palu.tribunnews.com Open in urlscan Pro
13.224.193.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tribunpalu.com/
Effective URL:
https://palu.tribunnews.com/
Submission: On July 29 via manual (July 29th 2021, 7:14:24 am UTC) from AU

Summary HTTP 301 Redirects Links 84 Behaviour Indicators

Summary

This website contacted 56 IPs in 8 countries across 36 domains to perform 301 HTTP transactions. The main IP is 13.224.193.25, located in United States and belongs to AMAZON-02, US. The main domain is palu.tribunnews.com.
TLS certificate: Issued by Amazon on April 23rd 2021. Valid for: a year.

This is the only time palu.tribunnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.1.187.198 3.1.187.198	16509 (AMAZON-02) (AMAZON-02)
1 3	13.224.193.25 13.224.193.25	16509 (AMAZON-02) (AMAZON-02)
14	13.225.87.56 13.225.87.56	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
6	13.224.193.126 13.224.193.126	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
28	13.224.99.66 13.224.99.66	16509 (AMAZON-02) (AMAZON-02)
7	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.99.2 13.224.99.2	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.99.41 13.224.99.41	16509 (AMAZON-02) (AMAZON-02)
1 3	13.224.99.12 13.224.99.12	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::200d	15169 (GOOGLE) (GOOGLE)
6	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
4	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
1	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.193.194.127 18.193.194.127	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.43 213.19.147.43	26120 (RHYTHMONE) (RHYTHMONE)
7	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	185.86.137.113 185.86.137.113	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	20.44.221.77 20.44.221.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6 13	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	47.246.43.224 47.246.43.224	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	3.142.157.144 3.142.157.144	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9c	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	20.44.221.204 20.44.221.204	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
12	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	20.44.221.56 20.44.221.56	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	222.230.178.129 222.230.178.129	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
19	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
42	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
301	56

1 3.1.187.198 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-187-198.ap-southeast-1.compute.amazonaws.com

tribunpalu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.193.25 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-25.fra2.r.cloudfront.net

palu.tribunnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.225.87.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-56.fra2.r.cloudfront.net

cdn-1.tstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.193.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-126.fra2.r.cloudfront.net

cdn-3.tstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 13.224.99.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-66.zrh50.r.cloudfront.net

cdn-2.tstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.bhisma.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.99.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-2.zrh50.r.cloudfront.net

sttribunnews.kompas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.99.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-41.zrh50.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apis.kompas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.99.12 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-12.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.194.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-194-127.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.137.113 (France)

ASN201081 (SMARTADSERVER, FR)

prg8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.44.221.77 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

hb.jixie.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.98.64.218 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

kompascybermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.43.224 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

scripts.jixie.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.142.157.144 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-157-144.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.44.221.204 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

id.jixie.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a01970002f1c437440e132dc926a3cf9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
123d0c633895fe339f8c361eaea51cf9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.44.221.56 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

traid.jixie.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 222.230.178.129 (Sapporo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

js.genieessp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9d7c30f052ed2bbadbfbc81b60229d22.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

781d526dd377f902e06f9c1dad769958.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com a01970002f1c437440e132dc926a3cf9.safeframe.googlesyndication.com tpc.googlesyndication.com 123d0c633895fe339f8c361eaea51cf9.safeframe.googlesyndication.com 9d7c30f052ed2bbadbfbc81b60229d22.safeframe.googlesyndication.com 781d526dd377f902e06f9c1dad769958.safeframe.googlesyndication.com cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com pagead2.googlesyndication.com	605 KB
48	tstatic.net cdn-1.tstatic.net cdn-3.tstatic.net cdn-2.tstatic.net	828 KB
41	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	642 KB
19	googletagservices.com www.googletagservices.com	617 KB
18	google.com 1 redirects accounts.google.com ampcid.google.com www.google.com adservice.google.com	77 KB
13	openx.net 6 redirects kompascybermedia-d.openx.net eu-u.openx.net us-u.openx.net	4 KB
12	criteo.net static.criteo.net	321 KB
10	criteo.com bidder.criteo.com gum.criteo.com	3 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	136 KB
7	google.de ampcid.google.de www.google.de adservice.google.de	2 KB
7	bhisma.cloud cdn.bhisma.cloud	54 KB
6	ampproject.org cdn.ampproject.org	118 KB
6	smartadserver.com prg8.smartadserver.com	2 KB
6	casalemedia.com htlb.casalemedia.com	2 KB
5	jixie.io hb.jixie.io scripts.jixie.io id.jixie.io traid.jixie.io	9 KB
5	pubmatic.com 3 redirects hbopenbid.pubmatic.com image8.pubmatic.com image2.pubmatic.com	1 KB
4	googleapis.com fonts.googleapis.com	3 KB
4	spotxchange.com search.spotxchange.com	5 KB
3	3lift.com 2 redirects tlx.3lift.com eb2.3lift.com	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	77 KB
3	tribunnews.com 1 redirects palu.tribunnews.com	33 KB
2	adform.net 2 redirects c1.adform.net	926 B
2	adsrvr.org match.adsrvr.org	529 B
2	google-analytics.com www.google-analytics.com	19 KB
2	kompas.com sttribunnews.kompas.com apis.kompas.com	5 KB
2	facebook.net connect.facebook.net	69 KB
1	genieessp.com js.genieessp.com	285 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	alexametrics.com certify.alexametrics.com	552 B
1	facebook.com www.facebook.com	297 B
1	unrulymedia.com targeting.unrulymedia.com	175 B
1	teads.tv a.teads.tv	251 B
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
1	googletagmanager.com www.googletagmanager.com	47 KB
1	tribunpalu.com 1 redirects tribunpalu.com	211 B
301	36

	Domain	Requested by
42	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com palu.tribunnews.com cdn.ampproject.org cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com
34	securepubads.g.doubleclick.net	palu.tribunnews.com securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
28	cdn-2.tstatic.net	palu.tribunnews.com
21	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	www.googletagservices.com	securepubads.g.doubleclick.net palu.tribunnews.com tpc.googlesyndication.com cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com
14	cdn-1.tstatic.net	palu.tribunnews.com cdn-1.tstatic.net
12	static.criteo.net	cdn-3.tstatic.net static.criteo.net
9	www.google.com	1 redirects palu.tribunnews.com tpc.googlesyndication.com cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com
7	eu-u.openx.net	6 redirects
7	bidder.criteo.com	cdn-3.tstatic.net
7	cdn.bhisma.cloud	palu.tribunnews.com
7	fonts.gstatic.com	palu.tribunnews.com fonts.googleapis.com
6	cdn.ampproject.org	securepubads.g.doubleclick.net
6	prg8.smartadserver.com	cdn-3.tstatic.net
6	htlb.casalemedia.com	cdn-3.tstatic.net
6	cdn-3.tstatic.net	palu.tribunnews.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net
5	adservice.google.de	securepubads.g.doubleclick.net
5	kompascybermedia-d.openx.net	cdn-3.tstatic.net
4	cm.g.doubleclick.net	2 redirects
4	fonts.googleapis.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	search.spotxchange.com	cdn-3.tstatic.net
3	image8.pubmatic.com	2 redirects
3	gum.criteo.com	static.criteo.net
3	accounts.google.com	cdn-1.tstatic.net
3	sb.scorecardresearch.com	1 redirects palu.tribunnews.com
3	maxcdn.bootstrapcdn.com	palu.tribunnews.com maxcdn.bootstrapcdn.com
3	palu.tribunnews.com	1 redirects cdn-1.tstatic.net
2	c1.adform.net	2 redirects
2	match.adsrvr.org
2	eb2.3lift.com	2 redirects
2	googleads.g.doubleclick.net	cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com
2	cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	traid.jixie.io	scripts.jixie.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	palu.tribunnews.com
2	connect.facebook.net	palu.tribunnews.com connect.facebook.net
1	us-u.openx.net
1	image2.pubmatic.com	1 redirects
1	781d526dd377f902e06f9c1dad769958.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	9d7c30f052ed2bbadbfbc81b60229d22.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	123d0c633895fe339f8c361eaea51cf9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	js.genieessp.com	securepubads.g.doubleclick.net
1	a01970002f1c437440e132dc926a3cf9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	id.jixie.io	scripts.jixie.io
1	www.google.de	palu.tribunnews.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	palu.tribunnews.com
1	certify.alexametrics.com	palu.tribunnews.com
1	scripts.jixie.io	www.googletagmanager.com
1	www.facebook.com	palu.tribunnews.com
1	hb.jixie.io	cdn-3.tstatic.net
1	hbopenbid.pubmatic.com	cdn-3.tstatic.net
1	targeting.unrulymedia.com	cdn-3.tstatic.net
1	tlx.3lift.com	cdn-3.tstatic.net
1	a.teads.tv	cdn-3.tstatic.net
1	apis.kompas.com	cdn-1.tstatic.net
1	d31qbv1cthcecs.cloudfront.net	palu.tribunnews.com
1	www.googletagmanager.com	palu.tribunnews.com
1	sttribunnews.kompas.com	palu.tribunnews.com
1	tribunpalu.com	1 redirects
301	63

This site contains links to these domains. Also see Links.

Domain
www.tribunnews.com
www.tribunnewswiki.com
style.tribunnews.com
travel.tribunnews.com
wow.tribunnews.com
newsmaker.tribunnews.com
video.tribunnews.com
www.tribunjualbeli.com
health.tribunnews.com
jakarta.tribunnews.com
wartakota.tribunnews.com
bogor.tribunnews.com
solo.tribunnews.com
jatim.tribunnews.com
madura.tribunnews.com
jogja.tribunnews.com
jabar.tribunnews.com
cirebon.tribunnews.com
surabaya.tribunnews.com
jateng.tribunnews.com
banyumas.tribunnews.com
bali.tribunnews.com
banjarmasin.tribunnews.com
palembang.tribunnews.com
bangka.tribunnews.com
batam.tribunnews.com
jambi.tribunnews.com
aceh.tribunnews.com
kaltim.tribunnews.com
lampung.tribunnews.com
manado.tribunnews.com
medan.tribunnews.com
pontianak.tribunnews.com
padang.tribunnews.com
pekanbaru.tribunnews.com
makassar.tribunnews.com
sumsel.tribunnews.com
kupang.tribunnews.com
belitung.tribunnews.com
suryamalang.tribunnews.com
mataram.tribunnews.com
ternate.tribunnews.com
ambon.tribunnews.com
papua.tribunnews.com
pantura.tribunnews.com
babel.tribunnews.com
kaltara.tribunnews.com
banten.tribunnews.com
lombok.tribunnews.com
prohaba.tribunnews.com
sultra.tribunnews.com
sulbar.tribunnews.com
papuabarat.tribunnews.com
www.tribunnetwork.com
www.gramedia.com
ebooks.gramedia.com
www.facebook.com
instagram.com
twitter.com
news.google.com
account.tribunnews.com
belanja.tribunnews.com
www.kgmedia.id

Subject Issuer	Validity	Valid
*.tribunnews.com Amazon	`2021-04-23` - `2022-05-22`	a year	crt.sh
*.tstatic.net Amazon	`2021-07-23` - `2022-08-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
cdn.bhisma.cloud R3	`2021-07-25` - `2021-10-23`	3 months	crt.sh
kompas.com Amazon	`2021-05-03` - `2022-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
accounts.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
hb.jixie.io GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-17` - `2021-12-16`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
scripts.jixie.io Encryption Everywhere DV TLS CA - G1	`2020-08-11` - `2021-08-12`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2020-09-10` - `2021-10-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
id.jixie.io GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-23` - `2021-11-22`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
traid.jixie.io GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-18` - `2021-11-17`	6 months	crt.sh
*.genieessp.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-30` - `2021-10-29`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://palu.tribunnews.com/
Frame ID: 5D3637248E2FB3F90E24A297BE2FA604
Requests: 116 HTTP requests in this frame

Frame: https://a01970002f1c437440e132dc926a3cf9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 13AAFD0D357C37DB2BA943273834AD4F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYNXWh3Tji_wrbajQavPFPNIwvHGYsKKetMqPmMxCjDAHK1w6C36nzUSZT2jE58BNjsUBnJNHyqLPujTVKuGF_M19UmLNJrN1gqWltFxF5GQdIUoabMLSSI59KomA88Pgc1B1aoSDrSfSkMJPq1MfpE4Uxp9Ehxz5UmNgMimQjcguKBbsvfL-SP4JrpZpYOrCyg5-2B7dJkafvhyrmCsAGU_34SzK1NdQtPmbIqQscUMKDeV2Bcog9PyKy7yHEm7nSYPyH-ErV72HGR_bBZewp7kzjqql5KtRTrpYg2nHHY_4Z8vfbIkfmauwTv2LWC-ndSSw&sai=AMfl-YQTBDRIIl5SDtMUga_pscfQtzCbUV9aJlQpsCuK98Td-jBxZT1zwrYM3olSJn47P6mL3xhpisbVenp5LvW096vkeBFHtfsFQFihx1ks_euERowHnGRJWpXAdXMw5VQx&sig=Cg0ArKJSzEEl4sCXx-rnEAE&urlfix=1&adurl=
Frame ID: C15A0C6AB395FB9623B764AB2F7686C9
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshIC3oqhkffypP7_IEZSbNDNed1uEDUUnAHUq-shsmBj1x6PrV1aKpnBixlq2stM4_R3jRtK1Hb4bGLGmOgj6mPmpz4My-eXUcxx08q5VNZnUsnpm9ak7FAiQd6HNv7in-OEeUfTHe_8Y0Bo0MoG4fUdqCgnn9CyKY6vVEePCxUU8Tf-jyo8LMYaSh4t0zMSR20x3xMPkKr2gUVTyx9UOpVcKiP3wsKmtA0PG_L8sHjzij5iIA1cVvk7FxmWaMN3zxqr73JI42a9emvwbXWDNL6EJAGs1DlrhQlDK_3o5QNFukYN1BTWdr3hVwUhhHNlLGz_w&sai=AMfl-YQX9ApgNi0izCVAQGLge3f1k1y0swsKkZBGCEtPo_BnskvXpGvOF4NOV_tQ7HF30mcFhdf2zg-X3NSXoTiyBwNttSQEF5nwVmgGnQKkDha_MBe6Xoghn9dWgVrFnZe9&sig=Cg0ArKJSzKy8CraMor_FEAE&urlfix=1&adurl=
Frame ID: DF359C6261CC6483277B6A8F571BE4E9
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_S7qD024HszShy-8J-_lzRhFm6SErmv7rx21GllsB8DMqSRtkUplUWZ7nGho7XVoFNAi0seLucrcYUfn51-Lzx_waKwwtUyjGaA0t-BrYyMm3jjOSMjO8h4RPwI9Y4oA4Vyd8F-sf0L1VVKXuzwB-Fd6omVfOHEQecl6vwD7NYdS9puEmTGYO1HwGk2E1ZygVO-BKzjNUosff2rnEoowak8gR_7Ny4rzV552hn3mY8vrj22Y-TZ4_iyb7ervIH5SyazOvlO601mdtQfpFLvgImYljkRkr2wYz1sHfJfNP9KPSQ9fG7TDYn-kdwht9PcMUehg&sai=AMfl-YTRn3leBodd6zwn_GelrDNn7uauCKjXcZWNrhO4oSY8aqMJ7aRjKU8E1VuBKdOCW6rv8Marz_JqmIfL1iPZi8-HLc99Z6-sxbcNk4y54phe_i6MUj7yyhvKxqimdeI_&sig=Cg0ArKJSzFdz9fUKlypTEAE&urlfix=1&adurl=
Frame ID: 030D766DFF200A9A97A100AB68F7F26A
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusGDqH_0plH-oSSWVhEqQ_3bZi3WKNP3xTYJGxOyjjrMiWlxOzZCLNi7_roIPfPvMVkJigHeOi1GTBMQ1UhqsSJt0FEbxmurcldB9J9Z_przyfr1BmyodmwHCTb38hIIVCnQdA1DgSWeYd7pIrkkqXB2giiUSKwDO6LwyW_PbUHqu0LcN5hWSAviGepTMTq3_xnoDwAcnw7gk4kljoxe61mSRYZyMCRGjRh9b1vTHhKOGR2vH72_ktrXBgG4X0WOy_LRBCItjrO3pIBwVy3TZC8zHUuBqKKd-bi7AiyNBXLRgTXHskylTx64qhzS2ehiRKl2Y&sai=AMfl-YSXm5eJTYiZZ6SgErANZurnzWVAh5xVOucvFGcdZPYEp0OmDC0WynQ36nrUgpxVB-VVVu3LGwL3q31SqP8lTa02K8KW2awS7zhbp6AbDJdCGxcO6TogeIwzEF1oE9aJ&sig=Cg0ArKJSzFox3B12ZEjAEAE&urlfix=1&adurl=
Frame ID: 96AA80A7515FC0B033837BA46B078DE3
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYDUM4TxhEEn_wI586iBPneQAeudqAX8DBP4oyLwuYVlWMtHaE3vNYkCqZzpYTPLBarmgSZMbKCaaNIoGFQST22HGK8BfGGLrGzVeyeWECkVd26tiK5N9J_4G5E0UfCFdFlGipYZJpTq-a322yXQL4YSiLxOemalgz5EOzSbf-dNVlnLqpURWEZYiMXlqJFXah6MgquOhk6e_w_CgvEJlGE32KOpenl08qz9N273slY8sPrConMiLT2WRZrWth3F3FH737nRDVMSJ8sY2bQ7tcXWUrxyhEGadPjWT6S6prCulkz-IIbH2NuvgQqnLEkFwGcWU&sai=AMfl-YQJcNUSpCQ2MxPhupWtQzsOQGqpolM7qKtZNCVh7uwr64sYTDz_ykE4zCDzo13JrsnUqu8qUfedKw0bBlzU26Z9iaRptJS8_8PJpLxcb6FQ_jAYAKQ2L31U1l243-Tc&sig=Cg0ArKJSzAMsbfGyjGCJEAE&urlfix=1&adurl=
Frame ID: 7164AC4B5FC6C586D9B5386D432A51D3
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ3oiOVt8QBFFsKln8JAImTmCQ8FBanQk-DQi7XQzW5vGdrNbImB5VXIySoaC6YUjDzCsb7Npi7QGrWd6HH1VxcDBNNBCnYydnam6ks0xhYLvoJ5LkaaZR4E88Wf5T_jD-AJvbJSQ-_aub9CBwK6DWW4fnoQ4r5szw9hDqlp0HaBQ2ufZkML21eZE9E8LW_zl8LA5TLvneqUWN9-DFvwRGrXNf8SmntRE9kZ70ToVTJd-VQROA0dHklCOY51gwo9oGbkONSBrv9SvsqUisHizfEfx57o-I1MuHoQtTtKb-QzJ8Ab1UZxSSVBTS2anUp1dtIw&sai=AMfl-YS9QiJQ8urlh8dmYICfjvznvXGwfAufFXYqdNyXLTZ0IagsPZVOy49xyB1NnonXpkR3PpjgSGbr9e3knPFq62kEQB_V0N2VbJgEppSQ7QsAyK4XlPkvf0zm1V2OyET3&sig=Cg0ArKJSzCUmJczeYo8hEAE&urlfix=1&adurl=
Frame ID: 7BB0578AD67D08DF20BC048EE680C267
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxJtwZEvnZf20Cv18JavMIj8bH59PvhXcQnsPG85Q3z8Edml2TXpH3RMXHeJWFd9enWbudVHsDWEpPl1QpSJNIbgrvPfRTpsS_vsHmNgSyWGeSazolbC_F3SXuoGBkz3cI3JXOzBtMnGbsWGBpuJ_y2MgRI8Vu201n7tXuK6ujiku7_m9aOSHCUCgQ-bUDPavdx-FIjLQyCa-MGatsFLvduXbrYDj08QlZ8WGvGp2OETavyYGkB2wK2BWhVtb5IxivBXWa9giQM9NGlvPUDi8JW2-I0DSdiWP6NZwZW7UX-A3Al7fyqQeAdpVSbpAQcl6HYg&sai=AMfl-YQnSDOT_LxJaOYp5cGVuYYf0cBbOhh7vKvJMPXlynhCa_Fn8_x9YY7AXtiodFeutLME33uBKCR9NQkL0XqbaalUh5cP8SQCPPcxtSUi-Ffez3TJBB5a8RgOIYndDXwz&sig=Cg0ArKJSzG2OSmqNQQ6oEAE&urlfix=1&adurl=
Frame ID: BF994DFBCA1237AA0869CD0D981B01E8
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxagMnpI49RQvaYfq8MwmQekcDXhA1GTBxK3TGTYbRKMW-7LLdtH0KZoE6BXmxKkJ9gwuZ7iZw4kUwAqj0TRiBK1lE7ATELCNX3xmyZGxOgpydPRx0MmoctP8FucpYo9JpdwApabU7jH_HYXHPTTEW6eZbkpEfDBIDsWN7AI1agQ1CCwpEWCGgWTlK1gVtrs_AMrawBjFgYO1Iy6MxSVfEXhQoFle9w82XBZIB0pRqKNwHe7k91-uah6WKRZISny8yFCpXqtxH8t5nTvaL5E8vjmHpMKwU7pq194l8x6nbTzd3db8M3_uQOzsJMnr0GELlow&sai=AMfl-YQtOJvw5piPDM3WrAo0zhWEjrfL9rKZURHE_UQa8_OT0S77qNaVoIqPYGJDkPSAE-rZ0NNb6LK3vM94Xw6k9eMDZpaF64Z8VQE-J6K_vuFHF41QXnB43u1bAXIWLekI&sig=Cg0ArKJSzAj_wjDPntbcEAE&urlfix=1&adurl=
Frame ID: D7D4D68278DF657DAF8A1983391810EC
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 930D58AFD79D90E04852E4CC44D92994
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: A8B7169ED55EF70A3EF9AFC95986D405
Requests: 9 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 7F722DC064ADE0D78B5F853F497E38A9
Requests: 9 HTTP requests in this frame

