e1a5379b0cae
Requested by
Host: creatives.b-cdn.net
URL: https://creatives.b-cdn.net/js/jxvpaid_1_0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tpc.googlesyndication.com
Date
Sun, 05 Sep 2021 09:42:31 GMT
Cache-Control
private
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Vary
Origin
usync.js
eus.rubiconproject.com/ Frame 6330 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43f4577d7588548de2f77303efaa3a8d59a97136437fb1f36d178c7c5febaab6

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Aug 2021 22:28:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17619
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9359
Expires
Sun, 05 Sep 2021 14:36:11 GMT
/
sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/ 		2 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/?r=50084606001
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
ac
www8.smartadserver.com/ 		16 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?pgid=692816&insid=5733718&tmstp=9418660542&out=js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
/
ads.viralize.tv/player/ Frame 9564 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fmedan.tribunnews.com%2F&cbb=834949090&sid=01ec0e2d95d136d414dfb5da53102961&experiment=PL-163-c4f51e75.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017bb556879c3980937a67481abddbc0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A2025%2C%22height%22%3A8917%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A300%2C%22height%22%3A169%7D%7D&pub_platform=&dd=medan.tribunnews.com&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=PL-163-c4f51e75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
6a65c58e1ceccb2e494485cefa163c2358c2e6001187af214262f230240fbd8a

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame 8E20 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=PL-163-c4f51e75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
33982
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame 8E20 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=PL-163-c4f51e75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 15:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34056
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 15:11:56 GMT
polyfill.min.js
polyfill.io/v3/ Frame 8E20 		72 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=PL-163-c4f51e75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
6337708
detected-user-agent
Chrome Mobile/92.0.4515
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Wed, 23 Jun 2021 06:24:19 GMT
date
Sun, 05 Sep 2021 09:42:33 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/92.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8E20 		346 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=PL-163-c4f51e75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a876f6cbd09c5f245491f6877db2a6bb7faa356893ae8a5f8881b2ad6c64212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121776
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:32 GMT
viralize_player.min.66c7c3e7.js
static.viralize.tv/ Frame 8E20 		732 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_player.min.66c7c3e7.js?e=PL-163-c4f51e75
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=PL-163-c4f51e75
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c5be5dd1299e451ca712bb75ea2a12f6806f34fc181f772f3b02476b8218b3

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
br
cf-cache-status
HIT
age
150673
x-guploader-uploadid
ADPycdualPO0RzdiEOOZAMx74vfZfrQP-1TfhLMDuR2w6Ar34AHq16g8Bg6pBDCB6atwWTivKWi9hoGy8Ke5nE4Adg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 02 Sep 2021 15:43:34 GMT
server
cloudflare
etag
W/"66c7c3e7c07b731c2fbcc532ba84d321"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=oRJFPw==, md5=ZsfD58B7cxwvvMUyuoTTIQ==
x-goog-generation
1630597414407836
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
749611
cf-ray
689e8212a8244de8-FRA
expires
Tue, 05 Oct 2021 09:42:32 GMT
auto-user-sync
ads.stickyadstv.com/ 		43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:32 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1630834952831011-560
Expires
Sun, 05 Sep 2021 09:42:32 GMT
/
ads.viralize.tv/player/ Frame CDEE 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADvEF1c0MDsgN3F&u=https%3A%2F%2Fmedan.tribunnews.com%2F&cbb=834949091&sid=01ec0e2d95d17d22b4d186c3dddc5a41&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017bb556879c3980937a67481abddbc0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A2025%2C%22height%22%3A8917%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A300%2C%22height%22%3A169%7D%7D&pub_platform=&dd=medan.tribunnews.com&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
f2050c70977fd61f8a1c706595398f2aa5ae358bbb90196cf8b4de2840ba190d

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame D701 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
33982
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame D701 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=ops
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 07:56:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34056
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Sep 2022 07:56:31 GMT
polyfill.min.js
polyfill.io/v3/ Frame D701 		72 B
144 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
6337708
detected-user-agent
Chrome Mobile/92.0.4515
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=0
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Wed, 23 Jun 2021 06:24:19 GMT
date
Sun, 05 Sep 2021 09:42:33 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/92.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D701 		346 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=ops
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a876f6cbd09c5f245491f6877db2a6bb7faa356893ae8a5f8881b2ad6c64212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121776
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:32 GMT
viralize_player.min.66c7c3e7.js
static.viralize.tv/ Frame D701 		732 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_player.min.66c7c3e7.js?e=ops
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.599438d1.js?e=ops
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c5be5dd1299e451ca712bb75ea2a12f6806f34fc181f772f3b02476b8218b3

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
br
cf-cache-status
HIT
age
402
x-guploader-uploadid
ADPycdtwjye7syj9uL1-2pAmEwiAdx07GuQAkOh6WThXbnk1mrU_VjfD7-ZoHoR-EyHqqL4F0VJPd4oI_ERlaP5Iw1g
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 02 Sep 2021 15:43:34 GMT
server
cloudflare
etag
W/"66c7c3e7c07b731c2fbcc532ba84d321"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=oRJFPw==, md5=ZsfD58B7cxwvvMUyuoTTIQ==
x-goog-generation
1630597414407836
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
749611
cf-ray
689e821329514de8-FRA
expires
Tue, 05 Oct 2021 09:42:32 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 79D1 		28 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&gdpr_consent=&account_id=9655&site_id=302790&zone_id=2145070&size_id=203&tg_c.language=th&width=300&height=169&schain=%271.0,1!mgid.com,9655,1,,,%27&p_window.depth=0&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&p_window.url=&p_window.w=1600&p_window.h=270&p_aso.video.ext.ad.w=300&p_aso.video.ext.ad.h=169&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=16178225301557.436&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31034.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.237.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:32 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
bridge3.478.2_en.html
imasdk.googleapis.com/js/core/ Frame A65F 		574 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ba74b0b7223564fe5de95a05498160da36162274673a6c4583a757d233c41b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.478.2_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medan.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192508
date
Fri, 03 Sep 2021 19:55:47 GMT
expires
Sat, 03 Sep 2022 19:55:47 GMT
last-modified
Fri, 03 Sep 2021 19:50:18 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
136005
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame F735 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:32 GMT
integrator.js
adservice.google.com/adsid/ Frame F735 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=medan.tribunnews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.478.2_en.html
imasdk.googleapis.com/js/core/ Frame 1501 		574 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ba74b0b7223564fe5de95a05498160da36162274673a6c4583a757d233c41b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.478.2_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medan.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192508
date
Fri, 03 Sep 2021 19:55:47 GMT
expires
Sat, 03 Sep 2022 19:55:47 GMT
last-modified
Fri, 03 Sep 2021 19:50:18 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
136005
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 36FA 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:32 GMT
integrator.js
adservice.google.com/adsid/ Frame 36FA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=medan.tribunnews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5F19 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 05 Sep 2021 10:41:24 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FF26 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 05 Sep 2021 10:41:24 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A65F 		156 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21857590943%2C4905536%2Fdetik.com%2Fdetik.com_mcm_bid_0.7&description_url=https%3A%2F%2Fwww.detik.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1815903456626873&sdkv=h.3.478.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=2877411319&sdk_apis=2%2C8&sid=1E02362C-CA3B-4FFB-893C-8C2CFC2489B5&eid=44745938%2C668123728&url=https%3A%2F%2Fmedan.tribunnews.com%2F&dt=1630834952667&cookie_enabled=1&scor=2217213838759427&ged=ve4_td3_tt1_pd3_la3000_er3186.1075.3339.1375_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1501 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21857590943%2C4905536%2Fdetik.com%2Fdetik.com_mcm_bid_1&description_url=https%3A%2F%2Fwww.detik.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2221542046194017&sdkv=h.3.478.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1347186131&sdk_apis=2%2C8&sid=526A6B1C-2C51-49A4-A370-AAA5671D44A5&eid=21064201%2C44737475&top=https%3A%2F%2Fmedan.tribunnews.com%2F&url=https%3A%2F%2Fmedan.tribunnews.com%2F&dt=1630834952679&cookie_enabled=1&scor=1266855036641521&ged=ve4_td3_tt0_pd3_la3000_er3186.1075.3339.1375_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
traid.jixie.io/sync/ Frame 2AF7 		0
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traid.jixie.io/sync/ad?action=firstQuartile&mediaurl=https%3A%2F%2Fcreatives.b-cdn.net%2F80c8a13725c68736d9faf7e5858d51f1%2F422%2F1437%2Fvideo_desktop_480p.mp4&jxlb=1&cid=1437&cpid=422&source=sdk&adtype=video&engine=std.2.708&client_id=9445c3c0-0e2d-11ec-9b7e-f511fedb537d&offerid=na&unit=00000000000000000000000000000000&pageurl=https%3A%2F%2Fimasdk.googleapis.com%2F&domain=jixie.io&sid=1630834946-9445c3c0-0e2d-11ec-9b7e-f511fedb537d&device=desktop&sessionts=1630834948255&jxub=2&jxtok=3040021e0711036bddb75d6a790ef118f49e1f4b856e3bcc29320cf94b8530c957c9021e0a724912e70585aa8649cdcbd767007c0cfd86bda8785aa7e1a5379b0cae&stackidx=0&stackdepth=1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 05 Sep 2021 09:42:32 GMT
Cache-Control
private
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Vary
Origin
jsvpaid.js
static.vertamedia.com/static/ Frame D481 		133 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
89042e0238c712451fb89e3cf9c902606d3b59760461ab54bc737984e3493a97

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:32 GMT
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 14:17:08 GMT
server
nginx
etag
"60195ee4-9581"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 07 Sep 2021 09:42:32 GMT
cache-control
max-age=172800
content-length
38273
x-proxy-cache
HIT
bridge-31034.js
video-ads.rubiconproject.com/video/ Frame B559 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31034.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
2b173f65e9f2fb2bbc537a388272f7b1bcf71e7f69fb1982f1298baf1ea124a7

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Aug 2021 13:10:24 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"1013f-5c948575b9000-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
20021
slmp
pixel.adtelligent.com/ Frame D481 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adtelligent.com/slmp?Event=3&Type=0&Version=0.0.0&Aid=0
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:33 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
slmp
pixel.adtelligent.com/ Frame D481 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adtelligent.com/slmp?Event=4&Type=0&Version=0.0.0&Aid=620136
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:33 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
ads28.vertamedia.com/2v/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads28.vertamedia.com/2v/?vmAdID=1CA14F339EF5D321&aid=620136&width=300&height=169&site_full_url=https%3A%2F%2Fmedan.tribunnews.com%2F&top_domain=https%3A%2F%2Fmedan.tribunnews.com&v=2.4.147&t=js&cb=834949089&vpaid_type=2&is_secure_frame=false
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
3f2c165eefe83b43e66ba44782909888dd46386f8fcf2732578c3cc38fcad0b2