Frame: https://123d0c633895fe339f8c361eaea51cf9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 75B3CDF265F98778B02E53D76C0D31CE
Requests: 1 HTTP requests in this frame

Frame: https://9d7c30f052ed2bbadbfbc81b60229d22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: F34E6559976661FB0884EA3CB22336D5
Requests: 1 HTTP requests in this frame

Frame: https://781d526dd377f902e06f9c1dad769958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: FE03DD164BF9FCE1E861125AD219F48D
Requests: 1 HTTP requests in this frame

Frame: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 3AC0FBB770A4C9C7D621F0EE01FA43A2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 168149277C6A3AF6ED6A47FC25C37387
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 3D284BB27D0A8B60B37FB608DBEC5EDF
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 826E9E7B96099458651F642D9C0A490A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D23ECE6E267EE97EE3FEA036A461F949
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5884E2A1AA73C75AEED3A86E9EEE958C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6BE4B5649907B0E9F7BB4FCC77579562
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs
Frame ID: 201FCB3BE677C0ABBBD68A1D7F35E5BD
Requests: 26 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=palu.tribunnews.com
Frame ID: A76287E369803F841520E87492C04948
Requests: 1 HTTP requests in this frame

Frame: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 2FA817D29200197E249B6A9FADA2A031
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 31863B37959ADF8419755EE4D8ABB684
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 044E987FF344B976C4640EDFF6783AE1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2E072B4DE6B9949F777623837A7F8DE1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F506BEE959D41394DDE94D9B9D997AF6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Frame ID: 9F85D37C2033EB8308231B596A11E269
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4A3563A9E1E4A7C1931EC06C70A49B8A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9C30D64CCDF040EB31626CEFF9E58C66
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DEF5E40BC81D481F650194D25E5FC07A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=palu.tribunnews.com
Frame ID: 96A849B28FDEF71D7C23CC728F93B761
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=palu.tribunnews.com
Frame ID: D3C4809E78093EB088563F8944228007
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tribunpalu.com/ HTTP 301
http://palu.tribunnews.com/ HTTP 301
https://palu.tribunnews.com/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

FancyBox (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i

Page Statistics

301
Requests

100 %
HTTPS

47 %
IPv6

36
Domains

63
Subdomains

56
IPs

8
Countries

3684 kB
Transfer

9277 kB
Size

0
Cookies

84 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tribunnews.com/
Title: Network

Search URL Search Domain Scan URL

URL: https://www.tribunnewswiki.com/
Title: TribunnewsWiki.com

Search URL Search Domain Scan URL

URL: https://style.tribunnews.com/
Title: TribunStyle.com

Search URL Search Domain Scan URL

URL: https://travel.tribunnews.com/
Title: TribunTravel.com

Search URL Search Domain Scan URL

URL: https://wow.tribunnews.com/
Title: TribunWow.com

Search URL Search Domain Scan URL

URL: https://newsmaker.tribunnews.com/
Title: TribunNewsmaker.com

Search URL Search Domain Scan URL

URL: https://video.tribunnews.com/
Title: Tribun-Video.com

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/
Title: TribunJualBeli.com

Search URL Search Domain Scan URL

URL: https://health.tribunnews.com/
Title: TribunHealth.com

Search URL Search Domain Scan URL

URL: https://jakarta.tribunnews.com/
Title: TribunJakarta.com

Search URL Search Domain Scan URL

URL: https://wartakota.tribunnews.com/
Title: WartaKotalive.com

Search URL Search Domain Scan URL

URL: https://bogor.tribunnews.com/
Title: TribunnewsBogor.com

Search URL Search Domain Scan URL

URL: https://solo.tribunnews.com/
Title: TribunSolo.com

Search URL Search Domain Scan URL

URL: https://jatim.tribunnews.com/
Title: TribunJatim.com

Search URL Search Domain Scan URL

URL: https://madura.tribunnews.com/
Title: TribunMadura.com

Search URL Search Domain Scan URL

URL: https://jogja.tribunnews.com/
Title: TribunJogja.com

Search URL Search Domain Scan URL

URL: https://jabar.tribunnews.com/
Title: TribunJabar.id

Search URL Search Domain Scan URL

URL: https://cirebon.tribunnews.com/
Title: TribunCirebon.com

Search URL Search Domain Scan URL

URL: https://surabaya.tribunnews.com/
Title: Surya.co.id

Search URL Search Domain Scan URL

URL: https://jateng.tribunnews.com/
Title: TribunJateng.com

Search URL Search Domain Scan URL

URL: https://banyumas.tribunnews.com/
Title: TribunBanyumas.com

Search URL Search Domain Scan URL

URL: https://bali.tribunnews.com/
Title: Tribun-Bali.com

Search URL Search Domain Scan URL

URL: https://banjarmasin.tribunnews.com/
Title: BanjarmasinPost.co.id

Search URL Search Domain Scan URL

URL: https://palembang.tribunnews.com/
Title: Sripoku.com

Search URL Search Domain Scan URL

URL: https://bangka.tribunnews.com/
Title: BangkaPos.com

Search URL Search Domain Scan URL

URL: https://batam.tribunnews.com/
Title: TribunBatam.id

Search URL Search Domain Scan URL

URL: https://jambi.tribunnews.com/
Title: TribunJambi.com

Search URL Search Domain Scan URL

URL: https://aceh.tribunnews.com/
Title: SerambiNews.com

Search URL Search Domain Scan URL

URL: https://kaltim.tribunnews.com/
Title: TribunKaltim.co

Search URL Search Domain Scan URL

URL: https://lampung.tribunnews.com/
Title: TribunLampung.co.id

Search URL Search Domain Scan URL

URL: https://manado.tribunnews.com/
Title: TribunManado.co.id

Search URL Search Domain Scan URL

URL: https://medan.tribunnews.com/
Title: Tribun-Medan.com

Search URL Search Domain Scan URL

URL: https://pontianak.tribunnews.com/
Title: TribunPontianak.co.id

Search URL Search Domain Scan URL

URL: https://padang.tribunnews.com/
Title: TribunPadang.com

Search URL Search Domain Scan URL

URL: https://pekanbaru.tribunnews.com/
Title: TribunPekanbaru.com

Search URL Search Domain Scan URL

URL: https://makassar.tribunnews.com/
Title: Tribun-Timur.com

Search URL Search Domain Scan URL

URL: https://sumsel.tribunnews.com/
Title: TribunSumsel.com

Search URL Search Domain Scan URL

URL: https://kupang.tribunnews.com/
Title: Pos-Kupang.com

Search URL Search Domain Scan URL

URL: https://belitung.tribunnews.com/
Title: PosBelitung.co

Search URL Search Domain Scan URL

URL: https://suryamalang.tribunnews.com/
Title: SuryaMalang.com

Search URL Search Domain Scan URL

URL: https://mataram.tribunnews.com/
Title: TribunMataram.com

Search URL Search Domain Scan URL

URL: https://ternate.tribunnews.com/
Title: TribunTernate.com

Search URL Search Domain Scan URL

URL: https://ambon.tribunnews.com/
Title: TribunAmbon.com

Search URL Search Domain Scan URL

URL: https://papua.tribunnews.com/
Title: Tribun-Papua.com

Search URL Search Domain Scan URL

URL: https://pantura.tribunnews.com/
Title: Tribun-Pantura.com

Search URL Search Domain Scan URL

URL: https://babel.tribunnews.com/
Title: BabelNews.id

Search URL Search Domain Scan URL

URL: https://kaltara.tribunnews.com/
Title: TribunKaltara.com

Search URL Search Domain Scan URL

URL: https://banten.tribunnews.com/
Title: TribunBanten.com

Search URL Search Domain Scan URL

URL: https://lombok.tribunnews.com/
Title: TribunLombok.com

Search URL Search Domain Scan URL

URL: https://prohaba.tribunnews.com/
Title: Prohaba.co

Search URL Search Domain Scan URL

URL: https://sultra.tribunnews.com/
Title: TribunnewsSultra.com

Search URL Search Domain Scan URL

URL: https://sulbar.tribunnews.com/
Title: TribunSulbar.com

Search URL Search Domain Scan URL

URL: https://papuabarat.tribunnews.com/
Title: TribunPapuaBarat.com

Search URL Search Domain Scan URL

URL: https://www.tribunnetwork.com/career/
Title: Karir

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/epaper
Title: Tribun Epaper

Search URL Search Domain Scan URL

URL: https://www.gramedia.com/
Title: Gramedia.com

Search URL Search Domain Scan URL

URL: https://ebooks.gramedia.com/
Title: Gramedia Digital

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TribunPalucom-310286433152393
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/tribunnews/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/tribun_palu
Title: Twitter

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMN_ojgsws6mhAw?hl=id&gl=ID&ceid=ID%3Aid
Title: Google News

Search URL Search Domain Scan URL

URL: https://account.tribunnews.com/home
Title: Profile

Search URL Search Domain Scan URL

URL: https://account.tribunnews.com/login/dHJpYnVubmV3cw==/aHR0cHM6Ly9wYWx1LnRyaWJ1bm5ld3MuY29tLw==
Title: Login

Search URL Search Domain Scan URL

URL: https://account.tribunnews.com/register/dHJpYnVubmV3cw==/aHR0cHM6Ly9wYWx1LnRyaWJ1bm5ld3MuY29tLw==
Title: Mendaftar

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/travel
Title: TribunTravel.com

Search URL Search Domain Scan URL

URL: https://video.tribunnews.com/view/247993/perintahkan-ksau-copot-danlanud-dansatpom-di-merauke-panglima-tni-itu-yang-membuat-saya-marah
Title:

Search URL Search Domain Scan URL

URL: https://video.tribunnews.com/view/248041/pelaku-pembunuhan-pimpinan-redaksi-media-online-di-sumut-terungkap-ternyata-4-oknum-prajurit-tni
Title:

Search URL Search Domain Scan URL

URL: https://belanja.tribunnews.com/
Title:

Search URL Search Domain Scan URL

URL: https://belanja.tribunnews.com/products?category=new-arrivals
Title: Produk Terbaru

Search URL Search Domain Scan URL

URL: https://belanja.tribunnews.com/products/dettol-sabun-batang-original-100g-isi-3?utm_source=tribunshopping&utm_campaign=widget
Title:

Search URL Search Domain Scan URL

URL: https://belanja.tribunnews.com/products/dettol-sabun-batang-original-100g-isi-5?utm_source=tribunshopping&utm_campaign=widget
Title:

Search URL Search Domain Scan URL

URL: https://belanja.tribunnews.com/products/dettol-sabun-batang-cool-100g-isi-3?utm_source=tribunshopping&utm_campaign=widget
Title:

Search URL Search Domain Scan URL

URL: https://belanja.tribunnews.com/products/ky-jelly-personal-lubricant?utm_source=tribunshopping&utm_campaign=widget
Title:

Search URL Search Domain Scan URL

URL: https://video.tribunnews.com/view/247811/pelaku-yang-bunuh-ketua-mui-labura-ditangkap-motifnya-diduga-karena-pelaku-tak-terima-ditegur
Title:

Search URL Search Domain Scan URL

URL: https://video.tribunnews.com/view/247510/pemerintah-indonesia-buru-3-jenis-obat-terapi-covid-19-yang-belum-diproduksi-di-indonesia-apa-saja
Title:

Search URL Search Domain Scan URL

URL: https://belanja.tribunnews.com/products/durex-play-silk-100ml?utm_source=tribunshopping&utm_campaign=widget
Title:

Search URL Search Domain Scan URL

URL: https://belanja.tribunnews.com/products/durex-fetherlite-3s?utm_source=tribunshopping&utm_campaign=widget
Title:

Search URL Search Domain Scan URL

URL: https://belanja.tribunnews.com/products/dettol-sabun-cuci-tangan-skincare-200ml-refill?utm_source=tribunshopping&utm_campaign=widget
Title:

Search URL Search Domain Scan URL

URL: https://belanja.tribunnews.com/products/dettol-sabun-cuci-tangan-skincare-250ml-pump?utm_source=tribunshopping&utm_campaign=widget
Title:

Search URL Search Domain Scan URL

URL: https://www.kgmedia.id/
Title: KG Media

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/about/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/help/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/pedoman/
Title: Pedoman Media Siber

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tribunpalu.com/ HTTP 301
http://palu.tribunnews.com/ HTTP 301
https://palu.tribunnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://sb.scorecardresearch.com/b?c1=2&c2=8077308&ns__t=1627542840590&ns_c=UTF-8&cv=3.5&c8=Tribun%20Palu%20-%20Berita%20Terkini%20Palu&c7=https%3A%2F%2Fpalu.tribunnews.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1627542840590&ns_c=UTF-8&cv=3.5&c8=Tribun%20Palu%20-%20Berita%20Terkini%20Palu&c7=https%3A%2F%2Fpalu.tribunnews.com%2F&c9=

Request Chain 280

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 304

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 305

https://image8.pubmatic.com/AdServer/ImgSync?p=156479 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156479&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzVBQ0Y4MDMtRjdGRC00Q0E4LUJCQ0ItNDUzMjE4OENEODY4&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 306

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGt5UKWPie8Ht8xgmDxR94s&google_cver=1

Request Chain 307

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWUwMmM0ODYtYWU4OC02OTFmLTQyODItZGQ4NWZmZmU1NTIy

Request Chain 308

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWUwMmM0ODYtYWU4OC02OTFmLTQyODItZGQ4NWZmZmU1NTIy

Request Chain 309

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/openx?oxid=b26d174c-67ff-37bb-5762-873c351c9b42&gdpr=1

Request Chain 310

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3871668137338343392

301 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
palu.tribunnews.com/
Redirect Chain

http://tribunpalu.com/
http://palu.tribunnews.com/
https://palu.tribunnews.com/

198 KB
32 KB

1101ms
1069ms

Document
text/html

13.224.193.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://palu.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-25.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

6e8998fcc93c6ba56eb9e6acbf61d8738c6c3b183e7dc0ed7aaf46bbd42984be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: palu.tribunnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
content-length: 32175
cache-control: no-transform
content-encoding: gzip
date: Thu, 29 Jul 2021 07:13:59 GMT
server: Apache
set-cookie: csrf_cookie_name=38e6e20ab2185298d826ec5561329400; expires=Thu, 29-Jul-2021 09:13:59 GMT; Max-Age=7200; path=/; domain=.tribunnews.com 3bun_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%228113bb5146ea3b132f5e74bf0fdb6dec%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A11%3A%22172.31.1.85%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A17%3A%22Amazon+CloudFront%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1627542839%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D974c9c9fd80574936f791ff1b839a427; expires=Thu, 29-Jul-2021 17:13:59 GMT; Max-Age=36000; path=/; domain=.tribunnews.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-we-need-to-talk: Thank You
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: MbNlJ8bFQGkeU8Ls54GK-IItA5iZZfaQTKVbWymrhRLiqV2mRTiHjQ==

Redirect headers

Server: CloudFront
Date: Thu, 29 Jul 2021 07:13:59 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://palu.tribunnews.com/
X-Cache: Redirect from cloudfront
Via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: 2c-uqrPB8ykboaZ3zQHcD3ApcK1H1Nzi8_sgRD6fM7j7GDG2m5C6Xw==

GET
H2 200 style.1.8-20210702_daerah.css
cdn-1.tstatic.net/css/theme21/ 52 KB
12 KB 87ms
17ms Stylesheet
text/css 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/css/theme21/style.1.8-20210702_daerah.css
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3150cecceaba3dd7038a7ebe75ece09c40b486ce011c81b92a8b22cb9abfb3d

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:52:49 GMT
content-encoding: gzip
age: 249672
x-amz-meta-sha256: d3150cecceaba3dd7038a7ebe75ece09c40b486ce011c81b92a8b22cb9abfb3d
x-cache: Hit from cloudfront
last-modified: Mon, 26 Jul 2021 09:30:39 GMT
server: AmazonS3
etag: W/"322f5b22a3451db34f91d6b9803d0328"
vary: Accept-Encoding
x-amz-version-id: T3GdoWsZi8m2BOTsXiQ4akkNboQ2NHRP
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: text/css
x-amz-cf-id: w3dS589UcO-qzfQIeKymG7aKaAhugmxzda70RPd_8xUzg9-Kx_q0RQ==
x-amz-meta-s3b-last-modified: 20210702T112716Z

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
5 KB 15ms
13ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 11095922
cdn-cachedat: 2021-03-11 11:57:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a9f1136dc57a7605179530d5ffb85493
cf-ray: 67648c3eed814e43-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery-1.8.3.min.js Show response
cdn-1.tstatic.net/js/jquery/ 91 KB
33 KB 91ms
21ms Script
application/javascript 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/jquery/jquery-1.8.3.min.js
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 01:50:21 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2015 04:27:56 GMT
server: AmazonS3
age: 1747420
etag: W/"e1288116312e4728f98923c79b034b67"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: GL1jjW-pZVWkSaa-nrQzFqrYrOQnjQG-FiEuiP7b1Czu9ursKNGgug==
expires: Tue, 24 Mar 2015 16:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 70 KB
25 KB 39ms
16ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

259d57a1883217a2e9ba8d568ce172d35c880ed6a7910fa34d45b2d1676c3fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "943 / 110 of 1000 / last-modified: 1627510412"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24670
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:00 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://palu.tribunnews.com
Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 13:19:37 GMT
x-content-type-options: nosniff
age: 150863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8892
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 13:19:37 GMT

GET
H2 200 jquery.fancybox_2.min.css
cdn-1.tstatic.net/js/fancybox2.1.3/ 4 KB
2 KB 85ms
18ms Stylesheet
text/css 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/fancybox2.1.3/jquery.fancybox_2.min.css
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 01:49:37 GMT
content-encoding: gzip
age: 1747464
x-amz-meta-sha256: ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a
x-cache: Hit from cloudfront
last-modified: Wed, 10 Jun 2020 05:52:59 GMT
server: AmazonS3
etag: W/"9dba4b0617628815180b9c368b6bf56e"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: text/css
x-amz-cf-id: L-OGeUT4ygi64HVbtr7CuT2nR7sZJtOuRnC5ufUjstU-0A3wa5fbYQ==
x-amz-meta-s3b-last-modified: 20200610T055203Z

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
6 KB 17ms
17ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 617, 617
age: 11096008
cdn-cachedat: 2021-03-11 11:58:04
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: af3097212757f6b13d804a73f5f188bc
cf-ray: 67648c3eed834e43-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 tribun.1.8-20190807.js Show response
cdn-1.tstatic.net/js/tribun/ 8 KB
3 KB 21ms
13ms Script
application/x-javascript 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/tribun/tribun.1.8-20190807.js
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92d6b966c3b2fb58c469e35de5c5cdf8cdaa30ea9bb7a3e15e1b86765f892452

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"be91403c70880ee1b6e1f2ee7540a674"
last-modified: Mon, 08 Jul 2019 09:23:15 GMT
server: AmazonS3
age: 2113669
x-amz-meta-cb-modifiedtime: Mon, 08 Jul 2019 09:22:04 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
date: Sun, 04 Jul 2021 20:06:12 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: XfFsMFHFH9gnVHy65bkSMW-AaBRPByxjuRjEak1VEn6q0hSJDW17Lg==

GET
H2 200 jquery.bxslider.mini.js Show response
cdn-1.tstatic.net/js/bxslider/ 19 KB
5 KB 21ms
14ms Script
application/javascript 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/bxslider/jquery.bxslider.mini.js
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 130368e1880972a560164d6a42407eb853179a8eb98aa11b3ec7605296dfe775

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 00:08:18 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2015 04:27:51 GMT
server: AmazonS3
age: 1580743
etag: W/"d7163e041d3b536a19694784ad2ec6da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: W5jDEHnV84LmChCACj71jc7LbapC5D5w604U2km5bdMUIIqx6CuHoQ==
expires: Tue, 24 Mar 2015 16:00:00 GMT

GET
H2 200 jquery.fancybox.pack.js Show response
cdn-1.tstatic.net/js/fancybox2.1.3/ 22 KB
9 KB 23ms
15ms Script
application/javascript 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/fancybox2.1.3/jquery.fancybox.pack.js
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ff9d4ae2b3407b031e3359007ff4d7ac9e0b342f25ce44c77d3cb7f14f65043

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 25 Mar 2015 04:27:55 GMT
server: AmazonS3
age: 374718
etag: W/"38b8a249b8b955e0c789a490847d9cc5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
date: Sat, 24 Jul 2021 23:09:52 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: uW3MRuWLHNungFT_A-XRr_K5x7iJ95odUlqKfXSZRUrO8Fv0ucbQpA==
expires: Tue, 24 Mar 2015 16:00:00 GMT

GET
H2 200 prebid4.32.0-26032021.js Show response
cdn-3.tstatic.net/ads/prebid/ 250 KB
79 KB 94ms
44ms Script
application/x-javascript 13.224.193.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93ad25346390323235a0b27d7f517853a0b911cb94f0755786ee858f2626acaf

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Fri, 26 Mar 2021 07:43:41 GMT
date: Sun, 25 Jul 2021 11:40:03 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 07:44:35 GMT
server: AmazonS3
age: 329638
etag: W/"759d0d923ac130ee53892ca24052d031"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: VldnJyEos2sAEpIDi0CvJk6DL5Q3WewEES58Kr4HwTOaryH06leW4A==

GET
H2 200 glightbox.min.css
cdn-1.tstatic.net/css/glightbox/ 13 KB
3 KB 85ms
18ms Stylesheet
text/css 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/css/glightbox/glightbox.min.css
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 18:33:56 GMT
content-encoding: gzip
age: 391204
x-amz-meta-cache-control: max-age=2592000, public
x-amz-meta-sha256: 17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
x-cache: Hit from cloudfront
last-modified: Fri, 08 May 2020 08:14:16 GMT
server: AmazonS3
etag: W/"7443f26fb8ef9bb0368d931f2b1f1cb5"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: text/css
x-amz-cf-id: kA1UBVOl53l4hesQkrJNd8sNs7qdOlTUtjt1YwsCKSUqxFpETMmPkA==
x-amz-meta-s3b-last-modified: 20200331T194635Z

GET
H2 200 glightbox.min.js Show response
cdn-1.tstatic.net/css/glightbox/ 40 KB
12 KB 86ms
20ms Script
application/javascript 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/css/glightbox/glightbox.min.js
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:14:04 GMT
content-encoding: gzip
age: 2012396
x-amz-meta-cache-control: max-age=2592000, public
x-amz-meta-sha256: 3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
x-cache: Hit from cloudfront
last-modified: Fri, 08 May 2020 08:14:31 GMT
server: AmazonS3
etag: W/"c8e60c852f16b93503708e1b27423274"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: DgUeC1AneqSGhE1ZqVQg5FqBaic9cO9qPxQFbbt2iLi8MKW6CWxO9g==
x-amz-meta-s3b-last-modified: 20200331T184655Z

GET
H2 200 sdk.js Show response
connect.facebook.net/id_ID/ 3 KB
2 KB 25ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/id_ID/sdk.js

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa6d9391202f7396a6acea8d1a44199b334efa384c859edfe061493970fd5807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://palu.tribunnews.com
Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0WagLOxnTTPdHd+uFwfhpQ==
cross-origin-resource-policy: cross-origin
expires: Thu, 29 Jul 2021 07:14:25 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: QCvrpKK9bDlInh8wHc9ywH+Tv5E18W7uVjgtwfMzT/fvc09TnW09h2b08TGQVN669OUt81r94VQIthawbLq9Nw==
x-fb-trip-id: 2050670934
x-fb-content-md5: fa701aec573505fd3d8900c41438aea1
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Thu, 29 Jul 2021 07:14:00 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5e31d8472d002038788d00595068dabb"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 Tribun_Palu.svg
cdn-1.tstatic.net/img/logo/daerah/svg3/ 6 KB
3 KB 24ms
17ms Image
image/svg+xml 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1.tstatic.net/img/logo/daerah/svg3/Tribun_Palu.svg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15391720f91661e5c1923192fcf60af24abe1e451d1c4c76b674b456921072e5

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 00:24:52 GMT
content-encoding: gzip
age: 1406949
x-amz-meta-sha256: 15391720f91661e5c1923192fcf60af24abe1e451d1c4c76b674b456921072e5
x-cache: Hit from cloudfront
last-modified: Wed, 25 Nov 2020 04:50:43 GMT
server: AmazonS3
etag: W/"26948e5052c7dc0fa68863e79040ca01"
vary: Accept-Encoding
x-amz-version-id: hgKsVFMVZL.DeFmpJkOK8S3rve4Ewv7a
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: MWK0vMTxHuJk0JTbmQU3yc6IDvjIFMOmhmD6dvf15r0cEaj9PA1QKw==
x-amz-meta-s3b-last-modified: 20201125T042616Z

GET
H2 200 Logo_T_blue.svg
cdn-1.tstatic.net/img/logo/tribun/svg/ 2 KB
2 KB 22ms
16ms Image
image/svg+xml 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1.tstatic.net/img/logo/tribun/svg/Logo_T_blue.svg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Fri, 24 Jul 2015 09:49:00 GMT
date: Thu, 08 Jul 2021 01:32:33 GMT
content-encoding: gzip
last-modified: Sat, 15 Aug 2015 14:25:23 GMT
server: AmazonS3
age: 1834888
etag: W/"2881375fb0f9e7fc4d0a2f42434696e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: FdUCt4qktEOAHFTwUEUvdxRsj8aU9KH7Cx-qjuhCbag2cq_5Lql4XA==

GET
H2 200 kristina-paskibraka-sulbar.jpg
cdn-2.tstatic.net/palu/foto/bank/images2/ 41 KB
41 KB 183ms
95ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/images2/kristina-paskibraka-sulbar.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10f06d84deb1812d407b8ed81c74deb4af37c5b67c3a59c948de40bce9e6bafe

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:41:34 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 00:24:02 GMT
server: AmazonS3
age: 1946
etag: "2aa5eb7f14f28c308af87c532c48a66e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 41493
x-amz-cf-id: 81nZOXJhH9Yit8Anoc027RDGBG9UAMd4WHmLzZwU4WQ_auj9X2zrzQ==

GET
H2 200 kepala-bidang-prasarana-dinas-perhubungan-kabid-dishub-kota-palu-nirwan.jpg
cdn-2.tstatic.net/palu/foto/bank/images2/ 68 KB
69 KB 129ms
41ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/images2/kepala-bidang-prasarana-dinas-perhubungan-kabid-dishub-kota-palu-nirwan.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c42149352cb1ecc54d93657ed2057c6fd90829db44bed159e994bfe9f32a9da

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:02:27 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 01:09:43 GMT
server: AmazonS3
age: 4294
etag: "580be5809a689e46e8b685da450402fc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 70025
x-amz-cf-id: tX4mdBJAutAgUBCAdoKyhiHfol1gkEFrokmqzjoVXLL6h9Xhq0DlJQ==

GET
H2 200 akidi-tio.jpg
cdn-2.tstatic.net/palu/foto/bank/images2/ 60 KB
61 KB 181ms
93ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/images2/akidi-tio.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46b6d68c80630f7526173c193b8bea75d55b8c92da59abf1b30d498159fb600f

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:02:27 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jul 2021 03:28:03 GMT
server: AmazonS3
age: 4294
etag: "87660e60a1af0bf1be89a5fce5963e66"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 61890
x-amz-cf-id: Fu1B9ysA-8YA6dCFyDQz7LgVskPxLZbUxEqqpsUGHgFVsjQJl7dEdQ==

GET
H2 200 irwan-tinjau-wisma.jpg
cdn-2.tstatic.net/palu/foto/bank/images2/ 62 KB
62 KB 150ms
62ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/images2/irwan-tinjau-wisma.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a8722814f7bca9ad41d6934c6909c2f35568af8bc3fcf804cb821939b8641ce

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 02:28:55 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 00:24:54 GMT
server: AmazonS3
age: 103506
etag: "86fa515e7707ec3b6f55ba09b4fd5357"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 63476
x-amz-cf-id: ggGatCFY0bxbpFXQCofFqhRGeF7OXbqxqTyTThMzYlevnVxsOCRUVg==

GET
H2 200 tni-au-injak-kepala-warga-di-merauke-papua-1.jpg
cdn-2.tstatic.net/palu/foto/bank/images2/ 22 KB
23 KB 758ms
670ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/images2/tni-au-injak-kepala-warga-di-merauke-papua-1.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ca057005013190b87e172c88560cb8c3b63ad62dfb9d5a9b190369a7a53254d

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 07:45:03 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "01d0a293f1f65cf351f2df01ae199e80"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 22688
x-amz-cf-id: ig0ksEps-2RAXPMOVQmGueOVewBMaak0GkMIxgeUuT8ZqONHCLIYhQ==

GET
H2 200 kristina-paskibraka-sulbar.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 4 KB
4 KB 156ms
68ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/kristina-paskibraka-sulbar.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c1f2b87b622e9783e4dfa6417c212e4247542093ae6a75fe86978e08e0b5ef4

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:46:21 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 00:24:02 GMT
server: AmazonS3
age: 23260
etag: "10e817fdf6074594510c1ffa257ee2dd"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 4142
x-amz-cf-id: OMdUKshWEpzj2HVgrEvd5lcY2qNBG9DvnjP2l3RbxbVhajSKDUSxaQ==

GET
H2 200 kepala-bidang-prasarana-dinas-perhubungan-kabid-dishub-kota-palu-nirwan.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 5 KB
6 KB 63ms
35ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/kepala-bidang-prasarana-dinas-perhubungan-kabid-dishub-kota-palu-nirwan.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18b522c67f7c02fafe1d20473c8026a5e76b0e99dd8a0cc39dbc2cda30d72a5e

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 01:19:19 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 01:09:43 GMT
server: AmazonS3
age: 21282
etag: "90091ff44e40bd76ae9136dc3ad45a14"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 5450
x-amz-cf-id: XCL7j0s6nwMIIt-8KfZn4kTJZosuRsxLRqOLjmSQZp8LcAKo4PSNZw==

GET
H2 200 akidi-tio.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 5 KB
5 KB 79ms
73ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/akidi-tio.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be89c14f297310443a803ac4eaaf7db21a27372ef25a0a4b17db745715ec366b

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 03:36:13 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jul 2021 03:28:04 GMT
server: AmazonS3
age: 185868
etag: "159e5feb4e1ef7851dfd5254f2b058bb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 5227
x-amz-cf-id: 9iYZl_uK9PySynlxjNcbPy1Lms33iwzndTYKQxztHPkec3We4AcpLg==

GET
H2 200 irwan-tinjau-wisma.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 5 KB
6 KB 82ms
76ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/irwan-tinjau-wisma.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2962922674282aed943cf9fda1016917496061996c2f0ca58fd46bf802e406f5

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 03:25:20 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 00:24:54 GMT
server: AmazonS3
age: 100121
etag: "74269299b07e33abc2fb4cfe9634c207"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 5394
x-amz-cf-id: GHwNObTul5Hague1NgQUEki5EAijiyUtmVREvhyciKW3RuXVkIUbeQ==

GET
H2 200 tni-au-injak-kepala-warga-di-merauke-papua-1.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 3 KB
4 KB 83ms
77ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/tni-au-injak-kepala-warga-di-merauke-papua-1.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52f2098042ea6f42f6c8c3b1a6d24ca48782c64edb0a67688fdf04fff018808f

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:51:37 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 07:45:03 GMT
server: AmazonS3
age: 66144
etag: "5416ebf4ca15c42a58dbe1114161e530"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 3501
x-amz-cf-id: 7OMsOH3a79S_s-MyRMSyz1A_MyR1fQMYrgNh_19mVHuicNiVm0n4PA==

GET
H2 200 tangki-mobil-pertamina-bocor.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 5 KB
5 KB 726ms
720ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/tangki-mobil-pertamina-bocor.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80c819940af40ab5681f0a77d23e45961d1f9217e0b56300e2aa6bbc44c8076e

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 07:06:36 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "7956e2d89fd53fc8547b7170bbf0fe1a"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4936
x-amz-cf-id: wGRqzdEP-5x_uOjOTZUKzGpHZRQr_ydXP3kUCi4o765mNzAJXF2y2Q==

GET
H2 200 kakbah-di-kota-mekkah.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 5 KB
6 KB 81ms
75ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/kakbah-di-kota-mekkah.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5cfe671424099855ae35137698705a000904721ddce7d0eb6c0c94a1bc672e19

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 02:10:35 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Sun, 26 May 2019 03:53:44 GMT
server: AmazonS3
age: 191006
etag: "1ba7b68e0d22cf31a839dfed888b881e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 5427
x-amz-cf-id: Bw0_AzLjILU4WZJ6Qwo2h6SITQ5Sd7g_td-aaNuaCEgN9Nzl0Q157w==

GET
H2 200 kakanwil-kemenkumham-sulteng.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 5 KB
6 KB 90ms
84ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/kakanwil-kemenkumham-sulteng.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9371797a276ddf55a98d19ae0d7ef2bd8b13e9cd5816058ea3c24b425e6923b5

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:11:28 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 06:33:34 GMT
server: AmazonS3
age: 152
etag: "46642e6fdbd4a53414060cc1b7dac596"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 5306
x-amz-cf-id: buWTFSptFgUzGRT4ZMKdaNXzqIaZ6-yJCgon8jnLrbEqrpbnp4kQrg==

GET
H2 200 ilustrasi-virus-corona-baru-covid-19-67.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 5 KB
5 KB 710ms
705ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ilustrasi-virus-corona-baru-covid-19-67.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12ef031d9496dceda1c4c89f1a47b8d9a2ff3c608557b910d0d2116c99f1db2a

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Mon, 30 Mar 2020 07:03:15 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "87747df2177e20898009bb2be9ae11f4"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 5138
x-amz-cf-id: Yh_Rfn1l22zHMfsA5kM4ZzNkbxxuAy4Di5SHV6Jz2CEnlj5tFdMiqw==

GET
H2 200 kemenkumham-sulteng.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 5 KB
5 KB 83ms
78ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/kemenkumham-sulteng.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e30e11c5d8eed69cd8045bb77a4c7808bfc2a7a42bb693b11c5140d4d78eb894

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:41:30 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 06:27:05 GMT
server: AmazonS3
age: 1951
etag: "1b4599b691ad6b3c27ed6bb0e7536d1a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 4823
x-amz-cf-id: ZzIroiW1rSFfERYohmCvJbb-7fADCtqrcLyYM1siKoeNSK3IdyBkDg==

GET
H2 200 ilustrasi-haji-saat-pandemi.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 6 KB
6 KB 688ms
683ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ilustrasi-haji-saat-pandemi.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efbcc3f526cae97859fdb262d53ed3d5bd245871c94605031a1bf0bb15c00de1

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Wed, 11 Nov 2020 09:51:19 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "7a3254692d9e67016bc758df3564d196"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 6072
x-amz-cf-id: DmtrWzIc7S5JQNlsmoRHnvjuplYEZ6e6gUZYpd47VyaES3DSWItOqA==

GET
H2 200 jumpa-pers-polda-sulteng.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 4 KB
5 KB 84ms
78ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/jumpa-pers-polda-sulteng.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4410561798cf158e9eeb1f6717b69c164de20d0a0e38d89b86038b3d377b484

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:41:30 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 06:20:41 GMT
server: AmazonS3
age: 1951
etag: "a0b2e826db1196ff4f4683c887bb0bdc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 4568
x-amz-cf-id: LRsdvNd2DAujVg_M3Fp0DJJYIbzIQbVLwKJXu9r3BJ9GWJ7tprIYDA==

GET
H2 200 posko-perbatasan-ppkm-palu-pantoloan.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 5 KB
6 KB 86ms
81ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/posko-perbatasan-ppkm-palu-pantoloan.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca852419746f5e5dc4d27335cc101e34e4ab5475adcd5ed3c6e209aeb344c7df

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 13:41:35 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 12:29:46 GMT
server: AmazonS3
age: 63146
etag: "4a160c7d332fb3555e7742659039456a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 5623
x-amz-cf-id: OJFtbRW_qUocpSEWzvurmFrFHseepk4Z-lGTqlgum_DEA0znQLuuJw==

GET
H2 200 tribunbelanja.svg
cdn-1.tstatic.net/img/logo/tribun/svg/ 7 KB
3 KB 22ms
17ms Image
image/svg+xml 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1.tstatic.net/img/logo/tribun/svg/tribunbelanja.svg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6eb68d4b4b8a4295742792be3d217419fb2652654a75d5b5509a32a9152dc9d

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:31:25 GMT
content-encoding: gzip
age: 1788155
x-amz-meta-sha256: e6eb68d4b4b8a4295742792be3d217419fb2652654a75d5b5509a32a9152dc9d
x-cache: Hit from cloudfront
last-modified: Thu, 27 May 2021 09:37:30 GMT
server: AmazonS3
etag: W/"faffe3118ea71364d93ea49ed67f72f8"
vary: Accept-Encoding
x-amz-version-id: 0nhJdP9v3J_yFiXg0XHzTw2BAKTF5id.
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: lZ0tozGC2rFRrCUyB0oqJML1anKyERoSO-L38stiZO6AI8cFGXvfFw==
x-amz-meta-s3b-last-modified: 20210527T093545Z