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:35 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
1327
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame B559 		28 B
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&gdpr_consent=&account_id=9655&site_id=302790&zone_id=2145068&size_id=203&tg_c.language=th&width=300&height=169&schain=%271.0,1!mgid.com,9655,1,,,%27&p_window.depth=0&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&p_window.url=&p_window.w=1600&p_window.h=270&p_aso.video.ext.ad.w=300&p_aso.video.ext.ad.h=169&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=7722094528484960&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31034.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.237.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:33 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
advast
ice.360yield.com/ Frame 8E20 		27 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22424692&w=16&h=9&minduration=1&maxduration=60&player_width=300&player_height=169&referrer=https%3A%2F%2Fmedan.tribunnews.com%2F&gdpr=&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.190.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-190-29.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:33 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame 8E20 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d136d414dfb5da53102961&item=YWRuXzU4ODcoXcQ2RbU9tg%3D%3D.1.wp1sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:33 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
advast
ice.360yield.com/ Frame D701 		27 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22424703&w=16&h=9&minduration=1&maxduration=60&player_width=300&player_height=169&referrer=https%3A%2F%2Fmedan.tribunnews.com%2F&gdpr=&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.190.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-190-29.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:33 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame D701 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADvEF1c0MDsgN3F&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d17d22b4d186c3dddc5a41&item=YWRuXzU4ODjMKrnP0Kwmyg%3D%3D.1.wp1sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:33 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
280210
search.spotxchange.com/vast/2.0/ Frame D701 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/280210?VPAID=JS&content_page_url=https%3A%2F%2Fmedan.tribunnews.com%2F&cb=1630834952&player_width=300&player_height=169&gdpr=1&gdpr_consent=&custom[format]=instream&schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:33 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000367
X-SpotX-Timing-SpotMarket
0.008495
X-SpotX-Timing-Page-Mux
0.000270
X-SpotX-Timing-Page-Require
0.000418
X-fe
064
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000044
Content-Length
77
X-SpotX-Timing-Page
0.025059
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000356
Last-Modified
Sun, 05 Sep 2021 09:42:33 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.008495
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Misc
0.015095
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame D701 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADvEF1c0MDsgN3F&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d17d22b4d186c3dddc5a41&item=YWRuXzQ2MTnoFV5GeobRcA%3D%3D.2.wp2sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:33 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
307362
search.spotxchange.com/vast/2.0/ Frame 8E20 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/307362?VPAID=JS&content_page_url=https%3A%2F%2Fmedan.tribunnews.com%2F&cb=1630834952&player_width=300&player_height=169&gdpr=1&gdpr_consent=&custom[format]=instream&schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:33 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000334
X-SpotX-Timing-SpotMarket
0.008541
X-SpotX-Timing-Page-Mux
0.000212
X-SpotX-Timing-Page-Require
0.000329
X-fe
078
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000029
Content-Length
77
X-SpotX-Timing-Page
0.015783
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000275
Last-Modified
Sun, 05 Sep 2021 09:42:33 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.008541
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Misc
0.006053
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 8E20 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d136d414dfb5da53102961&item=YWRuXzU5NDBR2c45QymL8Q%3D%3D.2.wp2sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:33 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame D701 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec0e2d95d17d22b4d186c3dddc5a41%3A0%3AYWRuXzU4ODjMKrnP0Kwmyg%3D%3D~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU4ODjMKrnP0Kwmyg%3D%3D~wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:33 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=medan.tribunnews.com&rs=medan.tribunnews.com&sid=88924&t=1630834949&cip=213.232.87.179&sn=&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1630834949019-938893911703-008545-012-009072&cha=0.7&stagid=60e6c98e8ca2e373fa016445&stplid=60e6bb892012ca07822691f6&cb=67965005514&d9=1000&AV_WIDTH=300&AV_HEIGHT=169
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 05 Sep 2021 09:42:33 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame D701 		67 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12944529&domain=tribunnews.com&loc=tribunnews.com&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:34 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1630834954489046-380
Expires
Sun, 05 Sep 2021 09:42:34 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame D701 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADvEF1c0MDsgN3F&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d17d22b4d186c3dddc5a41&item=YWRuXzU5ODLxIoU5fiYjEA%3D%3D.3.wp3sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:33 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 8E20 		67 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12944625&domain=tribunnews.com&loc=tribunnews.com&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:34 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1630834954568022-420
Expires
Sun, 05 Sep 2021 09:42:34 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 8E20 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d136d414dfb5da53102961&item=YWRuXzU5OTFLbsN7sM8Taw%3D%3D.3.wp3sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:33 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 8E20 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec0e2d95d136d414dfb5da53102961%3A0%3AYWRuXzU4ODcoXcQ2RbU9tg%3D%3D~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU4ODcoXcQ2RbU9tg%3D%3D~wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec0e2d95d136d414dfb5da53102961%3A0%3AYWRuXzU5NDBR2c45QymL8Q%3D%3D~wp2sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5NDBR2c45QymL8Q%3D%3D~wp2sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:33 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
/
ads.viralize.tv/track/ Frame D701 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec0e2d95d17d22b4d186c3dddc5a41%3A0%3AYWRuXzQ2MTnoFV5GeobRcA%3D%3D~wp2sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ2MTnoFV5GeobRcA%3D%3D~wp2sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:33 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
i
aux.fqtag.com/aux/ Frame 7D11 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/i
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 05 Sep 2021 09:42:33 GMT
via
1.1 google
alt-svc
clear
p
aux.fqtag.com/aux/ Frame 7D11 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/p
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 05 Sep 2021 09:42:34 GMT
via
1.1 google
alt-svc
clear
ac
www8.smartadserver.com/ Frame D701
Redirect Chain
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1343580&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1630834952&vpw=300&vph=169&pgDomain=tribunnews.com&gdpr_consent=&gdpr...
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1343580&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1630834952&vpw=300&vph=169&pgDomain=tribunnews.com&gdpr_consent=&gdpr...
129 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=115779&pgid=1343580&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1630834952&vpw=300&vph=169&pgDomain=tribunnews.com&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4601%2C1%2C%2C%2C&cklb=1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:34 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:34 GMT
location
https://www8.smartadserver.com/ac?siteid=115779&pgid=1343580&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1630834952&vpw=300&vph=169&pgDomain=tribunnews.com&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4601%2C1%2C%2C%2C&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
/
ads.viralize.tv/t-bid-opportunity/ Frame D701 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADvEF1c0MDsgN3F&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d17d22b4d186c3dddc5a41&item=YWRuXzU5ODS-YIjxxk9_4Q%3D%3D.4.wp4sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
ac
www8.smartadserver.com/ Frame 8E20
Redirect Chain
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1343573&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1630834952&vpw=300&vph=169&pgDomain=tribunnews.com&gdpr_consent=&gdpr...
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1343573&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1630834952&vpw=300&vph=169&pgDomain=tribunnews.com&gdpr_consent=&gdpr...
129 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=115779&pgid=1343573&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1630834952&vpw=300&vph=169&pgDomain=tribunnews.com&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4601%2C1%2C%2C%2C&cklb=1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:34 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:34 GMT
location
https://www8.smartadserver.com/ac?siteid=115779&pgid=1343573&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1630834952&vpw=300&vph=169&pgDomain=tribunnews.com&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4601%2C1%2C%2C%2C&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
/
ads.viralize.tv/t-bid-opportunity/ Frame 8E20 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d136d414dfb5da53102961&item=YWRuXzU5ODEi0aXgDt_c3Q%3D%3D.4.wp4sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame D701 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec0e2d95d17d22b4d186c3dddc5a41%3A0%3AYWRuXzU5ODLxIoU5fiYjEA%3D%3D~wp3sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5ODLxIoU5fiYjEA%3D%3D~wp3sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
/
ads.viralize.tv/track/ Frame 8E20 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec0e2d95d136d414dfb5da53102961%3A0%3AYWRuXzU5OTFLbsN7sM8Taw%3D%3D~wp3sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5OTFLbsN7sM8Taw%3D%3D~wp3sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
shim.gif
creatives.sascdn.com/ Frame D701 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.120 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-120.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:34 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
Apache
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 05 Sep 2022 09:42:34 GMT
/
ads.viralize.tv/d-vast/ Frame D701 		71 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/d-vast/?zid=AADvEF1c0MDsgN3F&u=https%3A%2F%2Fmedan.tribunnews.com%2F&cbb=834949091&sid=01ec0e2d95d17d22b4d186c3dddc5a41&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017bb556879c3980937a67481abddbc0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A2025%2C%22height%22%3A8917%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A300%2C%22height%22%3A169%7D%7D&dd=medan.tribunnews.com&sc=1&gdpr=1&cmp=unavailable&wfp=5&rcx=460.a05dc8e3.1.12
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
shim.gif
creatives.sascdn.com/ Frame 8E20 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.66c7c3e7.js?e=PL-163-c4f51e75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.120 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-120.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:34 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
Apache
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 05 Sep 2022 09:42:34 GMT
/
ads.viralize.tv/d-vast/ Frame 8E20 		71 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/d-vast/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fmedan.tribunnews.com%2F&cbb=834949090&sid=01ec0e2d95d136d414dfb5da53102961&experiment=PL-163-c4f51e75.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017bb556879c3980937a67481abddbc0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A2025%2C%22height%22%3A8917%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A300%2C%22height%22%3A169%7D%7D&dd=medan.tribunnews.com&sc=1&gdpr=1&cmp=unavailable&wfp=5&rcx=460.a05dc8e3.1.12
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
ptv
secure.adnxs.com/ Frame D701 		85 B
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?member=9986&id=19417518&vplaybackmethod=2&referrer=tribunnews.com&gdpr=1&gdpr_consent=&cb=1630834952
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:34 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
684302d6-ff8f-418e-a827-8b2667c33acf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame D701 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADvEF1c0MDsgN3F&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d17d22b4d186c3dddc5a41&item=YWRuXzUzMTgbLoUOzld7lg%3D%3D.6.wp6sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
ptv
secure.adnxs.com/ Frame 8E20 		27 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?member=9986&id=19417522&vplaybackmethod=2&referrer=tribunnews.com&gdpr=1&gdpr_consent=&cb=1630834952
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:34 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
682d814e-1523-423e-9d76-18cef6f43bf8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 8E20 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d136d414dfb5da53102961&item=YWRuXzUwMTMP-UfM06EaIg%3D%3D.6.wp6sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame D701 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec0e2d95d17d22b4d186c3dddc5a41%3A0%3AYWRuXzU5ODS-YIjxxk9_4Q%3D%3D~wp4sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5ODS-YIjxxk9_4Q%3D%3D~wp4sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
/
ads.viralize.tv/track/ Frame 8E20 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec0e2d95d136d414dfb5da53102961%3A0%3AYWRuXzU5ODEi0aXgDt_c3Q%3D%3D~wp4sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5ODEi0aXgDt_c3Q%3D%3D~wp4sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
vast_error
ib.adnxs.com/ Frame D701 		0
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/vast_error
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:34 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
99889dc8-dba4-4346-953d-86be573453e1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame D701 		65 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=952592&t=2&url=https%3A%2F%2Fmedan.tribunnews.com%2F&gdpr=1&gdpr_consent=&w=300&h=169&t=1&random=1630834952
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
ads.viralize.tv/t-bid-opportunity/ Frame D701 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADvEF1c0MDsgN3F&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d17d22b4d186c3dddc5a41&item=YWRuXzU5MDYkYm9wCJ1k6A%3D%3D.7.wp7sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
adx.adform.net/adx/ Frame 8E20 		65 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=952579&t=2&url=https%3A%2F%2Fmedan.tribunnews.com%2F&gdpr=1&gdpr_consent=&w=300&h=169&t=1&random=1630834952
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
ads.viralize.tv/t-bid-opportunity/ Frame 8E20 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d136d414dfb5da53102961&item=YWRuXzU5MDPAbZbCBWpFiQ%3D%3D.7.wp7sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame D701 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec0e2d95d17d22b4d186c3dddc5a41%3A0%3AYWRuXzUzMTgbLoUOzld7lg%3D%3D~wp6sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUzMTgbLoUOzld7lg%3D%3D~wp6sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame D701 		982 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2564edf5370f34ab3820bd41d382a2de3b249a8696d3119f1edb283f042a66d6

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:35 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5b1869b8fc7b9"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
606
expires
Sun, 05 Sep 2021 09:42:35 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame D701 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADvEF1c0MDsgN3F&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d17d22b4d186c3dddc5a41&item=YWRuXzQ3MzHWonrNMPHyzQ%3D%3D.8.wp8sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:34 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 8E20 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec0e2d95d136d414dfb5da53102961%3A0%3AYWRuXzUwMTMP-UfM06EaIg%3D%3D~wp6sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUwMTMP-UfM06EaIg%3D%3D~wp6sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
/
ads.viralize.tv/t-bid-done/ Frame D701 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADvEF1c0MDsgN3F&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&item=YWRuXzQ3MzHWonrNMPHyzQ%3D%3D&sc=wp8sc1&l=vpaid&as=PubMatic&ct=application%2Fjavascript&sid=01ec0e2d95d17d22b4d186c3dddc5a41
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame CC92 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.66c7c3e7.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 8E20 		982 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
78d07a82b51dccc92f0e2e0083753b51f6254db52aa53b72d8beda3f082547bc

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:35 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5b1869b8fc7b9"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Sun, 05 Sep 2021 09:42:35 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 8E20 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&sid=01ec0e2d95d136d414dfb5da53102961&item=YWRuXzYwMzne7x9rsv40Jg%3D%3D.8.wp8sc1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame D701 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec0e2d95d17d22b4d186c3dddc5a41%3A0%3AYWRuXzU5MDYkYm9wCJ1k6A%3D%3D~wp7sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5MDYkYm9wCJ1k6A%3D%3D~wp7sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec0e2d95d17d22b4d186c3dddc5a41%3A0%3AYWRuXzQ3MzHWonrNMPHyzQ%3D%3D~wp8sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AE42 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medan.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KTPCACOOKIE=YES; SyncRTB3=1632009600%3A220; KADUSERCOOKIE=741E59CC-4A30-4A62-943B-5D206E8CAD34; KRTBCOOKIE_466=16530-ea8075a1-8333-4bda-b073-e6e04ec12baf; PugT=1630834951; PUBMDCID=3; chkChromeAb67Sec=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=166207
expires
Tue, 07 Sep 2021 07:52:42 GMT
date
Sun, 05 Sep 2021 09:42:35 GMT
vary
Accept-Encoding
/
ads.viralize.tv/track/ Frame 8E20 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec0e2d95d136d414dfb5da53102961%3A0%3AYWRuXzU5MDPAbZbCBWpFiQ%3D%3D~wp7sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5MDPAbZbCBWpFiQ%3D%3D~wp7sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
/
ads.viralize.tv/t-bid-done/ Frame 8E20 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADqeagKps_2jM40&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fmedan.tribunnews.com%2F&t=adn&item=YWRuXzYwMzne7x9rsv40Jg%3D%3D&sc=wp8sc1&l=vpaid&as=PubMatic&ct=application%2Fjavascript&sid=01ec0e2d95d136d414dfb5da53102961
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 0D26 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.66c7c3e7.js?e=PL-163-c4f51e75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
PugMaster
image6.pubmatic.com/AdServer/ Frame AE42 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26041711&p=158361&s=857612&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2e7091b89c343a88e0a605b70cf775bdb8905e10b165b48c266bd059c0693af5

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:33 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame E5AF 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medan.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SyncRTB3=1632009600%3A220; KADUSERCOOKIE=741E59CC-4A30-4A62-943B-5D206E8CAD34; KRTBCOOKIE_466=16530-ea8075a1-8333-4bda-b073-e6e04ec12baf; PugT=1630834951; PUBMDCID=3; chkChromeAb67Sec=2; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=153905
expires
Tue, 07 Sep 2021 04:27:40 GMT
date
Sun, 05 Sep 2021 09:42:35 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame CC92 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=153905
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Tue, 07 Sep 2021 04:27:40 GMT
/
ads.viralize.tv/track/ Frame 8E20 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec0e2d95d136d414dfb5da53102961%3A0%3AYWRuXzYwMzne7x9rsv40Jg%3D%3D~wp8sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame 64B8 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medan.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SyncRTB3=1632009600%3A220; KADUSERCOOKIE=741E59CC-4A30-4A62-943B-5D206E8CAD34; KRTBCOOKIE_466=16530-ea8075a1-8333-4bda-b073-e6e04ec12baf; PugT=1630834951; PUBMDCID=3; chkChromeAb67Sec=2; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=153905
expires
Tue, 07 Sep 2021 04:27:40 GMT
date
Sun, 05 Sep 2021 09:42:35 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0D26 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=153905
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Tue, 07 Sep 2021 04:27:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9_qAdkWLejkcc0hKQtw4qEnvE8go1X4v6RfL-0rmFtjYOVBGucyaWp2Z94fDmvWiQX6MHOwtzbtPfV_1xm6iXzoRJWk3-Asn2Ermwl0fd-Kz5rEYygfVX1S-2ojoEIYQd-XrcrxU7bMfDf-Qsko5b51e3wKLUL9rTpc3j89BFeuGJPfsUKHyaGgdbPq9cSkK6PCArbSNYpeKmQapHFVaZMVfNudKcZyde7IP3q9uW-H2378w2YkOju_YK83EA9xj7vA1e4wwLjIhxeyc4fsMwYPNLKbZPSjLwVHMPyuS-gqTxFdosSnDOZKMECdzGxMSpfzITh1cW&sai=AMfl-YQGvuwW6xL4FN6lhApPTKrqcn2T6D8iWZVxzs-tHmMu0r1V8nEPfiwqGb_RqB00cCvNRxOr0EtJ8kdYRwfkJL2aB1Lgb6vbMIpPAlUFnidavmXuwCCqyFaz5z9FlR-S&sig=Cg0ArKJSzECZkJCBTmRWEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 05 Sep 2021 09:42:35 GMT
match
c1.adform.net/serving/cookie/ Frame 4DED
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=741E59CC-4A30-4A62-943B-5D206E8CAD34
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=741E59CC-4A30-4A62-943B-5D206E8CAD34
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=741E59CC-4A30-4A62-943B-5D206E8CAD34
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=741E59CC-4A30-4A62-943B-5D206E8CAD34
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 05 Sep 2021 09:42:37 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=3959325951608369298; expires=Thu, 04 Nov 2021 09:42:37 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sun, 05 Sep 2021 09:42:37 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=741E59CC-4A30-4A62-943B-5D206E8CAD34
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Tue, 05 Oct 2021 09:42:37 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 55E7
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8944851385841554304
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8944851385841554304
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8944851385841554304
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=741E59CC-4A30-4A62-943B-5D206E8CAD34; KRTBCOOKIE_466=16530-ea8075a1-8333-4bda-b073-e6e04ec12baf; PUBMDCID=3; chkChromeAb67Sec=3; DPSync3=1632009600%3A201_197_219%7C1630886400%3A174; SyncRTB3=1632009600%3A166_176_7_71_99_13_204_88_161_81_165_222_231_104_56_55_8_22_234_21_3_230_189_220_54%7C1633392000%3A203%7C1631404800%3A223_15_2%7C1632096000%3A35%7C1631664000%3A63; KRTBCOOKIE_80=22987-CAESEOsVQbL4wYxBIYNJQObCm9c&KRTB&16514-CAESEOsVQbL4wYxBIYNJQObCm9c&KRTB&23025-CAESEOsVQbL4wYxBIYNJQObCm9c; KRTBCOOKIE_377=6810-ec30df9a-8de8-44ad-a1e7-3890fce2c6c3&KRTB&22918-ec30df9a-8de8-44ad-a1e7-3890fce2c6c3&KRTB&23031-ec30df9a-8de8-44ad-a1e7-3890fce2c6c3; KRTBCOOKIE_153=19420-bypW8GAqVaZ0L1T0biJI9D8uUaJ0fwD3YSmSTLGM&KRTB&22979-bypW8GAqVaZ0L1T0biJI9D8uUaJ0fwD3YSmSTLGM; KRTBCOOKIE_22=14911-4389472509684845394; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_0959b032-c273-4f58-9ce2-e2e47666ec55; KRTBCOOKIE_218=22978-YTSRDAAEQnNMZgAC&KRTB&23194-YTSRDAAEQnNMZgAC&KRTB&23209-YTSRDAAEQnNMZgAC&KRTB&23244-YTSRDAAEQnNMZgAC; PugT=1630834956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 05 Sep 2021 09:42:36 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-8944851385841554304; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 05-Oct-2021 09:42:36 GMT; path=/ PugT=1630834956; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 05-Oct-2021 09:42:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 04-Dec-2021 09:42:36 GMT; path=/
x-lat
lhrpug001:0:479
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8944851385841554304
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 9F2E 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sun, 05 Sep 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1162
x-powered-by
ASP.NET
date
Sun, 05 Sep 2021 09:42:36 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame CDAD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7004382805510846617
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7004382805510846617
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7004382805510846617
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=741E59CC-4A30-4A62-943B-5D206E8CAD34; KRTBCOOKIE_466=16530-ea8075a1-8333-4bda-b073-e6e04ec12baf; PUBMDCID=3; chkChromeAb67Sec=3; DPSync3=1632009600%3A201_197_219%7C1630886400%3A174; SyncRTB3=1632009600%3A166_176_7_71_99_13_204_88_161_81_165_222_231_104_56_55_8_22_234_21_3_230_189_220_54%7C1633392000%3A203%7C1631404800%3A223_15_2%7C1632096000%3A35%7C1631664000%3A63; KRTBCOOKIE_80=22987-CAESEOsVQbL4wYxBIYNJQObCm9c&KRTB&16514-CAESEOsVQbL4wYxBIYNJQObCm9c&KRTB&23025-CAESEOsVQbL4wYxBIYNJQObCm9c; KRTBCOOKIE_377=6810-ec30df9a-8de8-44ad-a1e7-3890fce2c6c3&KRTB&22918-ec30df9a-8de8-44ad-a1e7-3890fce2c6c3&KRTB&23031-ec30df9a-8de8-44ad-a1e7-3890fce2c6c3; KRTBCOOKIE_153=19420-bypW8GAqVaZ0L1T0biJI9D8uUaJ0fwD3YSmSTLGM&KRTB&22979-bypW8GAqVaZ0L1T0biJI9D8uUaJ0fwD3YSmSTLGM; KRTBCOOKIE_22=14911-4389472509684845394; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_0959b032-c273-4f58-9ce2-e2e47666ec55; KRTBCOOKIE_218=22978-YTSRDAAEQnNMZgAC&KRTB&23194-YTSRDAAEQnNMZgAC&KRTB&23209-YTSRDAAEQnNMZgAC&KRTB&23244-YTSRDAAEQnNMZgAC; KRTBCOOKIE_336=5844-8944851385841554304; KRTBCOOKIE_27=16735-uid:80356134-910c-4b00-a0f3-1425ef316839&KRTB&16736-uid:80356134-910c-4b00-a0f3-1425ef316839&KRTB&23019-uid:80356134-910c-4b00-a0f3-1425ef316839&KRTB&23114-uid:80356134-910c-4b00-a0f3-1425ef316839; SPugT=1630834956; KRTBCOOKIE_279=22890-9a86699f-0e2d-11ec-ba3c-09af8c3825be&KRTB&23011-9a86699f-0e2d-11ec-ba3c-09af8c3825be; PugT=1630834957; KRTBCOOKIE_391=22924-6261143938205046305&KRTB&23263-6261143938205046305
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 05 Sep 2021 09:42:37 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7004382805510846617; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 05-Oct-2021 09:42:37 GMT; path=/ PugT=1630834957; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 05-Oct-2021 09:42:37 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 04-Dec-2021 09:42:37 GMT; path=/
x-lat
lhrpug016:0:689
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sun, 05 Sep 2021 09:42:37 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7004382805510846617; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7004382805510846617
adx
match.prod.bidr.io/cookie-sync/ Frame 1DCB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCc3dFN0NhU0lBQUNSX1N6LW5WZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.238.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-238-187.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AABswE7CaSIAACR_Sz-nVg; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sun, 05 Sep 2021 09:42:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Sun, 05 Sep 2021 09:42:38 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
csync.loopme.me/ Frame 61CC 		85 B
152 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.6.212 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.6.55.162.clients.your-server.de
Software
_ /
Resource Hash
e482a48fef03d183029fa2edf995fc8e9ce023f18649fd1d9149958e977068a1