GET
H2 200 0b216b9e-561b-417b-b9ec-986f6af8c1bb__w175_hauto.jpg
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 7 KB
7 KB 158ms
50ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/0b216b9e-561b-417b-b9ec-986f6af8c1bb__w175_hauto.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: eeec4fc3c1f692ef46b28dff16738ab01b17a1ba4ea13d57b48e60d1ab5a8719

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
via: 1.1 14ece26b907b2b297edda8cd1de9a9b4.cloudfront.net (CloudFront)
cdn-edgestorageid: 722
age: 354174
x-cache: Hit from cloudfront
cdn-cachedat: 2021-07-24 07:59:39
cdn-pullzone: 398968
content-length: 6984
last-modified: Tue, 20 Jul 2021 00:03:02 GMT
server: BunnyCDN-DE1-756
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control: max-age=31536000, public
cdn-requestid: 6b674ca13fa76a7e9a8c5bc2eb291ead
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
cdn-requestcountrycode: DE
x-amz-cf-id: hu-6rmjkrsogKZ41kJh91ATmWeb4VblDqw6Jb0udYtqDl8PVguhMsQ==
cdn-requestpullsuccess: True

GET
H2 200 e0f8fb47-87da-465a-97af-6626bc6de4d4__w175_hauto.jpg
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 7 KB
8 KB 113ms
29ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/e0f8fb47-87da-465a-97af-6626bc6de4d4__w175_hauto.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 733c6e44bb416671c9651ac9369fb7b95f1e212829ec5cf6d79eb0071fcbcead

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57d.cloudfront.net (CloudFront)
cdn-edgestorageid: 756
age: 386051
x-cache: Hit from cloudfront
cdn-cachedat: 2021-07-24 16:50:56
cdn-pullzone: 398968
content-length: 7195
last-modified: Tue, 20 Jul 2021 00:03:04 GMT
server: BunnyCDN-DE1-756
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control: max-age=31536000, public
cdn-requestid: 424b64956b9df62678b61a1ea94d5254
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
cdn-requestcountrycode: DE
x-amz-cf-id: qaJyEE2dNOw0YMEtuKlm5T1h3ew4Lx02ZXQsEl5FI2yn7GAbImCmRA==
cdn-requestpullsuccess: True

GET
H2 200 8212aaf3-7dd8-4421-8e02-7c10fa58de3c__w175_hauto.jpg
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 7 KB
8 KB 108ms
59ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/8212aaf3-7dd8-4421-8e02-7c10fa58de3c__w175_hauto.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 48cf10a3b1ebb48a5df4ca0105a1c1266c4c81be2f440debdd00224a359cb37b

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
via: 1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
cdn-edgestorageid: 755
age: 386424
x-cache: Hit from cloudfront
cdn-cachedat: 2021-07-24 14:57:10
cdn-pullzone: 398968
content-length: 7452
last-modified: Tue, 20 Jul 2021 00:35:31 GMT
server: BunnyCDN-DE1-756
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control: max-age=31536000, public
cdn-requestid: e3f5c029d824add82990b6c515642f44
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
cdn-requestcountrycode: DE
x-amz-cf-id: QJM_w4NatVrR9r7klytH1Dh53v8Dn-jK3EUQ6zLYvvwCN9artaDvDQ==
cdn-requestpullsuccess: True

GET
H2 200 745bd8b5-0507-470c-b71e-0d614d713368__w175_hauto.jpg
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 7 KB
8 KB 84ms
34ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/745bd8b5-0507-470c-b71e-0d614d713368__w175_hauto.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: b4e6758d5628b2765fa2fcf572e4ff7eb8eb99ca6bf9212931999d249f4b5e17

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
via: 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront)
cdn-edgestorageid: 601
age: 1698752
x-cache: Hit from cloudfront
cdn-cachedat: 07/28/2021 21:26:26
cdn-pullzone: 398968
content-length: 7623
server: BunnyCDN-DE1-756
last-modified: Fri, 09 Jul 2021 03:32:30 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control: public, max-age=31536000
cdn-requestid: bc6826e2162bb9836eb19741085d4852
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
cdn-requestcountrycode: DE
x-amz-cf-id: qwi9ZZkp2VYIk5cjLmzUJ-JMSfCcYI6SgPy5INoSSV58whgLjs4ViQ==
cdn-requestpullsuccess: True

GET
H2 200 hasil-rontgen-paru-paru-pasien-bersih-setelah-sel-sel-imun-berperang-melawan-virus-corona.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 3 KB
4 KB 84ms
79ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/hasil-rontgen-paru-paru-pasien-bersih-setelah-sel-sel-imun-berperang-melawan-virus-corona.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e2cea1b72af8853ad3e3040b5ab4e37624d0eb3540da8e124f10e9713901efd

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:39:46 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 00:29:16 GMT
server: AmazonS3
age: 110055
etag: "6d7e2feada750817a3f301fbad4bc761"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 3300
x-amz-cf-id: hyN5vsJQit-67fMJgf-1wk4SLaLpxuCuNS0fNio2330WgKtMinnzOw==

GET
H2 200 e84782db-25be-404b-81ed-950b0b584eaf__w175_hauto.jpg
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 8 KB
9 KB 107ms
57ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/e84782db-25be-404b-81ed-950b0b584eaf__w175_hauto.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 2de0109003c5075c52a761b2d15ebdd98a1786fe69bd44bdae0341019250ec98

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
cdn-edgestorageid: 752
age: 191493
x-cache: Hit from cloudfront
cdn-cachedat: 2021-07-24 16:39:57
cdn-pullzone: 398968
content-length: 8292
last-modified: Wed, 21 Jul 2021 08:43:34 GMT
server: BunnyCDN-DE1-756
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control: max-age=31536000, public
cdn-requestid: d2b4def3fd4bb480cb93a5b82b319d3f
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cdn-requestcountrycode: DE
x-amz-cf-id: wZBcZMqfCqvQKRE5XH-WdMH9lFz0w3XXEfWKFEb2idbUdh3UguDeUA==
cdn-requestpullsuccess: True

GET
H2 200 a6843136-3d9d-4802-b9b1-06a67ed28a24__w175_hauto.jpg
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 7 KB
8 KB 95ms
45ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/a6843136-3d9d-4802-b9b1-06a67ed28a24__w175_hauto.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: df1afa97a201c63b6da6b3b4999f69944ae6b2b3e28607e4283f9a2d7a905261

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cdn-edgestorageid: 756
age: 112814
x-cache: Hit from cloudfront
cdn-cachedat: 2021-07-29 04:28:55
cdn-pullzone: 398968
content-length: 7443
last-modified: Tue, 27 Jul 2021 01:34:20 GMT
server: BunnyCDN-DE1-756
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control: max-age=31536000, public
cdn-requestid: 8a892a3344d44995bdf2b4ad1b6859be
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cdn-requestcountrycode: DE
x-amz-cf-id: 9BDCaeDKNEQflvvRu638gYFd_1Z0cWUyvZksbyRaQH-ZitirDYngmQ==
cdn-requestpullsuccess: True

GET
H2 200 f6821eee-d361-43db-b1bc-3837090239eb__w175_hauto.jpg
cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/ 7 KB
7 KB 55ms
55ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bhisma.cloud/catalog/belanja.tribunnews.com/products/f6821eee-d361-43db-b1bc-3837090239eb__w175_hauto.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 3dbd92a4d9dfb02a54188eed15ebb1e53e795290d937d6361e0a91339b446ab2

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
via: 1.1 575b0bfed88abe713ca72d1b4c29e4f3.cloudfront.net (CloudFront)
cdn-edgestorageid: 601
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
cdn-cachedat: 2021-07-27 03:34:19
cdn-pullzone: 398968
content-length: 7023
last-modified: Fri, 23 Jul 2021 11:28:10 GMT
server: BunnyCDN-DE1-756
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 8ca90d25-cd82-46e5-b224-f661ab74d28f
cache-control: max-age=31536000, public
cdn-requestid: 7fb1193275fce45968f8ecc0471ace7b
accept-ranges: bytes
cdn-requestcountrycode: DE
x-amz-cf-id: JLJowwHqWtY0hDPHNzh5237kKgSJsYtX8LJhGfwacnyl8HET6u0VhQ==
cdn-requestpullsuccess: True

GET
H2 200 ilustrasi-isolasi-mandiri.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 4 KB
4 KB 85ms
79ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ilustrasi-isolasi-mandiri.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00bbf9065c9ee44162a997a2de18636b880bb702217f94f268ff9523e52539d3

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 02:14:12 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Sun, 01 Nov 2020 04:59:26 GMT
server: AmazonS3
age: 17989
etag: "5ef62c340854657337c63bfc14bf9928"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 3800
x-amz-cf-id: O0-3zfOJpB9vEE_c5obSS5RvxNUJfNW061cjOVPyMqXo9oPmrww_2g==

GET
H2 200 ketua-hk2t-m-fuad-pettalolo.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 3 KB
3 KB 85ms
80ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ketua-hk2t-m-fuad-pettalolo.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7b83dcb9180c06c0d1ea6fd3ea6123b332926eddedb1977fecad4c4a8a3ca32

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 13:55:19 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 03:31:50 GMT
server: AmazonS3
age: 62321
etag: "eabef11dd9aad530bed87e5f9f601cd3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 3040
x-amz-cf-id: Lpp2Up4upMjdGu2lne4rTTtf2cksn0_l7GIb6VqG7unEFPQuxfyV2g==

GET
H2 200 berikut-ini-adalah-ramalan-zodiakmu-rabu-13-februari-2019.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 5 KB
5 KB 88ms
83ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/berikut-ini-adalah-ramalan-zodiakmu-rabu-13-februari-2019.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b6c6e2402121bc873b33146f81a48362e8cd3a11f36be404db2106342fa9e1b

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 03:18:21 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Wed, 13 Feb 2019 00:19:37 GMT
server: AmazonS3
age: 14140
etag: "98d67a326af9f6509f78049ebc1c7cf6"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 4704
x-amz-cf-id: SknTJucmxXfm4H3EeHwTpkBukzj0AirZrIPOaTZHtJjfJzTBZWnHpw==

GET
H2 200 ilustrasi-hujan-lebat-akibat-cuaca-ekstrem.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 3 KB
4 KB 88ms
83ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ilustrasi-hujan-lebat-akibat-cuaca-ekstrem.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 938a99a3e27509604576cacb6df12aface946d0a798bf96c677560cda5081ddb

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 21:50:51 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Wed, 27 Feb 2019 00:59:42 GMT
server: AmazonS3
age: 379390
etag: "b24f136488ae083283df1d4db2f84d41"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 3505
x-amz-cf-id: WBwRb_nUhfrcS6nd2cfdT4wuPqo57CdD03xiDqwqwde3ZrBS7mqJfQ==

GET
H2 200 bocoran-ikatan-cinta-23-mei-2021.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 4 KB
5 KB 744ms
739ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/bocoran-ikatan-cinta-23-mei-2021.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dff1a5c82f4e3c4874471b2fa1cbfbeef071337b892872fd231e86e73ee55e1a

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Sat, 22 May 2021 23:59:48 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "cbe160b80c6a147b39a51eb99063b7c8"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4467
x-amz-cf-id: y5C53QU9xMRyDpx2IMqq1EyQ3r7Xn0SRXuOiZKUTr4Zcx56A4Jh9Vg==

GET
H2 200 ilustrasi-salat-dhuha.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 5 KB
5 KB 89ms
84ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ilustrasi-salat-dhuha.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68470431441ff523bea2624b97707d78e9142349cdac0470110ebad8671332ec

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 01:52:09 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Tue, 13 Apr 2021 02:53:19 GMT
server: AmazonS3
age: 278512
etag: "5c0967c2950cf544a0a77d104b74fad0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 4806
x-amz-cf-id: kYkQ_h4P0hc8dgs3tQhEbtnIFOQSku2vLyONekgzIE-BTCOCF9HG-Q==

GET
H2 200 perawat-beristirahat-di-sela-sela-kegiatan-penyaringan-screening-covid-19.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 4 KB
4 KB 91ms
86ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/perawat-beristirahat-di-sela-sela-kegiatan-penyaringan-screening-covid-19.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 440d0090b9ce0f8b19dddb87bac569ea428bfdd7635731427d60f12b806d1ba0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 01:07:03 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Fri, 23 Jul 2021 04:07:03 GMT
server: AmazonS3
age: 22018
etag: "fec7f2d95acff8bd34bf40849299b663"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 3828
x-amz-cf-id: u2jqeqytIbY8ZvY_PzO9FMM-XrPFwuXva1Rj5oeTr2ot8qJz53Olgw==

GET
H2 200 simak-resep-membuat-pancake-yang-enak-dan-mudah-berikut.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 5 KB
6 KB 720ms
715ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/simak-resep-membuat-pancake-yang-enak-dan-mudah-berikut.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8313ff88bfc8762b8d4513ec6bf32ea6731f591ef517a493ec89af057d7539cc

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 00:45:17 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "0312662dfb68f7a6e2a8323705bb7ae8"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 5304
x-amz-cf-id: M0q5mOSAybopOTMuvoMygZkllt5WAR7GvNEk7ESIFBljDye0uc9evw==

GET
H2 200 ramalan-cinta-berdasarkan-zodiak.jpg
cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ 5 KB
6 KB 709ms
704ms Image
image/jpeg 13.224.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-2.tstatic.net/palu/foto/bank/thumbnails2/ramalan-cinta-berdasarkan-zodiak.jpg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f65c8eaaea81710bbaaf2cf4d28eb107c1fef17e9c702a63238ce1751edeae8

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Sun, 10 Mar 2019 00:11:42 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "7f8682c8e41152868623285f63741e81"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 5318
x-amz-cf-id: xc4ZP-38_vAXE7U9r0aZ6jlYU8vFp7cvvk8FvJIjO3P0zlrD1zblZw==

GET
H2 200 lozad.min.js Show response
cdn-1.tstatic.net/js/ 2 KB
1 KB 15ms
14ms Script
application/x-javascript 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/lozad.min.js
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Fri, 31 May 2019 01:49:18 GMT
date: Sun, 07 Feb 2021 18:51:25 GMT
content-encoding: gzip
last-modified: Fri, 31 May 2019 01:51:20 GMT
server: AmazonS3
age: 14818955
etag: W/"34b722949a97a9f6734cd66d940531ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
content-type: application/x-javascript
x-amz-cf-id: aAjDAnxGUk6R5RPDrGS4DibYYb2OWJde7WxuURWGWGWI8J-Hjp8jzw==

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.5.6/ 34 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.6/firebase-app.js

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 04:35:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12419
x-xss-protection: 0
last-modified: Thu, 25 Oct 2018 20:51:40 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Jul 2022 04:35:32 GMT

GET
H3-29 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.5.6/ 35 KB
10 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.6/firebase-messaging.js

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 18:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10096
x-xss-protection: 0
last-modified: Thu, 25 Oct 2018 20:51:40 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 18:45:09 GMT

GET
H2 200 tribun.js Show response
sttribunnews.kompas.com/kgnotif/ 4 KB
4 KB 118ms
29ms Script
application/javascript 13.224.99.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sttribunnews.kompas.com/kgnotif/tribun.js
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-2.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 081a28dfa5acc18a525c552aa51fc5a0bc1e2eb1c387db969b8f8af3d77a530d

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 06:13:39 GMT
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
age: 9853221
x-amz-meta-sha256: 081a28dfa5acc18a525c552aa51fc5a0bc1e2eb1c387db969b8f8af3d77a530d
x-cache: Hit from cloudfront
content-length: 3689
last-modified: Thu, 18 Mar 2021 08:21:13 GMT
server: nginx
etag: "c779e5bc5b38950e7582691cd13dc484"
access-control-allow-methods: GET, OPTION
x-amz-version-id: o5WmqjaGYyr3x092m48I3dsgu0hL9.xO
access-control-allow-origin: *
expires: Wed, 06 Apr 2022 06:13:39 GMT
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: 7-W_KD0PRCLLzmTAk31rIRiOBydDSYuQyy4sEKxW6rxzUZm3SiQJCA==
x-amz-meta-s3b-last-modified: 20210318T073258Z

GET
H2 200 sso_g_signin.min-1.0.js Show response
cdn-1.tstatic.net/js/kgmedia/tribunnews/ 3 KB
2 KB 21ms
13ms Script
application/javascript 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.0.js
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbba45cb3355a22c9ddd6893732795b6746e460fc1ac52e77b5268ec9d685f5f

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 17:29:24 GMT
content-encoding: gzip
age: 1950277
x-amz-meta-sha256: dbba45cb3355a22c9ddd6893732795b6746e460fc1ac52e77b5268ec9d685f5f
x-cache: Hit from cloudfront
last-modified: Thu, 14 Jan 2021 04:57:50 GMT
server: AmazonS3
etag: W/"9d3e5dbdb245a14e5139aca792974052"
vary: Accept-Encoding
x-amz-version-id: iwnBU7Ip0vrtHzsOMmfNlAhCmESC_5lX
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: fkfd0ArfwgbGkkNIfaDN23a39rOfzrd31sSHJk--eZLQwaVJ-tSURg==
x-amz-meta-s3b-last-modified: 20210113T054706Z

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 150 KB
47 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07b9970f019f61cffc7eb4371c092841d61d88dda75f641bc26ef87ba20e3dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48338
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Jul 2021 07:14:00 GMT

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 19ms
18ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://palu.tribunnews.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617, 617
age: 27078
cdn-cachedat: 2021-07-24 16:51:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 66624
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b009b505734ef4b4b3fae183b045f681
accept-ranges: bytes
cf-ray: 67648c3fa9d94e14-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 pubads_impl_2021072403.js Show response
securepubads.g.doubleclick.net/gpt/ 318 KB
111 KB 33ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

f33472fb0529099b682dcc4b94104ea70cec2d79d8ecca8875754a39a6d227ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 15:22:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113953
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:00 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 305 B
187 B 51ms
35ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=palu.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c05153861ac13fc16d93303642bd26c7828613c0b118f023ac14446e203849fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/id_ID/ 227 KB
66 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/id_ID/sdk.js?hash=b37929aa36b20255a5a7b9b0b7ae4f31

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/id_ID/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

128794d73a68830b2bf1321f680e31cf7b1ee8ae285266803600b98a193907ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://palu.tribunnews.com
Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 9MmPx0nWh6lQ+jd1IlahHQ==
cross-origin-resource-policy: cross-origin
expires: Fri, 29 Jul 2022 06:54:26 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67631
x-fb-rlafr: 0
x-fb-debug: mdQMSXPqVfnS7ed6sijY3KFHHv/r8Y+1oRmYtUhrvaeOG7XIN1qG+DF32NRa6UccEQ/Lc+BZOk3UezNHaXB0ew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: d8045cde875ff62874cddc4172707934
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 29 Jul 2021 07:14:00 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c5c7b5a909231195a041aba091ab2863"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 97ms
33ms Script
application/javascript 13.224.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-41.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 7995993
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: OqKv_1UCiLYSW-KTLkeekWbmDwfOugJ2vLG49ULavjZmkX0htt6slw==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 96ms
33ms Script
application/javascript 13.224.99.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-12.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:07:09 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 412
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: rIQD01BSvzQJGq_vz2dU2arL8PP6P0qoB2qYGaFXP0dhkQ6Z25qYhw==

GET
H2 200 user Show response
apis.kompas.com/api/activity/ 86 B
1 KB 730ms
655ms XHR
application/json 13.224.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.kompas.com/api/activity/user

Requested by

Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/js/jquery/jquery-1.8.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-99-41.zrh50.r.cloudfront.net

Software

nginx / PHP/7.3.28

Resource Hash

eaa5b4f5b56eb212ecc172b5a7ad7cbaa38c528720db498c7b2f5e0991267d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-powered-by: PHP/7.3.28
x-cache: Miss from cloudfront
mail-subject: Join_via_header
we-hiring: jobs@kompas.com
content-length: 86
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://palu.tribunnews.com
cache-control: private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, X-Prototype-Version, Origin, Allow, *
x-amz-cf-id: qJXN7IsgcBpTUEWmxHinuhBi29Mi626xRKFKYjFcMLsTbZpiR_cRqQ==
expires: -1

GET
H2 200 client Show response
accounts.google.com/gsi/ 181 KB
72 KB 53ms
28ms Script
application/javascript 2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f951b8d30909525216c0b5b7402592e80b05ff1f6c1f9c711670fdb1a5d0d0c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+20Hem4wCa9SaJ3mxjqy2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-+20Hem4wCa9SaJ3mxjqy2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:00 GMT

GET
H2 200 bx_loader.gif
cdn-1.tstatic.net/css/theme21/images/ 8 KB
9 KB 15ms
15ms Image
image/gif 13.225.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1.tstatic.net/css/theme21/images/bx_loader.gif
Requested by: Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/css/theme21/style.1.8-20210702_daerah.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

Referer: https://cdn-1.tstatic.net/css/theme21/style.1.8-20210702_daerah.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 02:59:18 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
age: 1829683
x-amz-meta-sha256: 6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
x-cache: Hit from cloudfront
content-length: 8581
last-modified: Sat, 19 Jun 2021 21:55:45 GMT
server: AmazonS3
etag: "931bdb6b50816b03206c66921760b246"
x-amz-version-id: Hpwrz52PSL722wx25QIBrifPqiYmzn1T
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: l5_-otzbfpq4h-0sEI95QKtfGizm-srAfM-ZC541bfQvCrWFFj4o2g==
x-amz-meta-s3b-last-modified: 20210619T215418Z

GET
H2 200 getNewsbreaking Show response
palu.tribunnews.com//main/ 0
519 B 223ms
223ms XHR
text/html 13.224.193.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://palu.tribunnews.com//main/getNewsbreaking

Requested by

Host: cdn-1.tstatic.net
URL: https://cdn-1.tstatic.net/js/jquery/jquery-1.8.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-25.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: csrf_cookie_name=38e6e20ab2185298d826ec5561329400; 3bun_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%228113bb5146ea3b132f5e74bf0fdb6dec%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A11%3A%22172.31.1.85%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A17%3A%22Amazon+CloudFront%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1627542839%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D974c9c9fd80574936f791ff1b839a427
:path: //main/getNewsbreaking
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/plain, */*; q=0.01
cache-control: no-cache
:authority: palu.tribunnews.com
referer: https://palu.tribunnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/plain, */*; q=0.01
Referer: https://palu.tribunnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 20
x-xss-protection: 1; mode=block
x-we-need-to-talk: Thank You
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: no-transform
set-cookie: csrf_cookie_name=76c7d80fd98a61a92986e2cfc3e02e52; expires=Thu, 29-Jul-2021 09:14:00 GMT; path=/; domain=.tribunnews.com
x-amz-cf-id: AZ4fuUf0MoC6uv5Flht22JwZ84HOoln_JvYaF72bfDdxB6sLthvmew==

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
375 B 47ms
28ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=450352&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2217fe2131e79faf%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpalu.tribunnews.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A7%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222327d3c179aa4a%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223a1c0f3d8bff42%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224a28bfe626cf0b%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22524b4fc4fffe0f%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226ad60d856bf32d%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227ef6e24cd74882%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2288ec42d9995e07%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2293558e0a9e5b21%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22103fd699089413f%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2211a1bdc55667737%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22122a220b6892305%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22137de055ecffbc2%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2214ef9ea770b9a41%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2215386c0554257d9%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2211a1bdc55667737%22%2C%22ext%22%3A%7B%22siteID%22%3A450352%2C%22sid%22%3A%22300x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 95281293f9a21f246f632ae93119536050f4004de05feeb7e7e5a72cee756ff5

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://palu.tribunnews.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Thu, 29 Jul 2021 07:14:00 GMT

POST
H/1.1 204
No Content 280686 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 71ms
24ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/280686
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Thu, 29 Jul 2021 07:14:00 GMT
X-SpotX-Timing-Transform: 0.000272
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.001467
X-spotx-Exception-0-RESULT: failure
X-SpotX-Timing-Page-Require: 0.000370
X-spotx-Exception-0-ID: MARKET_HALTED
Connection: keep-alive
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.007901
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000289
X-fe: 106
Last-Modified: Thu, 29 Jul 2021 07:14:00 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003780
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://palu.tribunnews.com
X-SpotX-Timing-Page-Misc: 0.001690
X-SpotX-Timing-Page-Exception: 0.000019
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.003780
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 282137 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 67ms
21ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/282137
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Thu, 29 Jul 2021 07:14:00 GMT
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
X-SpotX-Timing-Transform: 0.000310
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.001130
X-spotx-Exception-conf-Message: Channel ID '282137' has no active deals.
X-SpotX-Timing-Page-Require: 0.000308
X-fe: 120
Connection: keep-alive
X-SpotX-Timing-Page: 0.005045
X-SpotX-Timing-Page-Cookie: 0.000001
X-spotx-Exception-conf-ID: SPOTMARKET.DEALS_INACTIVE
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000355
Last-Modified: Thu, 29 Jul 2021 07:14:00 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.001656
X-spotx-Exception-conf-RESULT: failure
Content-Type: application/json
Access-Control-Allow-Origin: https://palu.tribunnews.com
X-SpotX-Timing-Page-Misc: 0.001255
X-SpotX-Timing-Page-Exception: 0.000019
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.001656
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 301966 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 71ms
26ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/301966
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Thu, 29 Jul 2021 07:14:00 GMT
X-SpotX-Timing-Transform: 0.000442
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.001324
X-spotx-Exception-0-RESULT: failure
X-SpotX-Timing-Page-Require: 0.000428
X-spotx-Exception-0-ID: MARKET_HALTED
Connection: keep-alive
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.008498
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000380
X-fe: 057
Last-Modified: Thu, 29 Jul 2021 07:14:00 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003280
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://palu.tribunnews.com
X-SpotX-Timing-Page-Misc: 0.002606
X-SpotX-Timing-Page-Exception: 0.000021
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.003280
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 301967 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 70ms
25ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/301967
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Thu, 29 Jul 2021 07:14:00 GMT
X-SpotX-Timing-Transform: 0.000293
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.000971
X-spotx-Exception-0-RESULT: failure
X-SpotX-Timing-Page-Require: 0.000443
X-spotx-Exception-0-ID: MARKET_HALTED
Connection: keep-alive
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.007193
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000358
X-fe: 064
Last-Modified: Thu, 29 Jul 2021 07:14:00 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003600
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://palu.tribunnews.com
X-SpotX-Timing-Page-Misc: 0.001494
X-SpotX-Timing-Page-Exception: 0.000018
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000014
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.003600
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
251 B 56ms
39ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://palu.tribunnews.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 29 Jul 2021 07:14:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
575 B 61ms
31ms XHR
application/json 18.193.194.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.32.0&referrer=https%3A%2F%2Fpalu.tribunnews.com%2F&tmax=1000

Requested by

Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.194.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-194-127.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:00 GMT
x-auction-status: 12, 12, 12, 12, 12, 12
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 prebid Show response
targeting.unrulymedia.com/ 0
175 B 362ms
331ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/prebid
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://palu.tribunnews.com
pragma: no-cache
date: Thu, 29 Jul 2021 07:14:00 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 60ms
20ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.32.0&cb=61877589058
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://palu.tribunnews.com
date: Thu, 29 Jul 2021 07:13:59 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
327 B 65ms
21ms XHR
application/json 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:00 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
327 B 73ms
23ms XHR
application/json 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:13:59 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
327 B 117ms
52ms XHR
application/json 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:00 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
327 B 97ms
23ms XHR
application/json 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:00 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
327 B 119ms
22ms XHR
application/json 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:00 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
327 B 138ms
21ms XHR
application/json 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:00 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 300ms
19ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://palu.tribunnews.com
date: Thu, 29 Jul 2021 07:13:59 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK hbpost Show response
hb.jixie.io/v2/ 155 B
1 KB 889ms
163ms XHR
application/json 20.44.221.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.jixie.io/v2/hbpost
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.44.221.77 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 3e368ec8f6a4930a07f0688ee9375dbe682347f233cb63524a63e3012bab2383

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 07:14:01 GMT
Content-Encoding: gzip
ETag: 8ca54f00-f03c-11eb-b67d-d5a524b130c1
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://palu.tribunnews.com
Cache-Control: private, no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 54ms
20ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.32.0&cb=18923075452
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://palu.tribunnews.com
date: Thu, 29 Jul 2021 07:13:59 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 arj Show response
kompascybermedia-d.openx.net/w/1.0/ 172 B
560 B 79ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://kompascybermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpalu.tribunnews.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=185978cb-672f-4f2d-93ad-b92a4a8f96c0%2Cfa0ba3f8-a7d2-4a21-b634-a07a80c61abd%2C14a204aa-3091-4248-a463-b3eeba406721%2Ca1c96327-26ab-40b0-b7fc-0a4f3aa9f4a9%2Cd90b9510-149b-4cb3-bf17-487a24af5b78%2C79d09fb0-47ba-4fe2-bc4b-006196986e9a%2C15d05c2e-66be-4d0d-91fa-3eddb8b5122f&nocache=1627542840524&aus=728x90%2C970x90%2C970x250%7C160x600%7C300x600%2C300x250%7C300x250%7C300x600%2C300x250%7C300x250%2C300x100%2C1x1%7C320x100%2C320x50%2C1x1&divIds=div-Top-Leaderboard%2Cdiv-Left-WideSkyscraper%2Cdiv-Right-MediumRectangle-1%2Cdiv-Right-MediumRectangle-2%2Cdiv-Right-MediumRectangle-3%2Cdiv-Inside-MediumRectangle%2Cdiv-BelowArticles&auid=540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 2b022788138978dd6c1f958280e4b04d05c4d011fbf3c6974241efdaa4124845

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://palu.tribunnews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2677
date: Thu, 29 Jul 2021 06:29:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 29 Jul 2021 08:29:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=114488588566911&ev=fb_page_view&dl=https%3A%2F%2Fpalu.tribunnews.com%2F&rl=&if=false&ts=1627542840546&sw=1600&sh=1200&at=

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 29 Jul 2021 07:14:00 GMT

GET
H2 200 jixietracker.min.js Show response
scripts.jixie.io/ 14 KB
6 KB 172ms
20ms Script
application/javascript 47.246.43.224
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.jixie.io/jixietracker.min.js?accountid=9262bf2590d558736cac4fff7978fcb1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.224 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 6b97bfd960d4686a8adc7c1199ff547e98bb596923a08727d2c1b3ddb8c4e3b3

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 03:14:53 GMT
via: cache29.l2ot7-1[982,981,304-0,M], cache13.l2ot7-1[983,0], cache13.l2ot7-1[983,0], cache3.de2[0,0,200-0,H], cache13.de2[1,0]
x-oss-request-id: 60FCD72D2FFB293838EF73A0
content-md5: /1x49gHUPdE//QlWkemdPg==
age: 359947
x-cache: HIT TCP_MEM_HIT dirn:9:344634330
x-oss-cdn-auth: success
x-swift-cachetime: 2592000
x-swift-savetime: Sun, 25 Jul 2021 03:14:53 GMT
content-encoding: gzip
content-length: 5629
x-oss-object-type: Normal
last-modified: Wed, 26 May 2021 03:12:09 GMT
server: Tengine
etag: "FF5C78F601D43DD13FFD095691E99D3E"
vary: Accept-Encoding
ali-swift-global-savetime: 1624590890
content-type: application/javascript
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 5741731663832118677
eagleid: 2ff62ba116275428406786477e
x-oss-server-time: 1

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8077308&ns__t=1627542840590&ns_c=UTF-8&cv=3.5&c8=Tribun%20Palu%20-%20Berita%20Terkini%20Palu&c7=https%3A%2F%2Fpalu.tribunnews.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1627542840590&ns_c=UTF-8&cv=3.5&c8=Tribun%20Palu%20-%20Berita%20Terkini%20Palu&c7=https%3A%2F%2Fpalu.tribunnews.com%2F&c9=

64 B
330 B

43ms
42ms

Image
image/gif

13.224.99.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1627542840590&ns_c=UTF-8&cv=3.5&c8=Tribun%20Palu%20-%20Berita%20Terkini%20Palu&c7=https%3A%2F%2Fpalu.tribunnews.com%2F&c9=
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-12.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: mudqAnSJ5IPDkuAfcWtodHVoWbEEdXdykThIwDmO26VCf9mZ6l1ivA==

Redirect headers

date: Thu, 29 Jul 2021 07:14:00 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1627542840590&ns_c=UTF-8&cv=3.5&c8=Tribun%20Palu%20-%20Berita%20Terkini%20Palu&c7=https%3A%2F%2Fpalu.tribunnews.com%2F&c9=
content-length: 202
x-amz-cf-id: wc9Ef-JeuPg5X-T_uKq8U-S_tvdfOz1gjiw7bIOmKLEMv-Y3LZGblg==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 338ms
28ms Image
image/gif 13.224.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Tribun%20Palu%20-%20Berita%20Terkini%20Palu&time=1627542840590&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fpalu.tribunnews.com%2F&random_number=1701441411&sess_cookie=30bd147b17af11ce50e3ed8a06a&sess_cookie_flag=1&user_cookie=30bd147b17af11ce50e3ed8a06a&user_cookie_flag=1&dynamic=true&domain=tribunnews.com&account=6d9Cm1akKd605T&jsv=20130128&user_lang=en-US
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-41.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 03:30:10 GMT
Via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 13430
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: ZRH50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: kDobn82HQv1-4AJM4mpEi6TGEfWbaAYk74eEyehPoJnNLm82XbsUPA==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 1385ms
113ms Image
text/plain 3.142.157.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.142.157.144 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-142-157-144.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
server: Server

GET
H3-29 200 style
accounts.google.com/gsi/ 658 B
435 B 37ms
21ms Stylesheet
text/css 2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.unNwGD9Tbdo.O/am=chE/d=1/rs=AF0KOtWXjjr1PdTR2ZbOay2VCO3VY8meJg/m=gis_client_library

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7fe2658eb999f3b15e58fb37133962dce8943c53800e4aca85b701d1a343d89

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UnvPLVxd4hxTOa4jBLyEBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-UnvPLVxd4hxTOa4jBLyEBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
556 B 34ms
13ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://palu.tribunnews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
485 B 34ms
13ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Jul 2021 07:14:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://palu.tribunnews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=209752589&t=pageview&_s=1&dl=https%3A%2F%2Fpalu.tribunnews.com%2F&ul=en-us&de=UTF-8&dt=Tribun%20Palu%20-%20Berita%20Terkini%20Palu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAQCAC~&jid=2003465173&gjid=850054546&cid=303111006.1627542841&tid=UA-15224089-38&_gid=415499678.1627542841&_r=1&gtm=2wg7s0NNJ5M3B&cd20=303111006.1627542841&z=1302264610

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-15224089-38&cid=303111006.1627542841&jid=2003465173&gjid=850054546&_gid=415499678.1627542841&_u=YEBAAEAAAAQCAC~&z=1811612764

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 29 Jul 2021 07:14:00 GMT
content-type: text/plain
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-15224089-38&cid=303111006.1627542841&jid=2003465173&_u=YEBAAEAAAAQCAC~&z=398504861

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-15224089-38&cid=303111006.1627542841&jid=2003465173&_u=YEBAAEAAAAQCAC~&z=398504861

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK load Show response
id.jixie.io/api/ 115 B
987 B 696ms
163ms XHR
application/json 20.44.221.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.jixie.io/api/load?idlist=
Requested by: Host: scripts.jixie.io
URL: https://scripts.jixie.io/jixietracker.min.js?accountid=9262bf2590d558736cac4fff7978fcb1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.44.221.204 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 4ed3afd3e1c378a2d609810648471eb383138c8abac4cb3b9c5580b7fe80a07d

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:14:01 GMT
Content-Encoding: gzip
X-Powered-By: Express
ETag: W/"73-R/1FHmDFYLmd5pA3sd7rh65lkBY"
Vary: Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://palu.tribunnews.com
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 38ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=palu.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 37ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=palu.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 80 KB
16 KB 408ms
408ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3324396679612950&correlator=550447251694479&output=ldjh&impl=fifs&eid=31062032%2C21068030%2C31061842%2C20211866&vrg=2021072403&ptt=17&sc=1&sfv=1-0-38&ecs=20210729&iu_parts=31800665%2CTribunpalu%2CHome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=160x600%2C728x90%7C970x90%7C970x250%2C300x600%7C300x250%2C300x250%2C300x600%7C300x250%2C300x100%2C650x365%2C130x115%2C1x1&ists=1&prev_scp=pos%3DLeftWideSkyscraper%26page%3Dhome%7Cpos%3DTopLeaderboard%26page%3Dhome%7Cpos%3DRightMediumRectangle-1%26page%3Dhome%7Cpos%3DRightMediumRectangle-2%26page%3Dhome%7Cpos%3DRightMediumRectangle-3%26page%3Dhome%7Cpos%3DNativeAds-Populer-1%26page%3Dhome%7Cpos%3DHeadline-2%26page%3Dhome%7Cpos%3DHeadlineThumb-2%26page%3Dhome%7Cpos%3DPremiumTopframe%26page%3Dhome&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1627542841&dt=1627542841433&dlt=1627542840144&idt=240&frm=20&biw=1600&bih=1200&oid=3&adxs=225%2C436%2C1075%2C1075%2C1075%2C1075%2C-12245933%2C536%2C-12245933&adys=502%2C180%2C502%2C2861%2C3481%2C1226%2C-12245933%2C869%2C-12245933&adks=1514582817%2C4142103192%2C145075749%2C2477171801%2C145075751%2C2527117242%2C3649975993%2C201145796%2C3017838650&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpalu.tribunnews.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600%7C970x250%7C300x600%7C300x600%7C300x600%7C300x105%7C650x-1%7C129x-1%7C0x0&msz=160x-1%7C728x90%7C300x250%7C300x-1%7C300x250%7C300x0%7C0x-1%7C130x-1%7C0x0&ga_vid=303111006.1627542841&ga_sid=1627542841&ga_hid=209752589&ga_fc=false&fws=128%2C132%2C640%2C640%2C640%2C128%2C132%2C132%2C128&ohw=0%2C728%2C0%2C0%2C0%2C0%2C650%2C129%2C0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C-1%7C0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f5aa71bd228436fe33d28d796c7173959a26c85894f4b3120c7a9d5da949af68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
google-lineitem-id: 5352566314,5328412233,5328412233,5328412233,5189171013,5748594651,5670402393,5670402393,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138309165312,138306507050,138306898609,138306898339,138289715181,138357786252,138347179189,138347178817,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a01970002f1c437440e132dc926a3cf9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 13AA 6 KB
3 KB 50ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a01970002f1c437440e132dc926a3cf9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a01970002f1c437440e132dc926a3cf9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 29 Jul 2021 07:14:01 GMT
expires: Fri, 29 Jul 2022 07:14:01 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 48ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/prebid/prebid4.32.0-26032021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jul 2021 07:14:01 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 44ms
18ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jul 2021 07:14:01 GMT