Request headers

:method
GET
:authority
csync.loopme.me
:scheme
https
:path
/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
85
content-type
text/plain
date
Sun, 05 Sep 2021 09:42:38 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 956F
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=741E59CC-4A30-4A62-943B-5D206E8CAD34; KRTBCOOKIE_466=16530-ea8075a1-8333-4bda-b073-e6e04ec12baf; PUBMDCID=3; chkChromeAb67Sec=3; DPSync3=1632009600%3A201_197_219%7C1630886400%3A174; SyncRTB3=1632009600%3A166_176_7_71_99_13_204_88_161_81_165_222_231_104_56_55_8_22_234_21_3_230_189_220_54%7C1633392000%3A203%7C1631404800%3A223_15_2%7C1632096000%3A35%7C1631664000%3A63; KRTBCOOKIE_80=22987-CAESEOsVQbL4wYxBIYNJQObCm9c&KRTB&16514-CAESEOsVQbL4wYxBIYNJQObCm9c&KRTB&23025-CAESEOsVQbL4wYxBIYNJQObCm9c; KRTBCOOKIE_377=6810-ec30df9a-8de8-44ad-a1e7-3890fce2c6c3&KRTB&22918-ec30df9a-8de8-44ad-a1e7-3890fce2c6c3&KRTB&23031-ec30df9a-8de8-44ad-a1e7-3890fce2c6c3; KRTBCOOKIE_153=19420-bypW8GAqVaZ0L1T0biJI9D8uUaJ0fwD3YSmSTLGM&KRTB&22979-bypW8GAqVaZ0L1T0biJI9D8uUaJ0fwD3YSmSTLGM; KRTBCOOKIE_22=14911-4389472509684845394; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_0959b032-c273-4f58-9ce2-e2e47666ec55; KRTBCOOKIE_218=22978-YTSRDAAEQnNMZgAC&KRTB&23194-YTSRDAAEQnNMZgAC&KRTB&23209-YTSRDAAEQnNMZgAC&KRTB&23244-YTSRDAAEQnNMZgAC; KRTBCOOKIE_336=5844-8944851385841554304; KRTBCOOKIE_27=16735-uid:80356134-910c-4b00-a0f3-1425ef316839&KRTB&16736-uid:80356134-910c-4b00-a0f3-1425ef316839&KRTB&23019-uid:80356134-910c-4b00-a0f3-1425ef316839&KRTB&23114-uid:80356134-910c-4b00-a0f3-1425ef316839; SPugT=1630834956; KRTBCOOKIE_279=22890-9a86699f-0e2d-11ec-ba3c-09af8c3825be&KRTB&23011-9a86699f-0e2d-11ec-ba3c-09af8c3825be; PugT=1630834957; KRTBCOOKIE_391=22924-6261143938205046305&KRTB&23263-6261143938205046305; KRTBCOOKIE_1101=23040-7004382805510846617
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 05 Sep 2021 09:42:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 04-Dec-2021 09:42:38 GMT; path=/ PugT=1630834958; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 05-Oct-2021 09:42:38 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 04-Dec-2021 09:42:38 GMT; path=/
x-lat
lhrpug008:0:464
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sun, 05 Sep 2021 09:42:38 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
etag
OPTOUT
bridge
cm.adgrx.com/ Frame DFCD 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sun, 05 Sep 2021 09:42:39 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
image2.pubmatic.com/AdServer/ Frame 66D4
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=n6jMLj9NLR9exVZ1Am1ZXbjm
42 B
295 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=n6jMLj9NLR9exVZ1Am1ZXbjm
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=n6jMLj9NLR9exVZ1Am1ZXbjm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=741E59CC-4A30-4A62-943B-5D206E8CAD34; KRTBCOOKIE_466=16530-ea8075a1-8333-4bda-b073-e6e04ec12baf; PUBMDCID=3; chkChromeAb67Sec=3; DPSync3=1632009600%3A201_197_219%7C1630886400%3A174; SyncRTB3=1632009600%3A166_176_7_71_99_13_204_88_161_81_165_222_231_104_56_55_8_22_234_21_3_230_189_220_54%7C1633392000%3A203%7C1631404800%3A223_15_2%7C1632096000%3A35%7C1631664000%3A63; KRTBCOOKIE_80=22987-CAESEOsVQbL4wYxBIYNJQObCm9c&KRTB&16514-CAESEOsVQbL4wYxBIYNJQObCm9c&KRTB&23025-CAESEOsVQbL4wYxBIYNJQObCm9c; KRTBCOOKIE_377=6810-ec30df9a-8de8-44ad-a1e7-3890fce2c6c3&KRTB&22918-ec30df9a-8de8-44ad-a1e7-3890fce2c6c3&KRTB&23031-ec30df9a-8de8-44ad-a1e7-3890fce2c6c3; KRTBCOOKIE_153=19420-bypW8GAqVaZ0L1T0biJI9D8uUaJ0fwD3YSmSTLGM&KRTB&22979-bypW8GAqVaZ0L1T0biJI9D8uUaJ0fwD3YSmSTLGM; KRTBCOOKIE_22=14911-4389472509684845394; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_0959b032-c273-4f58-9ce2-e2e47666ec55; KRTBCOOKIE_218=22978-YTSRDAAEQnNMZgAC&KRTB&23194-YTSRDAAEQnNMZgAC&KRTB&23209-YTSRDAAEQnNMZgAC&KRTB&23244-YTSRDAAEQnNMZgAC; KRTBCOOKIE_336=5844-8944851385841554304; KRTBCOOKIE_27=16735-uid:80356134-910c-4b00-a0f3-1425ef316839&KRTB&16736-uid:80356134-910c-4b00-a0f3-1425ef316839&KRTB&23019-uid:80356134-910c-4b00-a0f3-1425ef316839&KRTB&23114-uid:80356134-910c-4b00-a0f3-1425ef316839; SPugT=1630834956; KRTBCOOKIE_279=22890-9a86699f-0e2d-11ec-ba3c-09af8c3825be&KRTB&23011-9a86699f-0e2d-11ec-ba3c-09af8c3825be; PugT=1630834957; KRTBCOOKIE_391=22924-6261143938205046305&KRTB&23263-6261143938205046305; KRTBCOOKIE_1101=23040-7004382805510846617
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 05 Sep 2021 09:42:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-n6jMLj9NLR9exVZ1Am1ZXbjm; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 05-Oct-2021 09:42:38 GMT; path=/ PugT=1630834958; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 05-Oct-2021 09:42:38 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 04-Dec-2021 09:42:38 GMT; path=/
x-lat
lhrpug019:0:602
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sun, 05 Sep 2021 09:42:38 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=n6jMLj9NLR9exVZ1Am1ZXbjm; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=n6jMLj9NLR9exVZ1Am1ZXbjm
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 6FF5 		42 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7b12
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
689e82265b365c98-FRA
i.match
s.tribalfusion.com/z/ Frame EE29
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aRnoeUPME7vQmKvEjTehnhlcJhTrrYCr3Upg6nSG
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a7ns6EwyEojpuMNpbIUv5iXNZbhumkGsKYc8WLCZbTWZc06jcRCa54Sl0ZaoMQdFGfg3KBJpMSJyMvxTQEb0uQOd; path=/; domain=.tribalfusion.com; expires=Sat, 04-Dec-2021 09:42:35 GMT; SameSite=None; Secure; ANON_ID_old=a7ns6EwyEojpuMNpbIUv5iXNZbhumkGsKYc8WLCZbTWZc06jcRCa54Sl0ZaoMQdFGfg3KBJpMSJyMvxTQEb0uQOd; path=/; domain=.tribalfusion.com; expires=Sat, 04-Dec-2021 09:42:35 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
689e82277ca20629-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
66
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aRnoeUPME7vQmKvEjTehnhlcJhTrrYCr3Upg6nSG; path=/; domain=.tribalfusion.com; expires=Sat, 04-Dec-2021 09:42:35 GMT; SameSite=None; Secure; ANON_ID_old=aRnoeUPME7vQmKvEjTehnhlcJhTrrYCr3Upg6nSG; path=/; domain=.tribalfusion.com; expires=Sat, 04-Dec-2021 09:42:35 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
689e82266a0e0629-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 4A17
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3952477b-0aad-4bb0-85b5-bc15eed5b0df-tuct82e168b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3952477b-0aad-4bb0-85b5-bc15eed5b0df-tuct82e168b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3952477b-0aad-4bb0-85b5-bc15eed5b0df-tuct82e168b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=3952477b-0aad-4bb0-85b5-bc15eed5b0df-tuct82e168b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sun, 05 Sep 2021 09:42:35 GMT
via
1.1 varnish
x-served-by
cache-fra19153-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1630834956.848806,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=3952477b-0aad-4bb0-85b5-bc15eed5b0df-tuct82e168b;Version=1;Path=/;Domain=.taboola.com;Expires=Mon, 05-Sep-2022 09:42:35 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3952477b-0aad-4bb0-85b5-bc15eed5b0df-tuct82e168b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sun, 05 Sep 2021 09:42:35 GMT
via
1.1 varnish
x-served-by
cache-fra19125-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1630834955.266932,VS0,VE9
x-vcl-time-ms
9
content-length
0
141
match.deepintent.com/usersync/ Frame 74F3 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Sun, 05 Sep 2021 09:42:37 GMT
server
a
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AE42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dB5ZzEowSmKUO10gboytNA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=166207
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 07 Sep 2021 07:52:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2c316134-910c-4b00-8e26-ba2f4ba6e8a8
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2c316134-910c-4b00-8e26-ba2f4ba6e8a8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 05 Sep 2021 09:42:36 GMT
Server
MT3 3905 f19d76c master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2c316134-910c-4b00-8e26-ba2f4ba6e8a8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 05 Sep 2021 09:42:35 GMT
/
pixel.onaudience.com/ Frame AE42
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=741E59CC-4A30-4A62-943B-5D206E8CAD34
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=9b4c7f82-318a-4831-ad7d-ecc41780725a&icm
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b60358f5f90e57991d3213ba544d3e99
35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b60358f5f90e57991d3213ba544d3e99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.210.112.63 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-3.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Sun, 05 Sep 2021 09:42:40 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b60358f5f90e57991d3213ba544d3e99
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOsVQbL4wYxBIYNJQObCm9c&google_cver=1
42 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOsVQbL4wYxBIYNJQObCm9c&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:663
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOsVQbL4wYxBIYNJQObCm9c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame AE42 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:40 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 04 Sep 2021 09:42:40 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6261143938205046305
42 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6261143938205046305
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:37 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:494
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:37 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6261143938205046305
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:80356134-910c-4b00-a0f3-1425ef316839&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:80356134-910c-4b00-a0f3-1425ef316839&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:36 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:469
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 05 Sep 2021 09:42:36 GMT
Server
MT3 3905 f19d76c master cdg-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:80356134-910c-4b00-a0f3-1425ef316839&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 05 Sep 2021 09:42:35 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ec30df9a-8de8-44ad-a1e7-3890fce2c6c3
42 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ec30df9a-8de8-44ad-a1e7-3890fce2c6c3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:721
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ec30df9a-8de8-44ad-a1e7-3890fce2c6c3
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4468883261977636728&gdpr=0&gdpr_consent=
42 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4468883261977636728&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:42 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:532
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:42 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
faa33347-09d9-4635-92e1-66eab8b17d46
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4468883261977636728&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=741E59CC-4A30-4A62-943B-5D206E8CAD34&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=741E59CC-4A30-4A62-943B-5D206E8CAD34&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZTd6ILJE2uXMbNl4KcHmvirJNupK0xE-~A&gdpr=0&gdpr_consent=
0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZTd6ILJE2uXMbNl4KcHmvirJNupK0xE-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 05 Sep 2021 09:42:40 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZTd6ILJE2uXMbNl4KcHmvirJNupK0xE-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
741E59CC-4A30-4A62-943B-5D206E8CAD34
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AE42 		43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/741E59CC-4A30-4A62-943B-5D206E8CAD34?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bypW8GAqVaZ0L1T0biJI9D8uUaJ0fwD3YSmSTLGM
42 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bypW8GAqVaZ0L1T0biJI9D8uUaJ0fwD3YSmSTLGM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:546
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bypW8GAqVaZ0L1T0biJI9D8uUaJ0fwD3YSmSTLGM
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_b3564150-bed7-4e57-9b9a-ffe779320e2c&bsw_param=ea8075a1-8333-4bda-b073-e6e04ec12baf&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:692
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea8075a1-8333-4bda-b073-e6e04ec12baf&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 05 Sep 2021 09:42:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4389472509684845394&gdpr=0&gdpr_consent=&us_privacy=
1 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4389472509684845394&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:384
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4389472509684845394&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 05 Sep 2021 09:42:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTSRDAAEQnNMZgAC&gdpr=0&gdpr_consent=&_test=YTSRDAAEQnNMZgAC
1 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTSRDAAEQnNMZgAC&gdpr=0&gdpr_consent=&_test=YTSRDAAEQnNMZgAC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:36 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:463
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1630834957.532407,VS0,VE0
x-served-by
cache-fra19128-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTSRDAAEQnNMZgAC&gdpr=0&gdpr_consent=&_test=YTSRDAAEQnNMZgAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame AE42 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=741E59CC-4A30-4A62-943B-5D206E8CAD34&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:35 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:523
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:34 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:77aaf3ac-88df-485b-9c66-67f7a000177f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:77aaf3ac-88df-485b-9c66-67f7a000177f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:337
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:77aaf3ac-88df-485b-9c66-67f7a000177f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 05 Sep 2021 09:42:35 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4468883261977636728
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4468883261977636728
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:36 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:238
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 09:42:36 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2fc38426-c812-42e0-8428-4355d4b0dd55
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4468883261977636728
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_0959b032-c273-4f58-9ce2-e2e47666ec55
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_0959b032-c273-4f58-9ce2-e2e47666ec55
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:576
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_0959b032-c273-4f58-9ce2-e2e47666ec55
date
Sun, 05 Sep 2021 09:42:35 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame AE42
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9a86699f-0e2d-11ec-ba3c-09af8c3825be&gdpr=0&gdpr_consent=
1 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9a86699f-0e2d-11ec-ba3c-09af8c3825be&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:37 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:464
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9a86699f-0e2d-11ec-ba3c-09af8c3825be&gdpr=0&gdpr_consent=
Date
Sun, 05 Sep 2021 09:42:36 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
9a8669a0-0e2d-11ec-ba3c-09af8c3825be
ad
traid.jixie.io/sync/ Frame 2AF7 		0
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traid.jixie.io/sync/ad?action=midpoint&mediaurl=https%3A%2F%2Fcreatives.b-cdn.net%2F80c8a13725c68736d9faf7e5858d51f1%2F422%2F1437%2Fvideo_desktop_480p.mp4&jxlb=1&cid=1437&cpid=422&source=sdk&adtype=video&engine=std.2.708&client_id=9445c3c0-0e2d-11ec-9b7e-f511fedb537d&offerid=na&unit=00000000000000000000000000000000&pageurl=https%3A%2F%2Fimasdk.googleapis.com%2F&domain=jixie.io&sid=1630834946-9445c3c0-0e2d-11ec-9b7e-f511fedb537d&device=desktop&sessionts=1630834948255&jxub=2&jxtok=3040021e0711036bddb75d6a790ef118f49e1f4b856e3bcc29320cf94b8530c957c9021e0a724912e70585aa8649cdcbd767007c0cfd86bda8785aa7e1a5379b0cae&stackidx=0&stackdepth=1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 05 Sep 2021 09:42:34 GMT
Cache-Control
private
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Vary
Origin
AdServerServlet
vid.pubmatic.com/AdServer/ Frame CC92 		27 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952&us_privacy=&cb=1630834955118&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fmedan.tribunnews.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fmedan.tribunnews.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-5%2011:42:35&ranreq=0.08458842794755261&timezone=2&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
content-type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 0D26 		27 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952&us_privacy=&cb=1630834955156&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fmedan.tribunnews.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fmedan.tribunnews.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-5%2011:42:35&ranreq=0.7609336824018589&timezone=2&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame 0D26 		0
0
track
aktrack.pubmatic.com/ Frame CC92 		0
0
track
aktrack.pubmatic.com/ Frame 8E20 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=795650&a=3435608&ts=1630834955&wa=0&e=96&ier=901
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-length
0
content-type
text/html
track
aktrack.pubmatic.com/ Frame D701 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=662277&a=2645917&ts=1630834955&wa=0&e=96&ier=901
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:35 GMT
content-length
0
content-type
text/html
sync.js
s.adtelligent.com/ Frame D481 		873 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.js?aid=620136
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
10bb9f6536e7477fcb05163e3a6b032a668d45e54f8cd8a7f5023015a7852124

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 09:42:35 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
text/javascript
Access-Control-Allow-Origin
https://medan.tribunnews.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
432
request
aux-log1-sh.vertamedia.com/campaign/ 		33 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux-log1-sh.vertamedia.com/campaign/request?cmpId=495741&protocol=vpaidjs&waterfall_position=1&waterfall_id=18791993&advId=285051&isvm=0&performance=904&site_full_url=https%3A%2F%2Fmedan.tribunnews.com%2F&height=169&aid=620136&width=300&cb=834949089&v=2.4.147&t=js&adId=1CA14F339EF5D321&sid=0&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Fmedan.tribunnews.com&tte=0
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.220.182.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia /
Resource Hash
2dae105cc6409ab75a47a82ac4a9d7b1cb091e2d5d27892792aabbb0e12d9cff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:35 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia
Connection
Keep-Alive
Content-Length
33
Content-Type
text/plain; charset=utf-8
ad
ssp.lkqd.net/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=218&sid=1129814&output=vastvpaid&support=html5&execution=any&placement=&playinit=auto&volume=100&width=300&height=169&dnt=0&gdpr={gdpr}&gdprcs={gdpr_consent}&us_privacy=[US_PRIVACY]&ip=2a01:4f8:121:131a::2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&pageurl=https%3A%2F%2Fmedan.tribunnews.com&contentid={video_id}&contenttitle={video_title}&contentlength={ad_duration}&contenturl={video_url}&rnd=163083495299228715&cb=1630834955947
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
9a4c69b2d26e51141a1ea26f802458bb5cc1cee9a602a44b4ca4d586e63133f3

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:36 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1484
ad
ssp.lkqd.net/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=218&sid=1126003&output=vastvpaid&support=html5&execution=any&placement=&playinit=auto&volume=100&width=300&height=169&dnt=0&gdpr={gdpr}&gdprcs={gdpr_consent}&us_privacy=[US_PRIVACY]&ip=2a01:4f8:121:131a::2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&pageurl=https%3A%2F%2Fmedan.tribunnews.com&contentid={video_id}&contenttitle={video_title}&contentlength={ad_duration}&contenturl={video_url}&rnd=163083495299228715&cb=1630834955947
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0a03d9f01ad8deafa762cfaf46a3bcae1c9c50e9042fe859774371b3ba0c7ebf

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:36 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1483
/
endpoint.take1rtb.com/ 		0
0
request
aux-log2-sh.vertamedia.com/campaign/ 		33 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux-log2-sh.vertamedia.com/campaign/request?cmpId=495741&protocol=vpaidjs&waterfall_position=1&waterfall_id=18791993&advId=285051&isvm=0&performance=904&site_full_url=https%3A%2F%2Fmedan.tribunnews.com%2F&height=169&aid=620136&width=300&cb=834949089&v=2.4.147&t=js&adId=1CA14F339EF5D321&sid=0&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Fmedan.tribunnews.com&tte=0
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia /
Resource Hash
2dae105cc6409ab75a47a82ac4a9d7b1cb091e2d5d27892792aabbb0e12d9cff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:36 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia
Connection
Keep-Alive
Content-Length
33
Content-Type
text/plain; charset=utf-8
request
aux-log1-sh.vertamedia.com/campaign/ 		33 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux-log1-sh.vertamedia.com/campaign/request?cmpId=473775&protocol=vpaidjs&waterfall_position=2&waterfall_id=18791993&advId=285051&isvm=0&performance=905&site_full_url=https%3A%2F%2Fmedan.tribunnews.com%2F&height=169&aid=620136&width=300&cb=834949089&v=2.4.147&t=js&adId=1CA14F339EF5D321&sid=0&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Fmedan.tribunnews.com&tte=0
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.220.182.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia /
Resource Hash
2dae105cc6409ab75a47a82ac4a9d7b1cb091e2d5d27892792aabbb0e12d9cff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:37 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia
Connection
Keep-Alive
Content-Length
33
Content-Type
text/plain; charset=utf-8
SPug
simage4.pubmatic.com/AdServer/ Frame AE42 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158361&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
vpaid.js
ad.lkqd.net/vpaid/ Frame 4870 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:37 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1630834957.cds129.am5.hn,1630834957.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame 0B83 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:37 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1630834957.cds129.am5.hn,1630834957.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 4870 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=218&sid=1129814&output=json2&support=html5&execution=any&placement=&playinit=auto&volume=100&width=300&height=170&dnt=0&gdpr={gdpr}&gdprcs={gdpr_consent}&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fmedan.tribunnews.com&contentid={video_id}&contenttitle={video_title}&contentlength={ad_duration}&contenturl={video_url}&rnd=163083495299228715&cb=1630834955947&thost=medan.tribunnews.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
8c0a9ece4bccd72580495eb954dfb4298b283dbe7a277893460f7ea8a9f87673

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 05 Sep 2021 09:42:37 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1793
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=218&sid=1129814&output=json2&support=html5&execution=any&placement=&playinit=auto&volume=100&width=300&height=170&dnt=0&gdpr={gdpr}&gdprcs={gdpr_consent}&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fmedan.tribunnews.com&contentid={video_id}&contenttitle={video_title}&contentlength={ad_duration}&contenturl={video_url}&rnd=163083495299228715&cb=1630834955947&thost=medan.tribunnews.com
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://medan.tribunnews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 05 Sep 2021 09:42:37 GMT
content-length
0
access-control-allow-origin
https://medan.tribunnews.com
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
cs
cs.lkqd.net/ Frame 0B83 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.187 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 0B83 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.187 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 0B83 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.187 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 0B83 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.187 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 0B83
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389472509684845394
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389472509684845394
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.187 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389472509684845394
pragma
no-cache
date
Sun, 05 Sep 2021 09:42:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame A264 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.77 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.77 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://medan.tribunnews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 05 Sep 2021 09:42:37 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://medan.tribunnews.com
request
aux-log2-sh.vertamedia.com/campaign/ 		33 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux-log2-sh.vertamedia.com/campaign/request?cmpId=473775&protocol=vpaidjs&waterfall_position=2&waterfall_id=18791993&advId=285051&isvm=0&performance=905&site_full_url=https%3A%2F%2Fmedan.tribunnews.com%2F&height=169&aid=620136&width=300&cb=834949089&v=2.4.147&t=js&adId=1CA14F339EF5D321&sid=0&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Fmedan.tribunnews.com&tte=0
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia /
Resource Hash
2dae105cc6409ab75a47a82ac4a9d7b1cb091e2d5d27892792aabbb0e12d9cff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:37 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia
Connection
Keep-Alive
Content-Length
33
Content-Type
text/plain; charset=utf-8
ad
traid.jixie.io/sync/ Frame 2AF7 		0
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traid.jixie.io/sync/ad?action=thirdQuartile&mediaurl=https%3A%2F%2Fcreatives.b-cdn.net%2F80c8a13725c68736d9faf7e5858d51f1%2F422%2F1437%2Fvideo_desktop_480p.mp4&jxlb=1&cid=1437&cpid=422&source=sdk&adtype=video&engine=std.2.708&client_id=9445c3c0-0e2d-11ec-9b7e-f511fedb537d&offerid=na&unit=00000000000000000000000000000000&pageurl=https%3A%2F%2Fimasdk.googleapis.com%2F&domain=jixie.io&sid=1630834946-9445c3c0-0e2d-11ec-9b7e-f511fedb537d&device=desktop&sessionts=1630834948255&jxub=2&jxtok=3040021e0711036bddb75d6a790ef118f49e1f4b856e3bcc29320cf94b8530c957c9021e0a724912e70585aa8649cdcbd767007c0cfd86bda8785aa7e1a5379b0cae&stackidx=0&stackdepth=1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 05 Sep 2021 09:42:37 GMT
Cache-Control
private
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Vary
Origin
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.77 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://medan.tribunnews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 05 Sep 2021 09:42:38 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://medan.tribunnews.com
t
t.lkqd.net/ Frame A264 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.77 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
dc_oe=ChMIsu_fzcXn8gIVSuW7CB2a5wGUEAAYACDuh8lIQhMIgePDzcXn8gIV1nHgCh1y_w4M;met=1;&timestamp=1630834958177;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C964 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsu_fzcXn8gIVSuW7CB2a5wGUEAAYACDuh8lIQhMIgePDzcXn8gIV1nHgCh1y_w4M;met=1;&timestamp=1630834958177;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request
aux-log1-sh.vertamedia.com/campaign/ 		33 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux-log1-sh.vertamedia.com/campaign/request?cmpId=570135&protocol=vpaidjs&waterfall_position=3&waterfall_id=18791993&advId=313914&isvm=0&performance=927&site_full_url=https%3A%2F%2Fmedan.tribunnews.com%2F&height=169&aid=620136&width=300&cb=834949089&v=2.4.147&t=js&adId=1CA14F339EF5D321&sid=0&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Fmedan.tribunnews.com&tte=0
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.220.182.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia /
Resource Hash
2dae105cc6409ab75a47a82ac4a9d7b1cb091e2d5d27892792aabbb0e12d9cff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:38 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia
Connection
Keep-Alive
Content-Length
33
Content-Type
text/plain; charset=utf-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 92B8 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:38 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1630834958.cds129.am5.hn,1630834958.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame B8AB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:38 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1630834958.cds129.am5.hn,1630834958.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=218&sid=1126003&output=json2&support=html5&execution=any&placement=&playinit=auto&volume=100&width=300&height=170&dnt=0&gdpr={gdpr}&gdprcs={gdpr_consent}&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fmedan.tribunnews.com&contentid={video_id}&contenttitle={video_title}&contentlength={ad_duration}&contenturl={video_url}&rnd=163083495299228715&cb=1630834955947&thost=medan.tribunnews.com
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://medan.tribunnews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 05 Sep 2021 09:42:38 GMT
content-length
0
access-control-allow-origin
https://medan.tribunnews.com
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 92B8 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=218&sid=1126003&output=json2&support=html5&execution=any&placement=&playinit=auto&volume=100&width=300&height=170&dnt=0&gdpr={gdpr}&gdprcs={gdpr_consent}&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fmedan.tribunnews.com&contentid={video_id}&contenttitle={video_title}&contentlength={ad_duration}&contenturl={video_url}&rnd=163083495299228715&cb=1630834955947&thost=medan.tribunnews.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
2097e8485772e8c4cbc84d10520a153f2fc55a1d44dc632cb52216f6a52177d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 05 Sep 2021 09:42:38 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1794
cs
cs.lkqd.net/ Frame B8AB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.187 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B8AB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.187 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B8AB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.187 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B8AB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.187 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B8AB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389479106754612050
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389479106754612050
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.187 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389479106754612050
pragma
no-cache
date
Sun, 05 Sep 2021 09:42:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame ED46 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.77 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.77 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://medan.tribunnews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 05 Sep 2021 09:42:38 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://medan.tribunnews.com
t
t.lkqd.net/ Frame ED46 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.77 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Sun, 05 Sep 2021 09:42:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.77 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://medan.tribunnews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 05 Sep 2021 09:42:38 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://medan.tribunnews.com
request
aux-log2-sh.vertamedia.com/campaign/ 		33 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux-log2-sh.vertamedia.com/campaign/request?cmpId=570135&protocol=vpaidjs&waterfall_position=3&waterfall_id=18791993&advId=313914&isvm=0&performance=927&site_full_url=https%3A%2F%2Fmedan.tribunnews.com%2F&height=169&aid=620136&width=300&cb=834949089&v=2.4.147&t=js&adId=1CA14F339EF5D321&sid=0&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Fmedan.tribunnews.com&tte=0
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia /
Resource Hash
2dae105cc6409ab75a47a82ac4a9d7b1cb091e2d5d27892792aabbb0e12d9cff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:39 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia
Connection
Keep-Alive
Content-Length
33
Content-Type
text/plain; charset=utf-8
received
aux-log1-sh.vertamedia.com/campaign/ 		33 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux-log1-sh.vertamedia.com/campaign/received?cmpId=495741&protocol=vpaidjs&waterfall_position=1&waterfall_id=18791993&advId=285051&isvm=0&performance=904&site_full_url=https%3A%2F%2Fmedan.tribunnews.com%2F&height=169&aid=620136&width=300&cb=834949089&v=2.4.147&t=js&adId=1CA14F339EF5D321&sid=0&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Fmedan.tribunnews.com&tte=0
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.220.182.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia /
Resource Hash
2dae105cc6409ab75a47a82ac4a9d7b1cb091e2d5d27892792aabbb0e12d9cff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:39 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia
Connection
Keep-Alive
Content-Length
33
Content-Type
text/plain; charset=utf-8
error
aux-log2-sh.vertamedia.com/campaign/ 		33 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux-log2-sh.vertamedia.com/campaign/error?cmpId=495741&protocol=vpaidjs&waterfall_position=1&waterfall_id=18791993&advId=285051&isvm=0&type=108&v=2.4.147&t=js&adId=1CA14F339EF5D321&aid=620136&sid=0&width=300&height=169&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Fmedan.tribunnews.com&tte=1109&cb=1630834959796
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia /
Resource Hash
2dae105cc6409ab75a47a82ac4a9d7b1cb091e2d5d27892792aabbb0e12d9cff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:39 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia
Connection
Keep-Alive
Content-Length
33
Content-Type
text/plain; charset=utf-8
received
aux-log1-sh.vertamedia.com/campaign/ 		33 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux-log1-sh.vertamedia.com/campaign/received?cmpId=473775&protocol=vpaidjs&waterfall_position=2&waterfall_id=18791993&advId=285051&isvm=0&performance=905&site_full_url=https%3A%2F%2Fmedan.tribunnews.com%2F&height=169&aid=620136&width=300&cb=834949089&v=2.4.147&t=js&adId=1CA14F339EF5D321&sid=0&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Fmedan.tribunnews.com&tte=1110
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.220.182.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia /
Resource Hash
2dae105cc6409ab75a47a82ac4a9d7b1cb091e2d5d27892792aabbb0e12d9cff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:40 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia
Connection
Keep-Alive
Content-Length
33
Content-Type
text/plain; charset=utf-8
ad
traid.jixie.io/sync/ Frame 2AF7 		0
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traid.jixie.io/sync/ad?action=complete&mediaurl=https%3A%2F%2Fcreatives.b-cdn.net%2F80c8a13725c68736d9faf7e5858d51f1%2F422%2F1437%2Fvideo_desktop_480p.mp4&jxlb=1&cid=1437&cpid=422&source=sdk&adtype=video&engine=std.2.708&client_id=9445c3c0-0e2d-11ec-9b7e-f511fedb537d&offerid=na&unit=00000000000000000000000000000000&pageurl=https%3A%2F%2Fimasdk.googleapis.com%2F&domain=jixie.io&sid=1630834946-9445c3c0-0e2d-11ec-9b7e-f511fedb537d&device=desktop&sessionts=1630834948255&jxub=2&jxtok=3040021e0711036bddb75d6a790ef118f49e1f4b856e3bcc29320cf94b8530c957c9021e0a724912e70585aa8649cdcbd767007c0cfd86bda8785aa7e1a5379b0cae&stackidx=0&stackdepth=1
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 05 Sep 2021 09:42:39 GMT
Cache-Control
private
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Vary
Origin
error
aux-log2-sh.vertamedia.com/campaign/ 		33 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux-log2-sh.vertamedia.com/campaign/error?cmpId=473775&protocol=vpaidjs&waterfall_position=2&waterfall_id=18791993&advId=285051&isvm=0&type=108&v=2.4.147&t=js&adId=1CA14F339EF5D321&aid=620136&sid=0&width=300&height=169&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Fmedan.tribunnews.com&tte=766&cb=1630834960367
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia /
Resource Hash
2dae105cc6409ab75a47a82ac4a9d7b1cb091e2d5d27892792aabbb0e12d9cff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:40 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia
Connection
Keep-Alive
Content-Length
33
Content-Type
text/plain; charset=utf-8
error
aux-log1-sh.vertamedia.com/campaign/ 		33 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux-log1-sh.vertamedia.com/campaign/error?cmpId=570135&protocol=vpaidjs&waterfall_position=3&waterfall_id=18791993&advId=313914&isvm=0&type=100&v=2.4.147&t=js&adId=1CA14F339EF5D321&aid=620136&sid=0&width=300&height=169&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Fmedan.tribunnews.com&tte=766&cb=1630834960647
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.220.182.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia /
Resource Hash
2dae105cc6409ab75a47a82ac4a9d7b1cb091e2d5d27892792aabbb0e12d9cff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:40 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia
Connection
Keep-Alive
Content-Length
33
Content-Type
text/plain; charset=utf-8
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=medan.tribunnews.com&rs=medan.tribunnews.com&sid=88924&t=1630834949&cip=213.232.87.179&sn=&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1630834949019-938893911703-008545-012-009072&cha=0.7&stagid=60e6c98e8ca2e373fa016445&stplid=60e6bb892012ca07822691f6&cb=67965005514&d9=1000&AV_WIDTH=300&AV_HEIGHT=169
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 05 Sep 2021 09:42:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
error
aux-log2-sh.vertamedia.com/request/ 		33 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux-log2-sh.vertamedia.com/request/error?type=208&v=2.4.147&t=js&adId=1CA14F339EF5D321&aid=620136&sid=0&width=300&height=169&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Fmedan.tribunnews.com&tte=3377&cb=1630834960933
Requested by
Host: static.vertamedia.com
URL: https://static.vertamedia.com/static/jsvpaid.js?cb=02021617
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia /
Resource Hash
2dae105cc6409ab75a47a82ac4a9d7b1cb091e2d5d27892792aabbb0e12d9cff