POST
H/1.1 200
OK prod Show response
traid.jixie.io/sync/ 168 B
724 B 637ms
160ms XHR
application/json 20.44.221.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://traid.jixie.io/sync/prod
Requested by: Host: scripts.jixie.io
URL: https://scripts.jixie.io/jixietracker.min.js?accountid=9262bf2590d558736cac4fff7978fcb1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 6dfe1af86e4519f86351d02b09ccb73e6b2efaa827716550505aa1aabfa21787

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 29 Jul 2021 07:14:02 GMT
Content-Encoding: gzip
X-Powered-By: Express
ETag: 8cc5f660-f03c-11eb-90e7-87f2b6a6ca39
Vary: Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://palu.tribunnews.com
Cache-Control: private
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

OPTIONS
H/1.1 204
No Content prod
traid.jixie.io/sync/ Frame 0
0 648ms
161ms Preflight 20.44.221.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://traid.jixie.io/sync/prod
Protocol: HTTP/1.1
Server: 20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://palu.tribunnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Vary: Origin, Access-Control-Request-Headers
X-Powered-By: Express
Access-Control-Allow-Origin: https://palu.tribunnews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Headers: content-type
Date: Thu, 29 Jul 2021 07:14:01 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C15A 0
0 43ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYNXWh3Tji_wrbajQavPFPNIwvHGYsKKetMqPmMxCjDAHK1w6C36nzUSZT2jE58BNjsUBnJNHyqLPujTVKuGF_M19UmLNJrN1gqWltFxF5GQdIUoabMLSSI59KomA88Pgc1B1aoSDrSfSkMJPq1MfpE4Uxp9Ehxz5UmNgMimQjcguKBbsvfL-SP4JrpZpYOrCyg5-2B7dJkafvhyrmCsAGU_34SzK1NdQtPmbIqQscUMKDeV2Bcog9PyKy7yHEm7nSYPyH-ErV72HGR_bBZewp7kzjqql5KtRTrpYg2nHHY_4Z8vfbIkfmauwTv2LWC-ndSSw&sai=AMfl-YQTBDRIIl5SDtMUga_pscfQtzCbUV9aJlQpsCuK98Td-jBxZT1zwrYM3olSJn47P6mL3xhpisbVenp5LvW096vkeBFHtfsFQFihx1ks_euERowHnGRJWpXAdXMw5VQx&sig=Cg0ArKJSzEEl4sCXx-rnEAE&urlfix=1&adurl=

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H/1.1 200
OK a1038571.js Show response
js.genieessp.com/t/038/571/ Frame C15A 0
285 B 789ms
260ms Script
text/plain 222.230.178.129
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/038/571/a1038571.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.129 Sapporo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:14:02 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx
Connection: keep-alive
Content-Length: 0
Warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
Content-Type: text/plain

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C15A 124 KB
37 KB 51ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF35 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshIC3oqhkffypP7_IEZSbNDNed1uEDUUnAHUq-shsmBj1x6PrV1aKpnBixlq2stM4_R3jRtK1Hb4bGLGmOgj6mPmpz4My-eXUcxx08q5VNZnUsnpm9ak7FAiQd6HNv7in-OEeUfTHe_8Y0Bo0MoG4fUdqCgnn9CyKY6vVEePCxUU8Tf-jyo8LMYaSh4t0zMSR20x3xMPkKr2gUVTyx9UOpVcKiP3wsKmtA0PG_L8sHjzij5iIA1cVvk7FxmWaMN3zxqr73JI42a9emvwbXWDNL6EJAGs1DlrhQlDK_3o5QNFukYN1BTWdr3hVwUhhHNlLGz_w&sai=AMfl-YQX9ApgNi0izCVAQGLge3f1k1y0swsKkZBGCEtPo_BnskvXpGvOF4NOV_tQ7HF30mcFhdf2zg-X3NSXoTiyBwNttSQEF5nwVmgGnQKkDha_MBe6Xoghn9dWgVrFnZe9&sig=Cg0ArKJSzKy8CraMor_FEAE&urlfix=1&adurl=

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H2 200 prebid4.11.0-tribunpostbid-12102020.js Show response
cdn-3.tstatic.net/ads/postbid/ Frame DF35 171 KB
56 KB 15ms
15ms Script
application/x-javascript 13.224.193.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dcf0d95a6b3dd3c22e659a12e4d97549e022de5bd7be2b65ec6692f8d94ddb0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 12 Oct 2020 07:55:41 GMT
date: Wed, 07 Jul 2021 13:31:59 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 08:31:00 GMT
server: AmazonS3
age: 1878123
etag: W/"60d38f2fbb417b144c927817bd98f386"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: tOCCiMDQQymohANXoMBBafQ5ns0c1GrjROPuGcdJVxpXPdzk-RhBJw==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF35 124 KB
38 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 030D 0
0 43ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_S7qD024HszShy-8J-_lzRhFm6SErmv7rx21GllsB8DMqSRtkUplUWZ7nGho7XVoFNAi0seLucrcYUfn51-Lzx_waKwwtUyjGaA0t-BrYyMm3jjOSMjO8h4RPwI9Y4oA4Vyd8F-sf0L1VVKXuzwB-Fd6omVfOHEQecl6vwD7NYdS9puEmTGYO1HwGk2E1ZygVO-BKzjNUosff2rnEoowak8gR_7Ny4rzV552hn3mY8vrj22Y-TZ4_iyb7ervIH5SyazOvlO601mdtQfpFLvgImYljkRkr2wYz1sHfJfNP9KPSQ9fG7TDYn-kdwht9PcMUehg&sai=AMfl-YTRn3leBodd6zwn_GelrDNn7uauCKjXcZWNrhO4oSY8aqMJ7aRjKU8E1VuBKdOCW6rv8Marz_JqmIfL1iPZi8-HLc99Z6-sxbcNk4y54phe_i6MUj7yyhvKxqimdeI_&sig=Cg0ArKJSzFdz9fUKlypTEAE&urlfix=1&adurl=

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H2 200 prebid4.11.0-tribunpostbid-12102020.js Show response
cdn-3.tstatic.net/ads/postbid/ Frame 030D 171 KB
56 KB 15ms
15ms Script
application/x-javascript 13.224.193.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dcf0d95a6b3dd3c22e659a12e4d97549e022de5bd7be2b65ec6692f8d94ddb0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 12 Oct 2020 07:55:41 GMT
date: Wed, 07 Jul 2021 13:31:59 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 08:31:00 GMT
server: AmazonS3
age: 1878123
etag: W/"60d38f2fbb417b144c927817bd98f386"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Ue446vIqyDr5RrQwVCB40bFN0sxcxgR8_MEY4rngFYwk35HxAOD8iw==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 030D 124 KB
37 KB 32ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 96AA 0
0 44ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusGDqH_0plH-oSSWVhEqQ_3bZi3WKNP3xTYJGxOyjjrMiWlxOzZCLNi7_roIPfPvMVkJigHeOi1GTBMQ1UhqsSJt0FEbxmurcldB9J9Z_przyfr1BmyodmwHCTb38hIIVCnQdA1DgSWeYd7pIrkkqXB2giiUSKwDO6LwyW_PbUHqu0LcN5hWSAviGepTMTq3_xnoDwAcnw7gk4kljoxe61mSRYZyMCRGjRh9b1vTHhKOGR2vH72_ktrXBgG4X0WOy_LRBCItjrO3pIBwVy3TZC8zHUuBqKKd-bi7AiyNBXLRgTXHskylTx64qhzS2ehiRKl2Y&sai=AMfl-YSXm5eJTYiZZ6SgErANZurnzWVAh5xVOucvFGcdZPYEp0OmDC0WynQ36nrUgpxVB-VVVu3LGwL3q31SqP8lTa02K8KW2awS7zhbp6AbDJdCGxcO6TogeIwzEF1oE9aJ&sig=Cg0ArKJSzFox3B12ZEjAEAE&urlfix=1&adurl=

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H2 200 prebid4.11.0-tribunpostbid-12102020.js Show response
cdn-3.tstatic.net/ads/postbid/ Frame 96AA 171 KB
56 KB 15ms
15ms Script
application/x-javascript 13.224.193.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dcf0d95a6b3dd3c22e659a12e4d97549e022de5bd7be2b65ec6692f8d94ddb0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 12 Oct 2020 07:55:41 GMT
date: Wed, 07 Jul 2021 13:31:59 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 08:31:00 GMT
server: AmazonS3
age: 1878123
etag: W/"60d38f2fbb417b144c927817bd98f386"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 2oXNVxUjmYdiT1U5UKhkEGrfyAYlcYAMihB044wdO6jSNDmFvMvxMQ==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 96AA 124 KB
37 KB 34ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7164 0
0 43ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYDUM4TxhEEn_wI586iBPneQAeudqAX8DBP4oyLwuYVlWMtHaE3vNYkCqZzpYTPLBarmgSZMbKCaaNIoGFQST22HGK8BfGGLrGzVeyeWECkVd26tiK5N9J_4G5E0UfCFdFlGipYZJpTq-a322yXQL4YSiLxOemalgz5EOzSbf-dNVlnLqpURWEZYiMXlqJFXah6MgquOhk6e_w_CgvEJlGE32KOpenl08qz9N273slY8sPrConMiLT2WRZrWth3F3FH737nRDVMSJ8sY2bQ7tcXWUrxyhEGadPjWT6S6prCulkz-IIbH2NuvgQqnLEkFwGcWU&sai=AMfl-YQJcNUSpCQ2MxPhupWtQzsOQGqpolM7qKtZNCVh7uwr64sYTDz_ykE4zCDzo13JrsnUqu8qUfedKw0bBlzU26Z9iaRptJS8_8PJpLxcb6FQ_jAYAKQ2L31U1l243-Tc&sig=Cg0ArKJSzAMsbfGyjGCJEAE&urlfix=1&adurl=

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7164 70 KB
24 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c97c5d948d0dad5d9c855929735520bc03b7db108e274877299fa3b3fa07e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "943 / 415 of 1000 / last-modified: 1627510277"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24669
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7164 124 KB
37 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7BB0 0
0 45ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ3oiOVt8QBFFsKln8JAImTmCQ8FBanQk-DQi7XQzW5vGdrNbImB5VXIySoaC6YUjDzCsb7Npi7QGrWd6HH1VxcDBNNBCnYydnam6ks0xhYLvoJ5LkaaZR4E88Wf5T_jD-AJvbJSQ-_aub9CBwK6DWW4fnoQ4r5szw9hDqlp0HaBQ2ufZkML21eZE9E8LW_zl8LA5TLvneqUWN9-DFvwRGrXNf8SmntRE9kZ70ToVTJd-VQROA0dHklCOY51gwo9oGbkONSBrv9SvsqUisHizfEfx57o-I1MuHoQtTtKb-QzJ8Ab1UZxSSVBTS2anUp1dtIw&sai=AMfl-YS9QiJQ8urlh8dmYICfjvznvXGwfAufFXYqdNyXLTZ0IagsPZVOy49xyB1NnonXpkR3PpjgSGbr9e3knPFq62kEQB_V0N2VbJgEppSQ7QsAyK4XlPkvf0zm1V2OyET3&sig=Cg0ArKJSzCUmJczeYo8hEAE&urlfix=1&adurl=

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7BB0 8 KB
825 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62b964c6110d2300c2b25824348217c5226ce87eb4a681bde737ed016285b2b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 07:03:41 GMT
server: ESF
date: Thu, 29 Jul 2021 07:14:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H2 200 8470075278773435115
tpc.googlesyndication.com/simgad/ Frame 7BB0 30 KB
30 KB 28ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8470075278773435115?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f269d8e4611ccb2f1ec9773b6a30a23e20c14d4cbbe16cde735b6b47437c7e4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 04:39:07 GMT
x-content-type-options: nosniff
age: 9294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30741
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 04:24:50 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 04:39:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BB0 124 KB
37 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298829912756"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame BF99 0
0 44ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxJtwZEvnZf20Cv18JavMIj8bH59PvhXcQnsPG85Q3z8Edml2TXpH3RMXHeJWFd9enWbudVHsDWEpPl1QpSJNIbgrvPfRTpsS_vsHmNgSyWGeSazolbC_F3SXuoGBkz3cI3JXOzBtMnGbsWGBpuJ_y2MgRI8Vu201n7tXuK6ujiku7_m9aOSHCUCgQ-bUDPavdx-FIjLQyCa-MGatsFLvduXbrYDj08QlZ8WGvGp2OETavyYGkB2wK2BWhVtb5IxivBXWa9giQM9NGlvPUDi8JW2-I0DSdiWP6NZwZW7UX-A3Al7fyqQeAdpVSbpAQcl6HYg&sai=AMfl-YQnSDOT_LxJaOYp5cGVuYYf0cBbOhh7vKvJMPXlynhCa_Fn8_x9YY7AXtiodFeutLME33uBKCR9NQkL0XqbaalUh5cP8SQCPPcxtSUi-Ffez3TJBB5a8RgOIYndDXwz&sig=Cg0ArKJSzG2OSmqNQQ6oEAE&urlfix=1&adurl=

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 css
fonts.googleapis.com/ Frame BF99 8 KB
729 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62b964c6110d2300c2b25824348217c5226ce87eb4a681bde737ed016285b2b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:03:02 GMT
server: ESF
date: Thu, 29 Jul 2021 07:14:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H2 200 7309788879763138964
tpc.googlesyndication.com/simgad/ Frame BF99 16 KB
16 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7309788879763138964?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b2cb94031134f699f4ab71b59d43632de3265142b75aab562aa1784a06697e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:48:13 GMT
x-content-type-options: nosniff
age: 581148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16176
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 07:53:25 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:48:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF99 124 KB
37 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D7D4 0
0 44ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxagMnpI49RQvaYfq8MwmQekcDXhA1GTBxK3TGTYbRKMW-7LLdtH0KZoE6BXmxKkJ9gwuZ7iZw4kUwAqj0TRiBK1lE7ATELCNX3xmyZGxOgpydPRx0MmoctP8FucpYo9JpdwApabU7jH_HYXHPTTEW6eZbkpEfDBIDsWN7AI1agQ1CCwpEWCGgWTlK1gVtrs_AMrawBjFgYO1Iy6MxSVfEXhQoFle9w82XBZIB0pRqKNwHe7k91-uah6WKRZISny8yFCpXqtxH8t5nTvaL5E8vjmHpMKwU7pq194l8x6nbTzd3db8M3_uQOzsJMnr0GELlow&sai=AMfl-YQtOJvw5piPDM3WrAo0zhWEjrfL9rKZURHE_UQa8_OT0S77qNaVoIqPYGJDkPSAE-rZ0NNb6LK3vM94Xw6k9eMDZpaF64Z8VQE-J6K_vuFHF41QXnB43u1bAXIWLekI&sig=Cg0ArKJSzAj_wjDPntbcEAE&urlfix=1&adurl=

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 css
fonts.googleapis.com/ Frame D7D4 8 KB
729 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62b964c6110d2300c2b25824348217c5226ce87eb4a681bde737ed016285b2b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:18:36 GMT
server: ESF
date: Thu, 29 Jul 2021 07:14:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H2 200 7309788879763138964
tpc.googlesyndication.com/simgad/ Frame D7D4 16 KB
16 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7309788879763138964?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b2cb94031134f699f4ab71b59d43632de3265142b75aab562aa1784a06697e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:48:13 GMT
x-content-type-options: nosniff
age: 581148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16176
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 07:53:25 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:48:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D7D4 124 KB
37 KB 25ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame DF35 24 B
375 B 14ms
14ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=484623&v=7.2&r=%7B%22id%22%3A%221e89edf74f5f34%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222796912fa65293%22%2C%22ext%22%3A%7B%22siteID%22%3A484623%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpalu.tribunnews.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 267ade676d69bc337296c5891ade9d7b83f3f7fda5d4d173d9dd1ad91dcd3050

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://palu.tribunnews.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Thu, 29 Jul 2021 07:14:01 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame DF35 0
192 B 20ms
19ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.11.0&cb=77195586845
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://palu.tribunnews.com
date: Thu, 29 Jul 2021 07:14:01 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H3-29 200 pubads_impl_2021072403.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7164 318 KB
111 KB 16ms
16ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

f33472fb0529099b682dcc4b94104ea70cec2d79d8ecca8875754a39a6d227ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 15:22:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113953
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:01 GMT

GET
DATA 200
OK truncated
/ Frame DF35 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbdad70b9c114a72c0afaefeced811142cee2823898b7449f72971af80811064

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF35 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpFzxz01DJGbo_NuJJcI-0aWGNbmR3do-PV4CepcX5PL2d348eZK3QawOjkcZp4Y1cJ4ZoULuX1IGd30zWPG3XwAq8yDDR2fNMxAaL5BkQkHog-pTq8kWcoxMNyswJ2xKbmawqCOYNVpq_2oPlnHJ2AQP0UbHRHxFks-TvvVIroC8ijSHNuQhzB2-J7IIzQT43St0FJA1K66ChAmAVfckZ9hWylcsKIa87FwyZ7bFSbQx_OQrzZAFZM6QWqTNQAUZjCXT-S3g83qOUuGML_nGIme9Bmb-ejHWBFCWpkhP1A_rWjwwT4c2FsM3owOp5rQchW9Q8uQ&sai=AMfl-YRZF9M9Eeq2CDvCeaiFs82-JILhT4HpfWAqrTTLspLJ7y2TDJBgp1IfiuwEUbzPnk0n7sr6UNEqCrlVjdkPOJlofrmJghqB5Q6akikCeUiI7l04atnRpP0--g6rXjG-&sig=Cg0ArKJSzEOh-SPKKwlLEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
DATA 200
OK truncated
/ Frame 030D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bcf3feea6855567ee353b1dbf32a172367a9c83776e758c044d5d6ebc93672f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 7BB0 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://palu.tribunnews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 22:08:26 GMT
x-content-type-options: nosniff
age: 205536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 22:08:26 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 7BB0 14 KB
14 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://palu.tribunnews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 218872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:10 GMT

GET
H2 200 arj Show response
kompascybermedia-d.openx.net/w/1.0/ Frame 030D 172 B
354 B 18ms
18ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://kompascybermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpalu.tribunnews.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=952e68e8-8b80-4df1-896e-8a74cb84b5ad&nocache=1627542842094&aus=300x600&divIds=postbid_iframe&auid=541029639
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 3a60d1e453b540468254222d40af851211645cc87082d629c464c253aac85a5b

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://palu.tribunnews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 030D 24 B
375 B 30ms
30ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=484623&v=7.2&r=%7B%22id%22%3A%22368f3809d2d834%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2249d2b3d9613571%22%2C%22ext%22%3A%7B%22siteID%22%3A484623%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpalu.tribunnews.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5387facf9f23eaefec729338e88aca98feaa80db77200f67db9739860797940b

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://palu.tribunnews.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Thu, 29 Jul 2021 07:14:02 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 030D 0
192 B 19ms
19ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.11.0&cb=74870123618
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://palu.tribunnews.com
date: Thu, 29 Jul 2021 07:14:01 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 030D 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnpUCjv6RVumQhFnVztDTEZEyf9n7YMo6lH-ff80VatFch_ZmOl8WZm1ub8Iv8pju-gEbWAnUO2ihzd1E59wa5ZFGzPIR9Q025R9Zj_AqIctVNptw9v1Td-kRSCsIL-ltQRFprcDIl-q60IyFPPybyQrHl7c0XF0w3s-YdOorvOepN3EXOp1jGoWPFPx3jL_jDxfgLDtuy_fGI7pf038RUvtKxnuf9iQaUreNqr2dxD2a_o2w0zQcuxldrbGvK7IlSokzeSnt-UA_X4jy1G8pQAJF85CR8bCceNys2NI_M82r7N-bYxK5jBdl6QTbERMeWwmE3mA&sai=AMfl-YTxZlQ8EIBBJ5foDp5-5y6tfVJ2oRYfdF2ZiuNq1H7uJNMrgWstRj0zjcCSG20gMceboG_UlsWjEAd4ZamUMvOi_4rcnAEXedhqLBA81YR-GbUOBqVchwM4B6em8f42&sig=Cg0ArKJSzER9vkCSe7scEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H2 200 arj Show response
kompascybermedia-d.openx.net/w/1.0/ Frame 96AA 172 B
359 B 19ms
18ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://kompascybermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpalu.tribunnews.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=32348c6c-22e0-485b-805c-140de39bc49a&nocache=1627542842106&aus=300x250&divIds=postbid_iframe&auid=541029639
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 2f498042cc396ccf1d0b4fb7988ce6d5376c8dab4616d1d59f0e3afa93b6999d