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medan.tribunnews.com
Date
Sun, 05 Sep 2021 09:42:40 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia
Connection
Keep-Alive
Content-Length
33
Content-Type
text/plain; charset=utf-8
status
accounts.google.com/gsi/ 		40 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=657538641912-e5c2itnmne4v4ple558a79fi6kkb3iau.apps.googleusercontent.com&as=R797jdSBJhZkN26eV6AY0A
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.wDy2wFnoKyI.O/am=chE/d=1/rs=AF0KOtX7btEQNUuYhAoON-ud7zJa3rh5jg/m=gis_client_library
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8444a4f4dd39a434706b6ac844ca9c3ba01694ee3a9ca99d6a910d56668e86b0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DWMOn+CSDlgRb54FCp5Q5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-DWMOn+CSDlgRb54FCp5Q5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 1C10 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=medan.tribunnews.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=medan.tribunnews.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medan.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2156
set-cookie
uid=9ed196c5-0301-4617-b24e-d6f1a119d6ec; expires=Fri, 30 Sep 2022 09:42:41 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Sun, 05 Sep 2021 09:42:41 GMT
content-length
4666
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8af7d6725e4bfca81faf8f40d82d547cd5cc365fdc082c43217e7db8743b4189
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 09:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8444
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 09:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sun, 05 Sep 2021 09:42:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2943 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medan.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sun, 05 Sep 2021 09:40:15 GMT
expires
Mon, 05 Sep 2022 09:40:15 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
147
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame BBE8 		783 B
944 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
772a4ee318ec6c83360a6c7e9d58c156cf3a8b7e31ab6c596db00be1a7ca45d0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fEfNvuXEUeLYErtBJrKTog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medan.tribunnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=222=garTPWKcdLMjarOFtsRVLl7mbfkFbqb3RondaH99xjItjLuylMki1m43gu9-kK_fTHNfT5_Rswpi211tutGnrSA4L0F6DvOetOluFyFgi7hsc3pYtO-lvYm_2P1Jl3GNiZzbMr_DQcaIAVH-O8OY8c2PdmpWYPbTtbjp3nHFIBA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://medan.tribunnews.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 05 Sep 2021 09:42:42 GMT
date
Sun, 05 Sep 2021 09:42:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-fEfNvuXEUeLYErtBJrKTog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js
pagead2.googlesyndication.com/bg/ Frame 2943 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 08:42:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
3597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13351
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 12:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 08:42:45 GMT
sid
mug.criteo.com/ Frame 1C10
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=tribunnews.com&sn=ChromeSyncframe&so=0&topUrl=medan.tribunnews.com&cw=1
  • https://mug.criteo.com/sid?cpp=kjo6OHxJT2ZubUJFOTRDUnJzVzkyM2tRN0ZkQmlSYUdrdm5kczFLUDg2QXF4YzN0WDNsYmRDSG1lOWRrakJETnlHWEVyMjlJYlo2MFByNVJjeHpaL0J1bGRzby84TEgvY3lzMEtGeGNmanJNTGJoeEU2Uy91SGV1aTIzaj...
417 B
616 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=kjo6OHxJT2ZubUJFOTRDUnJzVzkyM2tRN0ZkQmlSYUdrdm5kczFLUDg2QXF4YzN0WDNsYmRDSG1lOWRrakJETnlHWEVyMjlJYlo2MFByNVJjeHpaL0J1bGRzby84TEgvY3lzMEtGeGNmanJNTGJoeEU2Uy91SGV1aTIzajFqc2NiQWZEMENUb1ZhazYvZlFUbWxIMVNrdjl3SmNNT1hiL01NdzFmTkl4R3F1NUJ6SzlWak5BenV6ME5DS2lGVXVYY3hJY3ZEUk9jbkpLK2lsYWlQd0tod2NIa01JdDY2Z0hodmRsUlpxeFc2ZFpQa2t6WnBxZHpPZmpHL2NldktMTDYwNlFNTXRPRERIMFBCYkVWZHR3SHYrdmV5Zz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ccfab51ce529c1d20c0ce1c30efca2787063c8086db17370cd37a8b8163ddd3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 05 Sep 2021 09:42:41 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2342
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 05 Sep 2021 09:42:41 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=kjo6OHxJT2ZubUJFOTRDUnJzVzkyM2tRN0ZkQmlSYUdrdm5kczFLUDg2QXF4YzN0WDNsYmRDSG1lOWRrakJETnlHWEVyMjlJYlo2MFByNVJjeHpaL0J1bGRzby84TEgvY3lzMEtGeGNmanJNTGJoeEU2Uy91SGV1aTIzajFqc2NiQWZEMENUb1ZhazYvZlFUbWxIMVNrdjl3SmNNT1hiL01NdzFmTkl4R3F1NUJ6SzlWak5BenV6ME5DS2lGVXVYY3hJY3ZEUk9jbkpLK2lsYWlQd0tod2NIa01JdDY2Z0hodmRsUlpxeFc2ZFpQa2t6WnBxZHpPZmpHL2NldktMTDYwNlFNTXRPRERIMFBCYkVWZHR3SHYrdmV5Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1700
content-length
541
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021090101&jk=3770784777048500&bg=!ZWalZiLNAAYJpm41CaY7ACkAdvg8WpDRKOwdmCuSEk2kA6oN6q7CNQ84EdK1XFwt5RBDPs6JtK4MwQIAAABmUgAAAAxoAQcKAJA8T1NPtx7TJVfUPh1CNAfDJO7wa_tkx3lale1EoXguHJllAHjf99ou7QoWAIPILfEpc6kezWcPadw-l2OWRvkwHkTPwQiWUwckKweZnvjeYwSVHoOKbsgtLaLrFrASxzP1V1RV-B6njvF3U9tbBuyJi4OPukicZg5_yoyz5oGLKfzaDqvXQ6wDzJ2NujNmb0SZAoNd4hvFgb74WLx9kzIRP5bEXE28z0VAOGiXRMzrNFD_CRGluRtyZYSZyH6Bso0BFjtpoRHi9OwDC4MAxRwZwQBbAu9Gw8QTSsLXfUwJ7spw8hN0QrLjtxh2-GotZ30peH9VN31DCqhy5z20J2ZpooJoA8AS_a-rFk5S5GJepC7R0a0uo_Ss3kxBpLm-38GDEtkJzlB3-BigLt5LbO_i1dBJ_qPbZkGt_6EBkMEU8c2nG2P2MRZmTOgv3YzXIOvshFHAfwUOJwRLX0jFjbsCcXXmKqD9qOBIJMLffyo_QHd1wJP9EkUlegwDy-UuXaBa4qtcx-uOmo9RrHNvfjQLyYNZ6Gpb-3nevbuwF6QBJ7m4_LElbtWDu9eRq1gu7MzuyQg9ksgnU-DfRwXehFjoCEFu4UsphwgxoWNAWMCkzmHzQ0-0f28_K9wcScK1g4qNhqc6dtNjgJX-weMLuLiSbZcJebKfSZ-p3T_Sio1GFnO08maPW371_B3tiQNTsq3mrw90TbdJeZ-9KvHvmtpF7qqI_oi_dorGH2ckJagPaGKYqIdjOyG8U9cRXHjW0dDUOv5rtTxJe8on-Gaa9P7DMZrm7tMYndFIfpULtqUA4OrBXFj_Mjyx_duY7peoGLtuHgDLhHKECKC0DXmvvkQduRs6URGOambIQjQlQReT0NHAyoKPSdRX-G4Iu3gph5Qyks7MFmMhd77JnUcZ1RpjDvp19l4ratJ5ZLPSoJcSxGGWJGaJZT3BMze7_fxxG46VOjsaIJNL7o0r9i6ryBaeZ0nglkTw42vB2LeZQxXCNt-TlmYIG8Aa_WxzVRiKTqshe0-6Wb2T20z1qunygOO__A3gBUzA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=medan.tribunnews.com&rs=medan.tribunnews.com&sid=88924&t=1630834949&cip=213.232.87.179&sn=&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1630834949019-938893911703-008545-012-009072&cha=0.7&stagid=60e6c98e8ca2e373fa016445&stplid=60e6bb892012ca07822691f6&cb=67965005514&d9=1000&AV_WIDTH=300&AV_HEIGHT=169
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 05 Sep 2021 09:42:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
dc_oe=ChMIsu_fzcXn8gIVSuW7CB2a5wGUEAAYACDuh8lIQhMIgePDzcXn8gIV1nHgCh1y_w4M;met=1;&timestamp=1630834968174;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame C964 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsu_fzcXn8gIVSuW7CB2a5wGUEAAYACDuh8lIQhMIgePDzcXn8gIV1nHgCh1y_w4M;met=1;&timestamp=1630834968174;eid1=2;ecn1=0;etm1=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 09:42:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.32.0&referrer=https%3A%2F%2Fmedan.tribunnews.com%2F&tmax=1000
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=384372&zone_id=2136984&size_id=57&alt_size_ids=116%2C56%2C96%2C175&p_pos=atf&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1395592726457593&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Domain
hb.adscale.de
URL
https://hb.adscale.de/dsh
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=384372&zone_id=2137348&size_id=9&alt_size_ids=8%2C36%2C262%2C12&p_pos=atf&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.20117105257964352&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Domain
hb.adscale.de
URL
https://hb.adscale.de/dsh
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=384372&zone_id=2137338&size_id=10&alt_size_ids=179%2C9%2C48%2C8&p_pos=atf&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3924033438819363&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Domain
hb.adscale.de
URL
https://hb.adscale.de/dsh
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=384372&zone_id=2137344&size_id=10&alt_size_ids=179%2C9%2C48%2C8&p_pos=atf&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7747965084325406&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Domain
hb.adscale.de
URL
https://hb.adscale.de/dsh
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=384372&zone_id=2137346&size_id=15&alt_size_ids=14%2C190%2C13%2C19&p_pos=atf&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.613089329143899&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Domain
hb.adscale.de
URL
https://hb.adscale.de/dsh
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=795650&a=3435608&ts=1630834956&wa=0&e=95&vc=2
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=662277&a=2645917&ts=1630834956&wa=0&e=95&vc=2
Domain
endpoint.take1rtb.com
URL
https://endpoint.take1rtb.com/?seat=4KFVu37O1hDZX4HwvrWO&token=YhTKamaU0sAaB3OG2GyHpxj4ykgRMiK9&cb=163083495299228715&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&ip=2a01:4f8:121:131a::2&w=300&h=169&bidfloor=4&url=https%3A%2F%2Fmedan.tribunnews.com&domain=https%3A%2F%2Fmedan.tribunnews.com&dnt={dnt}&lon={geo_lat}&lat={geo_lon}&ref={site_ref}&make={device_make}&model={device_model}&osv={device_osv}&ccpa={us_privacy}&gdpr={gdpr}&&playerwidth=300&playerheight=169&gdpr_consent={us_privacy}

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| dataLayer object| AdTrack object| pbjs function| myAdDoneFunction function| SpotXPrebidRegular number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits object| googletag function| sendAdserverRequest function| GLightbox object| ggeac object| google_js_reporting_queue function| moveScroller_menu function| moveScroller_sec number| ia number| ibc function| loadmore object| FB function| moveScroller_boxright function| moveScroller_menu2 function| lozad object| _atrk_opts object| _comscore object| core object| __core-js_shared__ object| firebase object| google_tag_manager string| site undefined| uuid_c undefined| ukid undefined| id undefined| jixie_id undefined| city undefined| useragent undefined| uuid function| setCookie function| getCookie object| Base64 object| script string| curr_url string| full_domain string| domain_login string| domain_name string| service function| ajaxload function| ajaxload2 function| fbox function| fbox_close function| login function| register object| jQuery183037781575978779847 object| google_tag_data string| GoogleAnalyticsObject function| ga function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| pbjsChunk object| _pbjsGlobals object| Criteo function| udm_ object| ns_p object| COMSCORE function| atrk boolean| _atrk_fired object| gaplugins object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_385344 object| gaGlobal object| gaData object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_112 object| Criteo_prebid_112 object| td undefined| f object| Criteo_standalone_112 object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| google_global_correlator object| closure_lm_692143 boolean| _mgPageViewEndPoint535833 string| _mgPvid boolean| _mgPageView535833 object| __VR object| s object| c object| h object| sl object| closure_lm_26890 object| closure_lm_29367 object| stroeerCore function| stroeerCoreConnect number| retryHandle function| loadCMP boolean| sas_noad object| PubMaticSync object| vpaidTracker_1630834952989 object| lkqd object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: PugT
Value: 1630834962
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4468883261977636728
.pubmatic.com/ Name: SPugT
Value: 1630834959
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4CE4C9B6-8344-4364-9619-BD51DD5A4C66

51 Console Messages

Source Level URL
Text
console-api log URL: https://medan.tribunnews.com/(Line 2)
Message:
calling onJXPlayerReady
console-api log URL: https://medan.tribunnews.com/(Line 2)
Message:
We have an ad, then we play it
console-api debug URL: https://jsc.mgid.com/t/r/tribunnews.com.1178609.es6.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: https://medan.tribunnews.com/(Line 2)
Message:
Ad impression
console-api log URL: https://medan.tribunnews.com/(Line 2)
Message:
Ad start
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-31034.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&gdpr_consent=&account_id=9655&site_id=302790&zone_id=2145070&size_id=203&tg_c.language=th&width=300&height=169&schain='1.0,1!mgid.com,9655,1,,,'&p_window.depth=0&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&p_window.url=&p_window.w=1600&p_window.h=270&p_aso.video.ext.ad.w=300&p_aso.video.ext.ad.h=169&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=16178225301557.436&rp_secure=1
console-api log URL: https://medan.tribunnews.com/(Line 2)
Message:
Ad first quartile
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-31034.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&gdpr_consent=&account_id=9655&site_id=302790&zone_id=2145068&size_id=203&tg_c.language=th&width=300&height=169&schain='1.0,1!mgid.com,9655,1,,,'&p_window.depth=0&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&p_window.url=&p_window.w=1600&p_window.h=270&p_aso.video.ext.ad.w=300&p_aso.video.ext.ad.h=169&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=7722094528484960&rp_secure=1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Finally, debug level set to 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Finally, debug level set to 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Auotplay check: From Video Player environmentVars.videoSlotCanAutoPlay: true
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Player provided the volume level: 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Use mute(0) as a default value since we have received 2 or 6 in the vplay parameter.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Finally, debug level set to 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Finally, debug level set to 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Auotplay check: From Video Player environmentVars.videoSlotCanAutoPlay: true
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Player provided the volume level: 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Use mute(0) as a default value since we have received 2 or 6 in the vplay parameter.
console-api log URL: https://medan.tribunnews.com/(Line 2)
Message:
Ad midpoint
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952&us_privacy=&cb=1630834955118
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fmedan.tribunnews.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fmedan.tribunnews.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-5 11:42:35&ranreq=0.08458842794755261&timezone=2&depth=0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952&us_privacy=&cb=1630834955156
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fmedan.tribunnews.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fmedan.tribunnews.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-5 11:42:35&ranreq=0.7609336824018589&timezone=2&depth=0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:PM AdRequest Time: 0.606secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Ad Error Time: 0.608secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Total Component Time since player call: 0.663secs.
console-api error URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:PM AdRequest Time: 0.647secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Ad Error Time: 0.649secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-info:Total Component Time since player call: 0.739secs.
console-api error URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=169&vw=300&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fmedan.tribunnews.com%2F&cachebuster=1630834952(Line 181)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api log URL: https://medan.tribunnews.com/(Line 2)
Message:
Ad third quartile
console-api log URL: https://medan.tribunnews.com/(Line 2)
Message:
Ad fully played
console-api log URL: https://medan.tribunnews.com/(Line 2)
Message:
Jx video end
console-api log (Line 3)
Message:
tracker stopped