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://palu.tribunnews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 96AA 24 B
375 B 24ms
23ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=484623&v=7.2&r=%7B%22id%22%3A%223aed6a725f2074%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224288db50250a02%22%2C%22ext%22%3A%7B%22siteID%22%3A484623%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpalu.tribunnews.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 565f6ce315f39da13894bfb2c523bc7493e5aeef7cec6b3681c042d463b55da2

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://palu.tribunnews.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Thu, 29 Jul 2021 07:14:02 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 96AA 0
192 B 19ms
19ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.11.0&cb=1796066381
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://palu.tribunnews.com
date: Thu, 29 Jul 2021 07:14:01 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
DATA 200
OK truncated
/ Frame 96AA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71e65e95e5eae06fbad0964eb27a7e3ee5787a026043e203e65c8d15bda9ce3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 96AA 0
0 42ms
41ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzgirj5hUkmUklPiYUaX10p-sN9xdwA4vAx1AGqLNfu8D8lqitlbZ8wrEvy0vtII6Xr52Rv4bJ08AloquEKVj6lFmDT-VUerP2rjsV6qxYYcxnz2vBVXLwwcXlNSydi61_XoZ3wlDQ6Odznh1D4WyJpErklOT7decmWN2yGtCIOXQyZBge9w4HmcgeF1Yd0LDQvi0yYtZUWjab4ZCNhTtNM7LW1XZXdRSCjuDsgxRsIkFbmR_929qyBMY5gWNuFckELvU7qqhMk3Bt_UP3XlxBC8WMj3J-B9ON2N9k4pN2trxF4A4gF1Ctp78KWu3bkMUXEksL7g&sai=AMfl-YR1wMRgzyUYY-fcjWIqttWsVAXKU9Yi5Bnc3uNdaHtejIr_XDCvwyWm3o80Y9TZRD7o1wk3xf0pPIMys72EYBUmEyGCbyhkaaNaZtFSQ9RZqR4hmg6sdjDVuMDSEgAH&sig=Cg0ArKJSzH4kcg-FgE2GEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7BB0 0
0 44ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSSyqIuPAX8SAKini6j99cq8cFa65nF2nFtPLGykUjljgeXzZxSx1W7fZpmvLw5xA5UkpTF4zPrrnhreYomzBh9lAXP59A6auNceOodj5nQ76TGtjJTyVm7QDrWe_GWzfwU9xcUWllXL1VzbdI14M4BQ8D1T3ZNRuM-yGP1WPtOfCDyA2eV1VAyWBuud4Q2miorhqWHHim0RQm0bKAyb3ooxcbEZrMJjuWkhiuT4WwMSA4h1EuXmw2hva6U65QbVAS-wmPgvhuDzqz_d8hpALT1pp2lXXkc77Gj8ZdCxmrJLMJnHQbz7RM0ZhSN0qCpXFXTvsN&sai=AMfl-YTIn77wvAHijiDpARnDNFnR5e_CjZF4glbIwtA9nZn-vn2Dp_oP1bCcxicsjUpp_b2DvT_3o9lMlw7HWzs-PP5Dxe3mjzCnuklJ7ElE0aKndaLsh9FlMsYIa9wF64d5&sig=Cg0ArKJSzM91QEVZJOL6EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
DATA 200
OK truncated
/ Frame 7BB0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb6943e8690610c08bdf51109fe431aeab098a4441fcb80f22c3f7a435042785

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 930D 70 KB
24 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c97c5d948d0dad5d9c855929735520bc03b7db108e274877299fa3b3fa07e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "943 / 949 of 1000 / last-modified: 1627510277"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24669
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame D7D4 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://palu.tribunnews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 218872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:10 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D7D4 0
0 45ms
45ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTA-uGrypIjUyJUZryHWMItjZ38guygGQFY7O4Ef71D_5vvie_UubjOnJhO8FncLaApikog7iZQmCVRLdUmBKpftapnhu4qaLleI4ovFPkigyXbp4l3zNzZFzYjtM-f79dMBhizO9YPs040-ZPviULhgbQj0rx6H4iFFVe42V1sLLTMzygZAxv2ZuuVHvNy-2ILynQ8wH04c8iCDKIlidbFtSauXnVLfue-NOcrjU-hyG800lvvOsIs51QOEkusPcjWg0MsbGTJcUCZJG4fwSsZzWw108-J_TRWkPIuxmfBpwCA-etCEkZA8e5kitlZMt2vvTE&sai=AMfl-YT0Cia4q1bsfoDNewfZemGiSvPbDX5XmcX-PhFRUMeX3udP8iK55sG6owdEvkPnDPYh0ZGZrzw-XTJpJH-pifC4WGA-8uNRUzACQtXGYeRXUTQHxr8RhqmRmUlcG0a7&sig=Cg0ArKJSzABDIzcgab7EEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
DATA 200
OK truncated
/ Frame D7D4 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96e5296ddad0be67d0b7c8642ca9c682872e422e1922af5968012e00c49da9fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame BF99 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUxfG2SEdou9aLh6kQbXi8fVLBdFBYCCZV8nRgngFZkWPnUp2EZCPN3ZNvLKAqgtNJjE2crVyg6i4PGQgrhpVDWYy_Iu049_rgxxTxLxT8Nm44bCkJmqte6mMThy5UQJCGCLYYnJJa7sFR1ID-F_iczjh82E-VcnkYZgyf82XujoQA7aXBWS-MOPpaW_SeOY8ERsnfZ1brIkrzGErFCjeymvr2RyXHSDwGLYfKWdgSI3fEZKoN7yclMudKeWXON9zMZ8mjBmOat-E4hfcbOdgiwb3i6Xnl6GZ_4DQJp8Pku7vSFl1Y-sg9s1sN23Q_ep-s1i4D&sai=AMfl-YRSYY-syal2IooXW3Z-0XJeGe6RWM9Nfq_OPwQEJXbIQw6LFxF0RkoRq9l_YbdqfnLpAZrn6_1VfgD5sDSsD_plJGXGuJmQS_cp4TMcRPsinTaIoZbpxohoVU_H08ZB&sig=Cg0ArKJSzDqytZBxSoKLEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A8B7 70 KB
24 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adfdb3dc4fdff2e6d29b67c47f2de166896215061cb13b9ae2f5e03c89146e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "943 / 101 of 1000 / last-modified: 1627510412"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24669
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7F72 70 KB
24 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c97c5d948d0dad5d9c855929735520bc03b7db108e274877299fa3b3fa07e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "943 / 732 of 1000 / last-modified: 1627510277"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24669
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7164 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=palu.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7164 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=palu.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7164 10 KB
5 KB 198ms
198ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=32505919658833&correlator=316968996392873&output=ldjh&impl=fif&eid=31061842%2C31061963%2C20211866&vrg=2021072403&ptt=17&sc=1&sfv=1-0-38&ecs=20210729&iu_parts=56646742%2CNPM%2Cpostbid&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=website%3Dtribunnews&eri=6&cookie=ID%3D956b199ac1b25cc4-22c145a68fc8008b%3AT%3D1627542841%3AS%3DALNI_MaEivdF1BHKW97jHGU8Lw4Nl27irg&cdm=palu.tribunnews.com&bc=31&abxe=1&lmt=1627542842&dt=1627542842323&dlt=1627542841912&idt=391&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1075&adys=3481&adks=1837322704&ucis=j8pi993zgbq&ifi=1&ifk=3695063658&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fpalu.tribunnews.com%2F&top=palu.tribunnews.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=303111006.1627542841&ga_sid=1627542842&ga_hid=1772931428&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f1bfe2872a9c74d70815837c145e11115e30a1d692718a148a80105cfd9accbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4968
x-xss-protection: 0
google-lineitem-id: 5430244985
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317774802
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
123d0c633895fe339f8c361eaea51cf9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 75B3 6 KB
3 KB 28ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://123d0c633895fe339f8c361eaea51cf9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 123d0c633895fe339f8c361eaea51cf9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 29 Jul 2021 07:14:02 GMT
expires: Fri, 29 Jul 2022 07:14:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7164 0
0 45ms
45ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQldHd-_GwJEEp9YEcJjuy-19UAS2oLO4_JdGi0grYOwBFiT7exwr2tarjlSr7L7Cgaw7R9EDDnQJ4qznHBoSY7wnsHGAXB6Kbk4nwTvj-AuYrrRH86p-q68Gq9zCqjcDa6QM7DTXOJei_1C42DqgnCzXX62yDyOXUzvgQ4y0RyLFaDcwtHm1okmuIRkFMKWNgLoFNAKRPpTW2i62wkTOjTt6Xy1IZzOYUBVaJBmH0NSLx-r3QmwsYocog_REuJpSTN-mpQXEfuDyyvQG8CDfUsOdWtPnRFHpe1sk35D1c91mQ4toImzSGLSmI0kleZWpTKd8Chg&sai=AMfl-YQaDo3xoVqNYA0ziIQmjuiclmA2oqV-o6jsRt_PzyDl-yaL2Id-8qiR3RR7Myw-8Lzb4PPxpsPo0g-5RD0bijA2SHpBPv3k4oTaJ5k7oZyfQ9NuU5ozPJpyZsu16fmJ&sig=Cg0ArKJSzJAtCy5VzwYaEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
DATA 200
OK truncated
/ Frame 7164 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb1d3b660ad505da483804e091bf03345c012498457e0825295d01f57ab3e74b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 pubads_impl_2021072403.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 930D 318 KB
111 KB 16ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

f33472fb0529099b682dcc4b94104ea70cec2d79d8ecca8875754a39a6d227ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 15:22:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113953
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 pubads_impl_2021072701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A8B7 318 KB
111 KB 18ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js?31062033

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

efd6c3fe040e0780295b2bb958b6cb638b10d68ea13bb0a5d3a4da7efce788a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 08:37:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113834
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 pubads_impl_2021072403.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7F72 318 KB
111 KB 16ms
16ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

f33472fb0529099b682dcc4b94104ea70cec2d79d8ecca8875754a39a6d227ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 15:22:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113953
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 930D 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=palu.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 930D 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=palu.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 930D 51 KB
11 KB 363ms
363ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=323091150631435&correlator=2646990893693151&output=ldjh&impl=fif&eid=31061160%2C31061843%2C20211866&vrg=2021072403&ptt=17&sc=1&sfv=1-0-38&ecs=20210729&iu_parts=56646742%2CNPM%2Cpostbid&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&prev_scp=website%3Dtribunnews&eri=6&cookie=ID%3D956b199ac1b25cc4-22c145a68fc8008b%3AT%3D1627542841%3AS%3DALNI_MaEivdF1BHKW97jHGU8Lw4Nl27irg&cdm=palu.tribunnews.com&bc=31&abxe=1&lmt=1627542842&dt=1627542842456&dlt=1627542841900&idt=532&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=100&adks=615982124&ucis=o4mzceifpw8p&ifi=1&ifk=203287444&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fpalu.tribunnews.com%2F&top=palu.tribunnews.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x0&ga_vid=303111006.1627542841&ga_sid=1627542842&ga_hid=133889370&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d473eb93f2a81719b3eee975ed3f4aadb6136067da31ee4235ecd1e127061061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11335
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://palu.tribunnews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9d7c30f052ed2bbadbfbc81b60229d22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F34E 6 KB
3 KB 48ms
14ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9d7c30f052ed2bbadbfbc81b60229d22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9d7c30f052ed2bbadbfbc81b60229d22.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 29 Jul 2021 07:14:02 GMT
expires: Fri, 29 Jul 2022 07:14:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame A8B7 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=palu.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js?31062033

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A8B7 107 B
122 B 16ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=palu.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js?31062033

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A8B7 10 KB
5 KB 122ms
122ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1057717307742452&correlator=661092384353624&output=ldjh&impl=fif&eid=31062033%2C31061180%2C31061843%2C20211866&vrg=2021072701&ptt=17&sc=1&sfv=1-0-38&ecs=20210729&iu_parts=56646742%2CNPM%2Cpostbid&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=website%3Dtribunnews&eri=6&cookie=ID%3D956b199ac1b25cc4-22c145a68fc8008b%3AT%3D1627542841%3AS%3DALNI_MaEivdF1BHKW97jHGU8Lw4Nl27irg&cdm=palu.tribunnews.com&bc=31&abxe=1&lmt=1627542842&dt=1627542842499&dlt=1627542841906&idt=568&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=1075&adys=502&adks=3792745561&ucis=31jc64tiqx5g&ifi=1&ifk=3039744056&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fpalu.tribunnews.com%2F&top=palu.tribunnews.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x0&ga_vid=303111006.1627542841&ga_sid=1627542843&ga_hid=2013205728&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js?31062033

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4f77f7e49d29a03278d206ee31931851d5a1a772a9991784fe357dd747e02dc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4932
x-xss-protection: 0
google-lineitem-id: 5430244985
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317774790
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
781d526dd377f902e06f9c1dad769958.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FE03 6 KB
3 KB 64ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://781d526dd377f902e06f9c1dad769958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js?31062033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 781d526dd377f902e06f9c1dad769958.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 29 Jul 2021 07:14:02 GMT
expires: Fri, 29 Jul 2022 07:14:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7F72 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=palu.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7F72 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=palu.tribunnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7F72 67 KB
23 KB 355ms
355ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969835748910737&correlator=3497122277434860&output=ldjh&impl=fif&eid=31061181%2C31061842%2C20211866&vrg=2021072403&ptt=17&sc=1&sfv=1-0-38&ecs=20210729&iu_parts=56646742%2CNPM%2Cpostbid&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=website%3Dtribunnews&eri=6&cookie=ID%3D956b199ac1b25cc4-22c145a68fc8008b%3AT%3D1627542841%3AS%3DALNI_MaEivdF1BHKW97jHGU8Lw4Nl27irg&cdm=palu.tribunnews.com&bc=31&abxe=1&lmt=1627542842&dt=1627542842534&dlt=1627542841911&idt=602&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1075&adys=2861&adks=1837322704&ucis=t9fvk98mcyhi&ifi=1&ifk=3039748675&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fpalu.tribunnews.com%2F&top=palu.tribunnews.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=303111006.1627542841&ga_sid=1627542843&ga_hid=488653734&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

cb51210e71842bcc0c105f61889158722ed2a8942fc4b20dac6cbb89b5b3df94

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2j9Mfdh_ICFV_uuwgdm60FYA&gqi=&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2j9Mfdh_ICFV_uuwgdm60FYA&gqi=&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23808
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 29 Jul 2021 07:14:02 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3AC0 6 KB
3 KB 47ms
13ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 29 Jul 2021 07:14:02 GMT
expires: Fri, 29 Jul 2022 07:14:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 1681 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 25 Jul 2021 06:38:58 GMT
expires: Mon, 25 Jul 2022 06:38:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 347704
cache-control: public, immutable, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7164 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298829912756"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7164 11 KB
9 KB 40ms
18ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072403&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a7f2347ef0c064179dad0c0335fe1c077ac08dcd0426d9c5a5cebff53a4ba65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8521
x-xss-protection: 0

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1681 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 16:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:05:13 GMT

GET
H2 200 prebid4.11.0-tribunpostbid-12102020.js Show response
cdn-3.tstatic.net/ads/postbid/ Frame 1681 171 KB
56 KB 16ms
15ms Script
application/x-javascript 13.224.193.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dcf0d95a6b3dd3c22e659a12e4d97549e022de5bd7be2b65ec6692f8d94ddb0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 12 Oct 2020 07:55:41 GMT
date: Wed, 07 Jul 2021 13:31:59 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 08:31:00 GMT
server: AmazonS3
age: 1878124
etag: W/"60d38f2fbb417b144c927817bd98f386"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: c4pFw8EslLTeb7tlMi_lCoDlgDgrkej3tw5odQPlqThhZXG35liv9A==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1681 124 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7164 17 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1681 0
0 43ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssF363lLA_HioEHGViWLqIYjr4CxL3iXbKNq0SrZYmTdONaE8UKfOhg6EFaM3O5-fuiM0veRADwWk89ye028oQUChSveHXNddW-gSBxJyyzaqWwK80N_vN1Zu0qTOJ0mC5cmRgRSaH4xYGJkokNga7xXYyUHkRb0igG_NIh9CARsZ9o4ZNkfDB7NnX1NPsl-UWh6dxCJoeECthrilGG9I3uvazre_tjSTD5eSFkXWMfVT6LenzFyQUUD_RkySy5viTe_xXIlDny8-UlmkwNN4SnL8bqchebRRcsJlZ-zmQKHdV0MxLaS9kvMpFlhjJ4eU4&sig=Cg0ArKJSzCIDXWXSdQapEAE&urlfix=1&adurl=

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 1681 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8b630f61d8ed687f559f78e3529d04518530e310f8ca538e45932c24c017c23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D28 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js?31062033

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 27 Jul 2021 14:52:43 GMT
expires: Wed, 27 Jul 2022 14:52:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 145279
cache-control: public, immutable, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A8B7 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js?31062033

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298829912756"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A8B7 11 KB
8 KB 37ms
22ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js?31062033

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0de0e6f78cb26c0e220fa5c2480228bbea91d11790eae331f0533df536cf259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8511
x-xss-protection: 0

GET
H2 200 arj Show response
kompascybermedia-d.openx.net/w/1.0/ Frame 1681 172 B
378 B 21ms
18ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://kompascybermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpalu.tribunnews.com&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=f1db17a4-bb6e-43b0-b239-0ea1831e259c&nocache=1627542842689&aus=300x250&divIds=postbid_iframe&auid=541029639
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: b24a0ab1cc030a37df7f8c27f9e63df2d44470db897a5b453fd95ad07547be7d

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://tpc.googlesyndication.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 1681 24 B
378 B 19ms
17ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=484623&v=7.2&r=%7B%22id%22%3A%2233d2b425ae0578%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22459ef5371add2f%22%2C%22ext%22%3A%7B%22siteID%22%3A484623%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fpalu.tribunnews.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fpalu.tribunnews.com%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 97ba8fcef32c9571ceb8896a2cf70e999a100f7de869cd222df07dc11e487856