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4abe5e30732727aafafb16813d0f3913.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
accounts.google.com
ad.doubleclick.net
ad.jixie.io
ad.lkqd.net
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.viralize.tv
ads28.vertamedia.com
adservice.google.com
adservice.google.nl
adsimg.kompas.com
adx.adform.net
ajax.googleapis.com
aktrack.pubmatic.com
ampcid.google.com
ampcid.google.de
apis.kompas.com
audiencedata.im-apps.net
aux-log1-sh.vertamedia.com
aux-log2-sh.vertamedia.com
aux.fqtag.com
bidder.criteo.com
c.mgid.com
c1.adform.net
cdn-1.tstatic.net
cdn-2.tstatic.net
cdn-3.tstatic.net
cdn.bhisma.cloud
cdn.fqtag.com
cdn.mgid.com
cdn.ravenjs.com
certify.alexametrics.com
cm.adgrx.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
connect.facebook.net
creativecdn.com
creatives.b-cdn.net
creatives.sascdn.com
cs.gssprt.jp
cs.lkqd.net
csi.gstatic.com
csync.loopme.me
d31qbv1cthcecs.cloudfront.net
d5p.de17a.com
delivery.r2b2.io
dis.criteo.com
dmp.im-apps.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
endpoint.take1rtb.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fqtag.com
g.c.appier.net
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hb.adscale.de
hb.jixie.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.connectad.io
ialaddin.genieesspv.jp
ib.adnxs.com
ice.360yield.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
js.adscale.de
js.genieessp.com
jsc.mgid.com
kompascybermedia-d.openx.net
loada.exelator.com
log.r2b2.io
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
maxcdn.bootstrapcdn.com
medan.tribunnews.com
mug.criteo.com
openbid.pubmatic.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adtelligent.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
polyfill.io
pr-bh.ybp.yahoo.com
prg.smartadserver.com
prg8.smartadserver.com
prod.perf-serving.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rt.gsspat.jp
rtax.criteo.com
rtb.gumgum.com
s-img.mgid.com
s.adtelligent.com
s.tribalfusion.com
s.vertamedia.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssp.lkqd.net
static.criteo.net
static.vertamedia.com
static.viralize.tv
stats.g.doubleclick.net
sttribunnews.kompas.com
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.e-volution.ai
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
t.lkqd.net
targeting.unrulymedia.com
tg1.aniview.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
traid.jixie.io
trc.taboola.com
um.simpli.fi
universal.jixie.io
ups.analytics.yahoo.com
us-u.openx.net
v.lkqd.net
vid.pubmatic.com
video-ads.rubiconproject.com
video-native.mgid.com
vpaid.pubmatic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www8.smartadserver.com
x.bidswitch.net
aktrack.pubmatic.com
endpoint.take1rtb.com
fastlane.rubiconproject.com
hb.adscale.de
tlx.3lift.com
104.111.230.142
104.16.199.73
104.19.132.78
104.19.133.78
104.19.134.78
104.19.216.61
107.151.2.114
109.206.188.82
13.225.87.2
13.32.121.21
13.32.121.33
142.250.185.162
142.250.185.194
142.250.186.130
142.250.186.162
142.250.74.198
146.20.128.187
146.20.128.77
146.20.132.150
151.101.129.26
151.101.13.44
151.101.14.49
151.139.128.11
153.254.173.146
159.65.196.12
162.55.233.29
162.55.6.212
169.197.150.8
169.50.137.190
172.105.235.90
173.231.180.197
178.250.0.166
178.250.2.131
178.250.2.146
178.250.2.151
18.139.121.89
18.185.190.29
18.192.249.156
18.194.49.211
18.196.237.128
18.66.112.118
18.66.112.122
18.66.97.118
18.66.97.124
18.66.97.29
18.66.97.52
18.66.97.99
184.30.21.112
184.31.84.150
185.184.8.65
185.29.134.248
185.59.208.177
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.75
185.64.190.76
185.64.190.79
185.64.190.80
185.64.190.81
185.86.137.114
185.86.138.32
185.94.180.123
195.181.175.49
2.16.186.120
2.18.232.7
2.18.233.180
2.18.234.21
2.19.35.65
20.44.221.56
20.44.221.77
2001:678:cb4:bbbb::11
202.47.25.65
213.155.156.169
213.174.135.2
213.19.147.43
213.19.147.44
216.58.212.130
222.230.178.21
23.227.138.196
23.37.42.132
2600:1901:0:298e::
2600:1901:0:e207::
2600:9000:21f3:9800:f:4f64:8940:93a1
2606:4700:10::6816:37ce
2606:4700:20::681a:ad1
2606:4700::6812:9ca
2606:4700::6812:bcf
2606:4700::6812:d05
2607:f8b0:400a:805::2003
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:802::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::200d
2a00:1450:4001:812::2006
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9d
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:bb91
2a02:26f0:ef::5f65:4d45
2a02:fa8:8806:20::2040
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:3::300
2a04:4e42:400::729
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.126.56.137
3.214.14.12
3.229.193.232
34.98.107.212
34.98.64.218
35.186.238.232
35.190.36.172
35.190.72.161
37.157.2.234
37.157.4.23
37.252.172.38
51.210.112.63
52.205.83.58
52.43.139.3
52.48.175.241
52.49.238.187
52.58.28.115
54.78.254.47
61.213.187.175
62.149.0.72
66.155.71.150
67.220.182.50
69.173.144.139
69.173.144.165
76.223.111.131
76.223.111.18
85.114.159.118
87.98.128.108
89.187.169.47
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
0541a21931fb5a4756b1e6a40e60ccc7d6c9bd79457ded0ab3d576b7f1200f87
078977f8339a2778de55c4732c1e03bc5cf1894ce6b531adce7100fbfa980699
079684e1d2942b4ce96a1598d059e8bdecf158de3145bb2dd5749cc1b3938694
081a28dfa5acc18a525c552aa51fc5a0bc1e2eb1c387db969b8f8af3d77a530d
0a03d9f01ad8deafa762cfaf46a3bcae1c9c50e9042fe859774371b3ba0c7ebf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfa5c72301a82b32f352f10b73a079333eb2454751d2cde4f7f88b213a713db
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d424ef672e3316ddf7d191fbfa52a9287d25892f34ef42bdd5302b22b1e1651
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
0e5889395974c20cb35a4981f12dbf0112b108459eb045b9df81b9bfa2f73392
105289afc0998661ac2cdddf5741f3aa775a53fc21e8ff834721f6ef30e46f1d
10bb9f6536e7477fcb05163e3a6b032a668d45e54f8cd8a7f5023015a7852124
10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e8cc21c2a2cb67e7dc9c0f9dee955639fc32a1154a9ee7675741f00c81e944
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ff9c31e9210fb6a481a65151df684e90db90674fcfd9544a0d279e27d69fb0
130368e1880972a560164d6a42407eb853179a8eb98aa11b3ec7605296dfe775
143b5a033d0904f62bde243d40bab04a6ff5f942a64955706757e4b4974788fb
1459debe4ae50fd8d33bf2b2ea987bb180ddb9a66014c4bec96ca790e7d123b1
14ebeaefd46f3e384d6addaf0fb0e26b9b1b1188339e08509637872093f0b189
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
173eac5ddcd632f1890ce6aeda8c3838585cca322eabea8670af96cf7e6e9c44
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1aaac8c7faa577fbb5e2d12a86c0ca350d2bbef197434b3a1941950edb9076c3
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1df053a6a473658477e7e46c33477e07f142a31806099cdb02af89922c6d54e7
2097e8485772e8c4cbc84d10520a153f2fc55a1d44dc632cb52216f6a52177d7
209eb7f67a5077440a9c95cb6c70481f18f245cf979e11238a596cfce177d493
20c5be5dd1299e451ca712bb75ea2a12f6806f34fc181f772f3b02476b8218b3
21d9bdad58b42666fdb80ea2b16b2b55bf6a3aa5b9df949cdce2d995678af42a
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
234cef14c8318b9c1bea792c557b6fd8dbdf8002be7d76066e16ce883dab0b3f
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
2453153354d65b54e40b9cdaa3141a59c5ad95e23ebe9262067f98cceb14afe5
2564edf5370f34ab3820bd41d382a2de3b249a8696d3119f1edb283f042a66d6
25dff39d1ec23433dc38405c877fc115b12b255526a96005da36193973fb3705
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2abd6f5af61f1636fe9a8696f6f15687d1064a8d2c396465f29164b6ed5058c3
2b173f65e9f2fb2bbc537a388272f7b1bcf71e7f69fb1982f1298baf1ea124a7
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2c109dc4b41df91368d22ad30014165fdc8c6129ebb8acf378bba4130f2ec986
2dae105cc6409ab75a47a82ac4a9d7b1cb091e2d5d27892792aabbb0e12d9cff
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7091b89c343a88e0a605b70cf775bdb8905e10b165b48c266bd059c0693af5
2fc2eab9acd8bd613bcb956961308ffb3c3573339509e06a542fd2bbe14b9d29
2fd2ca4e2e47e02d0fd5e74f822074734d4905f1b7fa87fa7c2f7514cd3136d9
30c3c87bf45743d6480bb3ba55de7e3c7d3ed9217b76b59b839dee9ca61344de
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
33335812c8cfe1f37da5cf8428f118168d525819d6473ca9021d2e74e10a59b8
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1
358397cc830a4098def1c47def116498dacbb8711c1e7e4f68bb204fca577498
358cd5bbe4d42510a8ba89a31e1afc40be9ee38ffeaf505d81b23339b7617fca
379b64340316bf82408b633791ffdff9a9890f26cc64a620ccdd3c90e1ce6ee7
387b9045520dba71aee09805912f3e795b219582055cf207743d81d3d9d77619
38eeab158f98dd7791afb19c1868e0d3d904199a149a900a02f2babdf29b9a26
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
3bdd95b83f21c2f2952f3c2ba9ff097351c5aa89b54811a8a96821d0fc814370
3c30147f898492172686ccaad23f1bf4d112f501b4cf55f20388db5253622ad5
3f2c165eefe83b43e66ba44782909888dd46386f8fcf2732578c3cc38fcad0b2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
402ead54e015ebd09458e33e53f06db682c9f9f55010677c2d58c9cd90527a2d
41344277ff9d6b12105bf2bbb857b0ff37bef5fe65c256ea57da7c8e6d096bf2
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
4221fd6576e8e951f0ead12de9f4869be0b14dd10c8663185af38bf6fcbab203
429885d34050a33a9b77b7b6d4ac0ecd92d4241eaafe69a3be6bf5b1fa223de4
43f4577d7588548de2f77303efaa3a8d59a97136437fb1f36d178c7c5febaab6
440ec3d50185b607e670a4f52833c16dd353093b9aef848a4dd9e45e6c02edd3
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48de10584fe410c23cb2b66254afec8e62fca334d30d8fbddcbcc33750623b0b
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a8cdf7c03a39d4aa2f2830f3f05f3a54bb441b6991f91afd2aaa9f7165f26c8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b78ba68d172622ccfc3dadb90fc4f2984f2bcea4e350a0abd88be0ab70270b8
4c3b914842090890ae0f3fb17ac85e6f32b0cc36e2a336635856be88b57860a1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
535ad238c9a291aa3e4d7e24cf16ad7c96398bb1f9a8e3590320daab393a2262
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
559fe89cb5acdc0621e4f7ec04d628b98c1228f1b5ed2c5a43242d80a225364a
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
57994a498f54fc5828eb9fcecd7984c2391141b791ef9dbeef94ea75a5bc7134
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5907b1a40c7f365896161db244f0b9b9e3bbd248dc3ee09ce563c56658085bdc
594c5ace291e957bfcf2feebc619eb513ec847f57c4dcaaaa4f314544493f111
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a
5aa1133a184723f949dc19dea4415fa2208805735c7b1be0fbc4b5507517dc6a
5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6
67dcf928ceb98e916205b22117af75040e1c1fa90b59177b71799984b422bb11
6a65c58e1ceccb2e494485cefa163c2358c2e6001187af214262f230240fbd8a
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b63001737278bd7ed52993c7eab5bc1924d134f2f2103dc96e8d164cfab2c8a
6ba74b0b7223564fe5de95a05498160da36162274673a6c4583a757d233c41b1
6c0dd12cbdf821ad99fb4b97816e9bf478cf2e734aed43cd1276e98ba6d55733
6cdb40aed4b5d2b61fd09b122d089b0ae4610fe7766ac43547e4a3e1f6215316
6cefc398bcfbba02fd570f89a81a5e40e1df88375a94cf6af7d7ae8766e1d6ef
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74cd2510fb7613fb76292b497155d686fdce781f0d719f181537a425dee9b9d2
755d1e4731609262f48cd7bc897767e502f9cf1dd2f95670bcfdc07817020463
7602071b0397669a1642355c0c4d098f2d63f2d09bbd57958cdff45fd7253ab1
772a4ee318ec6c83360a6c7e9d58c156cf3a8b7e31ab6c596db00be1a7ca45d0
78d07a82b51dccc92f0e2e0083753b51f6254db52aa53b72d8beda3f082547bc
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7965b51f32c6145173f10df404404dd0d825d5b4ce5d1804aa19865917a09881
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79be97c5742dbd399a76e9dd88060b521a29d0e7c77c38818dd3499b7f5d2221
7a19561cea75ef58d9d9a73d4b29d8e65308aed61e40a88b40acf29842a7538b
7b38de6bff343e55807ad3cb0cdc84a9a4609339b63fc805a8c8bae5fd269c36
7d0c1c9240ec0bf75e349a2c58a3814c3f0c09abb1d44c4d85d407914d736d47
7ead7f1e9c3444ce597850e95a328bdcdb983a239008adc6f71f5065c329d6ff
7ff9d4ae2b3407b031e3359007ff4d7ac9e0b342f25ce44c77d3cb7f14f65043
80e8e5f8b618ebeb96fd7e4d781e09f242a1fd9c5c45d570eecb816420b4cde3
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8444a4f4dd39a434706b6ac844ca9c3ba01694ee3a9ca99d6a910d56668e86b0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86f51e934eed984b8f595937feb3a6dc163deba5c1074daded7bc7ccb62e7c1f
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
89042e0238c712451fb89e3cf9c902606d3b59760461ab54bc737984e3493a97
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af7d6725e4bfca81faf8f40d82d547cd5cc365fdc082c43217e7db8743b4189
8b4db059a3cb9ebb3673eaffe432d8732cc4f732c1dd72beb9bcebec1410ccb8
8ba1e040a79dde56f75f6d9a6da16bc49c5df6b25ba95d695c82f01ba0ed4401
8bcc073b4188f7fe715733d4061bdc9be08c3efa394014878f51d5a90f786c9a
8c0a9ece4bccd72580495eb954dfb4298b283dbe7a277893460f7ea8a9f87673
8cc2914efcf8e8ceb5e4f44d563332f00df2f978448607efc6459d5ed310969e
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7f694b964a8615111f134c984dc830edd7906d35aa12e9906bf9df8bdc6c26
8d9f1e7a5653eade39c663ba7e740f5f8b51fde9a7fcc7e2d59b0338598e5075
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
92d6b966c3b2fb58c469e35de5c5cdf8cdaa30ea9bb7a3e15e1b86765f892452
93ad25346390323235a0b27d7f517853a0b911cb94f0755786ee858f2626acaf
93f873e001c9af7d6b307999208e69cdc4d218c457c022431bedd6c7ed748462
94eadf69c4a059389104587548aca95096fe422e0133fdf70de14aeff731410a
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
971e542a7e0f65a762336a33fb163b9f35f7d0a7b40b9bf8c4fd427556b293e9
98434334221237ee1b554831d084a3a7d0d878b3eebccdcb964f822defa7c689
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a4c69b2d26e51141a1ea26f802458bb5cc1cee9a602a44b4ca4d586e63133f3
9a876f6cbd09c5f245491f6877db2a6bb7faa356893ae8a5f8881b2ad6c64212
9a98a608e9ac0e6a7ac95ed570a1f6f854827d472bd69a78c70f2585250aac26
9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68
9b3e827aa59c8c1bd024120ce3d73ced58c5fba6c52cd595c3cee56ca6a7ff00
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03
a3edd76424d9fb86ae47274648fde9f323eeeaaf8c1ee293f4cbc932ab439156
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75a78aac8437480cd2cafa92fb35be3e65c88c3d88f2b392f1545493f9dfe6c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
abd003e5d462382460777f8a485d59d520b976fad80f7a8fe6e7124414933ad2
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a
adda60ab7594978e5beb3e8ec6b152f4921d9885af06ebec843a5790afb68cc8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b36beafb29d3704979d7b582780d5ef59773dc373e3a75fa78e2ca1a30d04f42
b5bfaa87a15490c95e8027409f595552cbd4d95a7a182fe81bb59d0d8cf15d0e
b602d69bfdce14a18bfbcabf503f9bc7a2498fbf6b792573d50fb29f4deacf34
b625775b5ac677e07998b78bad336572eccb87f5312136b6b4c5549f032010ca
b6d018299abf4ffbc22597ba7d87b10515f7e3b7a142c160e933dc857b2246ec
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b9f139512a71a5ccce4a7992d8c374c6a5bc75f297623ebeb3ff82f18d93dad1
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
bb3883c3bb799ed382660641a75525bd77bd596372aea857a33b92311a7af551
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
bf599d6bb1c095abf08d7f957663b24c0c58e0bb9b8a2aad7d617a8aa85dceb6
c136f8922e43ea1b6eb5cb524b703ce5a8e17e6149ec774ff5c1cf791a4c16ed
c2e07bb7367d13ada4d1f6baedfe3884305d8ae364fc28318d7b2fd64c57fc75
c4d6d7c6672496b8581727ace0d23415516ad3740609573cb30138dad68dcc72
c4f0377980441360d6151c3e1d591f0d39212a59797df67e478d6d0bd749b5e1
c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545
c9626d80ae0c7463ff0e3dd070fb34c0fcf0a6e383a0fd3ad27488cff6942af1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc82b97b73bc92ff9e0ae24c9824c81d776bd70e8e8cab959a0e446ee6740ca6
cce845c9c561ae739fdfc1430c16d08ace3588c8b5a2c2be29e0ab3c5f9a5a1a
ccfab51ce529c1d20c0ce1c30efca2787063c8086db17370cd37a8b8163ddd3f
cdfeca6a4dfccacdfaa7e4a1cb4e46da1ec31708bdae14e7535732795207f402
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2f589c367232cf6c419f82020168f2b9b2fb839783ef91f17d60dc4a75ebeb9
d3150cecceaba3dd7038a7ebe75ece09c40b486ce011c81b92a8b22cb9abfb3d
d543e0938a92f50488bf5895451508ca03e18dfa31306268a1fa606788b9c060
d7085963175348f2dd6b42a042b0910981eac416c5db2bdf30db687625e15df9
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c
da39f8beca75e4317ac564f92cecfad528d7de91827881673066e0b25e16f84c
dbba45cb3355a22c9ddd6893732795b6746e460fc1ac52e77b5268ec9d685f5f
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd1c49ce5d0f38c8081ed91950313b7b3913e7dc65321e6d29449f94c4db000
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e24210ebb733964384999ba2e272d7daf9c569dc8533c773f4f8c22db6a154f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e482a48fef03d183029fa2edf995fc8e9ce023f18649fd1d9149958e977068a1
e6736db0028a2880e57c68a137ffcd5c322023f2d998d01b59679c9a75c04bd3
e6eb68d4b4b8a4295742792be3d217419fb2652654a75d5b5509a32a9152dc9d
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce
e764e9eeccf27073f8c08f6fb22baf94e5d338a4331b504b9234837512f81147
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f2050c70977fd61f8a1c706595398f2aa5ae358bbb90196cf8b4de2840ba190d
f25b77ebd25322445797c3e12d33a4601bb6748983af49338cb9cb9707e38e0f
f877c49119bf5e9002456de2a43e85f357ac17674e16c8fe9d59cea28583a3f9
f8fd19e664526e5667d00bed3e089e60559219501c1fcf5cea88feed079db74c
f93f5adb1588fc9623e4808beecc225e4cdfaa084e5364580916f0bd253c543d
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fca1aeeb624fdf0e15ef69a6ddc9836aa92038fc2a3febe45ae390966ef07d4d
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995