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://tpc.googlesyndication.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Thu, 29 Jul 2021 07:14:02 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 1681 0
198 B 20ms
20ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.11.0&cb=70891477333
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tpc.googlesyndication.com
date: Thu, 29 Jul 2021 07:14:02 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
DATA 200
OK truncated
/ Frame C15A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dba1b516b83cbf86ddd3a468511c112ff23e4dedf654aa5cea256478a1146c96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C15A 0
0 43ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWHNueo2Zbj-CR7NWD2USGoFBF-XV3hqpcVpd_qv94GKd-N6g42cmEp6BbEP2bCOezINwXoYg-xCTbzs5HfI6ZJOS3ZZexwq63LGXVjeR8x7Te9tH5sodaXUsg8cyUeaSDE7ljW9dAKcqXmVj6Qrnk0N-NJgieNQLbrNYdQqu22LnRE4NcPppJIUx_vOyG9foMZkFhvOT69yGlKE5HBEIog-qgcV-MGt34yaxURb9KaZnT4Ckw2N_fS3KCZvngahW1IVAZ0_O72ZQumrxX_vhv7XptmHM7u8nzvcM2DMNkGoPnhpAwQPW7wqDODt1_9Rw7I9qscw&sai=AMfl-YT9R3HjXaBR2rBS3_mDKJrZnp6O7c6pJf69B__IB-2u7URDZ-MjmVRqYdZm4h4BjB3Xg63ghQLaRl3FmjwbVGLT1uw12sUJ616A_JwlEKDI2XlUqY4qoou3ksT4XAKi&sig=Cg0ArKJSzFspnUCM7YdZEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1681 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJ7Jn2IvJ5UI1GQ5k743oLAUBukGoB04wyufz5u4xUOZeLfHrPymxFOeRvD24fjiPD6J4vEtrVHrf-fxpIeNrBt_ceIuUoyp6wfSZ7UCNmW0TXJJz47SYEgfqstgBZCi9azhgSW0vjVZEkiFmceyyoTmihVGJInpHwYqXiyj7U-d4hOmB29n-sM-haQ-EwroznDEFiTVpFaGNnsTBErTr1EQ_R4uCbNaiQQo3gFYniRqCdECoIFn3iDsOCm1JeA634V2XtBJtSq3eaalvEhdHquPFmbsctaORiUMvKATQo6Q3TBn8mZkDkixJhTmQa5UO01Q&sig=Cg0ArKJSzIev11BDF2LAEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 826E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 29 Jul 2021 06:47:51 GMT
expires: Fri, 29 Jul 2022 06:47:51 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D23E 783 B
530 B 23ms
23ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ead9f84a20f3c0de4a832bec07399e629c9070ae6197060cb02a8a3ba883ed93

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2uSpux1ddV7x5tBrWuopCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=220=oGnEJDgE8l-HqZoS9d3BrChQ4wIhwk3kK4fysE1w2bUxjB3ug6ClPB5uyYihUi4lGToJMCF53ghoT3-SWIBBH7wbcL8y5nHo4Zwh-sYjxNWBh-5jrVnzz_BG4XTdLY6mnMKqE64bu9MRnV59HmU0RFxP3oJN_h1jI47FbktugmM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

expires: Thu, 29 Jul 2021 07:14:02 GMT
date: Thu, 29 Jul 2021 07:14:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2uSpux1ddV7x5tBrWuopCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A8B7 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js?31062033

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3D28 22 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 16:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:05:13 GMT

GET
H2 200 prebid4.11.0-tribunpostbid-12102020.js Show response
cdn-3.tstatic.net/ads/postbid/ Frame 3D28 171 KB
56 KB 15ms
14ms Script
application/x-javascript 13.224.193.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dcf0d95a6b3dd3c22e659a12e4d97549e022de5bd7be2b65ec6692f8d94ddb0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 12 Oct 2020 07:55:41 GMT
date: Wed, 07 Jul 2021 13:31:59 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 08:31:00 GMT
server: AmazonS3
age: 1878124
etag: W/"60d38f2fbb417b144c927817bd98f386"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Z_4Pz50-5XELsPB8i9xqfznI6zKMR9DVon7_KLRQ1ntt1m9o9-BnPA==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D28 124 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js Show response
pagead2.googlesyndication.com/bg/ Frame 826E 35 KB
13 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13261
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 18:46:42 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5884 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 29 Jul 2021 06:47:51 GMT
expires: Fri, 29 Jul 2022 06:47:51 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6BE4 783 B
531 B 18ms
18ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

294cb5d732e9bd2efca3d0ba47c64adb68f8e595820697c9bc32cc1e1fad82e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5fgiFia51LLOid491Z6cqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=220=oGnEJDgE8l-HqZoS9d3BrChQ4wIhwk3kK4fysE1w2bUxjB3ug6ClPB5uyYihUi4lGToJMCF53ghoT3-SWIBBH7wbcL8y5nHo4Zwh-sYjxNWBh-5jrVnzz_BG4XTdLY6mnMKqE64bu9MRnV59HmU0RFxP3oJN_h1jI47FbktugmM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

expires: Thu, 29 Jul 2021 07:14:02 GMT
date: Thu, 29 Jul 2021 07:14:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-5fgiFia51LLOid491Z6cqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3D28 0
0 42ms
41ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthzbXJGnLovou6Yqeozdo9CBuGckdAtbdeayl6wUy0brpKU_wuvoD5MF4FPPkooHXWknoFKWjDmjh8h9LktpRjis7u6BMWZor7mhatHDOG0Ws4ITgkJ_D7vrK-l-yiWg3_yV5X1H_LBJaf88mjMHtqv-p0twfklAGqb9bVo79ZTnZpq6GsonyUtuoskoja6EgDDx4Ib0H-JeAq01oAJ-oLezbhkqGyGmanu6N5PRionHxwi713QYUyak3_U3k2MOtiRyJJgmK8DSqYXOGMZ9NNNDXrXt6vC1t9V_MAcWkLCw20Znc6JZEsOV_AzK4&sig=Cg0ArKJSzCZ7HwjmMJCqEAE&urlfix=1&adurl=

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 3D28 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f862dc89cfbe216ff7d53929bfbc6157196896b89e56a4e42ba3d631efa7957

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 3D28 24 B
378 B 14ms
14ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=484623&v=7.2&r=%7B%22id%22%3A%22182e0722f4754f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222ada9cc0295994%22%2C%22ext%22%3A%7B%22siteID%22%3A484623%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fpalu.tribunnews.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fpalu.tribunnews.com%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e08e4d6864de48c1c50a320f48e9f1c14574b14d6541c11293ef4beb5062e43c

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://tpc.googlesyndication.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H2 200 arj Show response
kompascybermedia-d.openx.net/w/1.0/ Frame 3D28 172 B
354 B 19ms
19ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://kompascybermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpalu.tribunnews.com&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=bd6a2aa4-f699-4f75-9648-27901adb92ac&nocache=1627542842805&aus=300x600&divIds=postbid_iframe&auid=541029639
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: b5bd7baf44b282b82b31228f18cf96718f73efdbe72052dd00a8bd8e0cae3ec1

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://tpc.googlesyndication.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3D28 0
198 B 19ms
19ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.11.0&cb=60549259913
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tpc.googlesyndication.com
date: Thu, 29 Jul 2021 07:14:02 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3D28 0
0 53ms
52ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGvOgenJ7dRcCKkd__Hnkg_oiXof3YpdUHC5RHYuZSxIf5wqRXQ1VmFLN0lRoh7hFCxujzI4H6sVCsYjNpDunhiLLuoM0739jPbXyDao7b2Iz-_4QPkeoBXBh5H0P0QecvPVf6iLcGu9vqgRcqvpNxyRQwsvfMyx8lmSGY8UktLjLNLZfHivxHNpfmhHdOL-1-sVm0vdZAI2t8QANHuE3ClOrI9KqvxKyUZF7lIIwQGJG_BD17mOcdC36Pp05sp8eGp0L0fEnq1IsYJV0sWYcuWjil9TlamBpuJ3CGdl8RuccqQDmu4xxSA5niGArRUw&sig=Cg0ArKJSzLsAwg4Ol_mXEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107200040000/ Frame 201F 188 KB
55 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d51b5c14fd6455affd3baceb0d2015c532566645fd80f645260c803a8b0f1c57

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 223535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55196
x-xss-protection: 0
server: sffe
date: Mon, 26 Jul 2021 17:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a8830a242785ad6"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 17:08:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame 201F 13 KB
5 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 223535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4808
x-xss-protection: 0
server: sffe
date: Mon, 26 Jul 2021 17:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "82cb572e3b54d217"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 17:08:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame 201F 87 KB
27 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 223535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27828
x-xss-protection: 0
server: sffe
date: Mon, 26 Jul 2021 17:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2309f93374d1f64f"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 17:08:27 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame 201F 71 KB
16 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85dff621ce266a4ed39e36fc4ed2266ddde3ae98fc0f7f194d48c6220c012cfa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 223533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16686
x-xss-protection: 0
server: sffe
date: Mon, 26 Jul 2021 17:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8f20cdf17b5cea36"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 17:08:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame 201F 4 KB
2 KB 46ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 223535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1648
x-xss-protection: 0
server: sffe
date: Mon, 26 Jul 2021 17:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0ef177dade489237"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 17:08:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame 201F 40 KB
13 KB 47ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 223535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12831
x-xss-protection: 0
server: sffe
date: Mon, 26 Jul 2021 17:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "896e0bc3d66ccdf5"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 17:08:27 GMT

GET
DATA 200
OK truncated
/ Frame 201F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b088e13e4bc45ca5c09ca5365c3e2a2ec087de51a4bbe0fb6aec9c582926b9f6

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 201F 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 00:52:54 GMT
x-content-type-options: nosniff
server: cafe
age: 22868
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Fri, 30 Jul 2021 00:52:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 201F 344 B
368 B 9ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 45227
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 29 Jul 2021 18:40:15 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 201F 0
0 16ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoMHMEfQHnNBcuqAhGiVNtQY-uAFlsxpusSB_CYLnYyzdMHV4GuzwEAptEQSFPGpusRQ8416afvNAhoINYG3cWSPOp4g
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 201F 0
0 25ms
23ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeIrYOlUCYaSOHoPJ7_UP1amM-A2t143TY-bfvKb1DfHJ_d8FEAEg9rrCIWCV-vCBjAegAenFqp0CyAEJqQKJ7uhjJOSzPuACAKgDAcgDCKoE4gFP0GBMoaY_ufZl8L-Vcp584HjijgM593yRxV0ikGiyQegtxNOBvFmlFlDtzePePG2RD4lKN9PLykKY79yGOlikQc5XRK0aPcJLXizkL3w95l2PoCEkKbT7Bu3bimW7RaIGzpqFAUr5OOEU8H7kHcAFI60owMF1uLnwET33Fgi8VwV4rOXLJvTKjvH2aXV0xTgYF2ATMwrNEkTKqIb6aKo5qIu7XNSqpbDOZzFrNpmX_nSH3hevmP7K6xG9yeX7VDl6K9La9jm5wteETwNZkw5z08nfmZcX0GnqT6D6jtSu5fMzwATU5YmnlQPgBAGSBQQIBBgBkgUECAUYBKAGLoAH_7nV4gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ5JEG0ggJCIDhgBAQARgdgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTc0ODYxMzkwNTMzNjc2NjY&sigh=wgP56JWlsGM&template_id=419&uach_m=[UACH]
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 bg.jpg
tpc.googlesyndication.com/sadbundle/3875550563059570358/ Frame 201F 85 KB
85 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3875550563059570358/bg.jpg

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92ddefed5fc2e803ed5b17851e32d22d084098b43df6b910a32b54a5fb0ee541

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 07:32:14 GMT
x-content-type-options: nosniff
age: 171708
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86845
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:21:45 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 07:32:14 GMT

GET
H3-29 200 sale.svg
tpc.googlesyndication.com/sadbundle/3875550563059570358/ Frame 201F 3 KB
2 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3875550563059570358/sale.svg

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40f741c6fb84c62cd5ecea3c599f116b1fc462577a40c1435194ce4ea8315f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190812
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1537
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:21:45 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 02:13:50 GMT

GET
H3-29 200 text.svg
tpc.googlesyndication.com/sadbundle/3875550563059570358/ Frame 201F 4 KB
1 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3875550563059570358/text.svg

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb03a995b934489f11642e82292e004cf98ebc640344f719baf09e9f61a7e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 02:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1326
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:21:45 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 02:10:14 GMT

GET
H3-29 200 headline.svg
tpc.googlesyndication.com/sadbundle/3875550563059570358/ Frame 201F 5 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3875550563059570358/headline.svg

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b05946162c6115ca78a22288ea0f91ebabe3db4b7a348db30d3c6c5d8125080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2454
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:21:45 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:27:00 GMT

GET
H3-29 200 cta.svg
tpc.googlesyndication.com/sadbundle/3875550563059570358/ Frame 201F 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3875550563059570358/cta.svg

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffbfcd6161f8f114e3792eb2f176b5fa3bf23da93c7c4c2a598fcd8130d942be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 16:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139234
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1014
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:21:45 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:33:28 GMT

GET
H3-29 200 logo.svg
tpc.googlesyndication.com/sadbundle/3875550563059570358/ Frame 201F 3 KB
2 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3875550563059570358/logo.svg

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

133fcaf66bbf8639e2b73461c9c5fbec0ed5c8267dbc935d898891db20f6abb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 19:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1596
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:21:45 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 19:35:49 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 930D 11 KB
8 KB 23ms
23ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072403&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae82184c50da694107e643121789a22bb0fd8acc5e11de3f6cb1daf499fc473f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8479
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 930D 17 KB
6 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 status Show response
accounts.google.com/gsi/ 40 B
91 B 29ms
29ms XHR
application/json 2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=657538641912-e5c2itnmne4v4ple558a79fi6kkb3iau.apps.googleusercontent.com&as=Ffnw7PT95aYdukoBRwOyBA

Requested by

Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.unNwGD9Tbdo.O/am=chE/d=1/rs=AF0KOtWXjjr1PdTR2ZbOay2VCO3VY8meJg/m=gis_client_library

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

280996344976f41937a436819c9f3ae881e32d13c4abf325d504ceb8ec13b2bb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YyIbNfo5eLCp7AFS+Tl4IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://palu.tribunnews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-YyIbNfo5eLCp7AFS+Tl4IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A762 291 B
724 B 48ms
15ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=palu.tribunnews.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=palu.tribunnews.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1637
set-cookie: uid=9948b52f-5bdb-4ab4-9ab2-86e4dc9d7da7; expires=Tue, 23 Aug 2022 07:14:02 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Thu, 29 Jul 2021 07:14:02 GMT
content-length: 321

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072403&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9871f1e0eeb8a49d942facac8703c1a5b76ee0bcb5c91d04ec967bf5da4ba216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8442
x-xss-protection: 0

GET
H2 200 z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5884 35 KB
13 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13261
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 18:46:42 GMT

GET
H2 200 container.html Show response
cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FA8 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 29 Jul 2021 07:14:02 GMT
expires: Fri, 29 Jul 2022 07:14:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F72 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298829912756"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7F72 11 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072403&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83c75c6945fd69ec3ad97a37b0a81ce270f21c1a8c43f5edd1d8cfadafab8954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8578
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js?31062032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:02 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3186 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 29 Jul 2021 06:47:51 GMT
expires: Fri, 29 Jul 2022 06:47:51 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 044E 783 B
781 B 16ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35e4358f9f7cde2ebe9374e3ca455e8a21af4ce3aade25c09bee601728f640b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n4OgzcUVDivQrMD52tDmZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

expires: Thu, 29 Jul 2021 07:14:03 GMT
date: Thu, 29 Jul 2021 07:14:03 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-n4OgzcUVDivQrMD52tDmZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame DF35 83 KB
27 KB 19ms
19ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:03 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jul 2021 07:14:03 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7F72 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:03 GMT

GET
H3-29 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 201F 3 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 00:52:54 GMT
x-content-type-options: nosniff
server: cafe
age: 22869
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Fri, 30 Jul 2021 00:52:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 201F 344 B
372 B 9ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 45228
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 29 Jul 2021 18:40:15 GMT

GET
H3-29 200 bg.jpg
tpc.googlesyndication.com/sadbundle/3875550563059570358/ Frame 201F 85 KB
85 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3875550563059570358/bg.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92ddefed5fc2e803ed5b17851e32d22d084098b43df6b910a32b54a5fb0ee541

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 07:32:14 GMT
x-content-type-options: nosniff
age: 171709
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86845
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:21:45 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 07:32:14 GMT

GET
H3-29 200 sale.svg
tpc.googlesyndication.com/sadbundle/3875550563059570358/ Frame 201F 3 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3875550563059570358/sale.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40f741c6fb84c62cd5ecea3c599f116b1fc462577a40c1435194ce4ea8315f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190813
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1537
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:21:45 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 02:13:50 GMT

GET
H3-29 200 text.svg
tpc.googlesyndication.com/sadbundle/3875550563059570358/ Frame 201F 4 KB
1 KB 11ms
9ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3875550563059570358/text.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb03a995b934489f11642e82292e004cf98ebc640344f719baf09e9f61a7e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 02:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1326
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:21:45 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 02:10:14 GMT

GET
H3-29 200 headline.svg
tpc.googlesyndication.com/sadbundle/3875550563059570358/ Frame 201F 5 KB
2 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3875550563059570358/headline.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b05946162c6115ca78a22288ea0f91ebabe3db4b7a348db30d3c6c5d8125080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2454
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:21:45 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:27:00 GMT

GET
H3-29 200 cta.svg
tpc.googlesyndication.com/sadbundle/3875550563059570358/ Frame 201F 2 KB
1 KB 16ms
14ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3875550563059570358/cta.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffbfcd6161f8f114e3792eb2f176b5fa3bf23da93c7c4c2a598fcd8130d942be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 16:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139235
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1014
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:21:45 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:33:28 GMT

GET
H3-29 200 logo.svg
tpc.googlesyndication.com/sadbundle/3875550563059570358/ Frame 201F 3 KB
2 KB 14ms
14ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3875550563059570358/logo.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

133fcaf66bbf8639e2b73461c9c5fbec0ed5c8267dbc935d898891db20f6abb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 19:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1596
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:21:45 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 19:35:49 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2E07 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 29 Jul 2021 06:47:51 GMT
expires: Fri, 29 Jul 2022 06:47:51 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F506 783 B
529 B 15ms
15ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a57b1f98012faf52f6b585f058b350d190438a053ac7f8b06abb5ed7b139ec17

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NpiUTpEsjp8eqHsZPEJS/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

expires: Thu, 29 Jul 2021 07:14:03 GMT
date: Thu, 29 Jul 2021 07:14:03 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-NpiUTpEsjp8eqHsZPEJS/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF35 42 B
64 B 14ms
14ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUBhlZhHnf1B6a0V24tfYEZCTOdNPD9AiEDtgypk1TTPR22CUsvq58--fb6cu5HhN85E5umDLtSbRgHpwmbYZnA8AslPFJlphYs9nLnHONtKyZkbEi&sig=Cg0ArKJSzMjT3dW_4St4EAE&id=lidar2&mcvt=1047&p=100,315,350,1285&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20210726&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=4142103192&rs=4&met=ce&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627542841923&rpt=354&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 9F85 223 KB
37 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Requested by

Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/17626451119355985920/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 26 Jul 2021 22:35:33 GMT
expires: Tue, 26 Jul 2022 22:35:33 GMT
last-modified: Mon, 03 May 2021 14:21:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 38330
age: 203910
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2FA8 0
0 19ms
18ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1a8nOlUCYY2eI9_c7_UPm9uWgAbzxPT8Y__K94H2Db_hHhABIPa6wiFglfrwgYwHoAGVz-jxA8gBCakCie7oYyTksz7gAgCoAwHIAwKqBOQBT9CEna2oxsjDKqfuSica1YtCvfMiOyG9Dfo2OFTEMvzEMIn20z2q0xohFiokTUW2RAkaojsogTfldZeCggsIqR9DEygSREZrA-4GoJHDrNxGT-LUKD9rabnqTpxGJBbAFzF9sPpZh3I74_dc4mid0YXkKAH4g_2IQwVwHcwcSLxKjc1ZbCmDpcMBM1WDfeKhBE53GDEoxKB26hLu5ybt2536QkkQzzVod_weJVQsHU84Mtg4TdXVwc1IGiEPgJaj64vUC39eB_jQ6LWXOvV1TQCg4DPcLt3nGc5V2GD6-z4caimTwATarIXYywPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGXYAH07CXDqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCL6grSCAkIgOGAEBABGB2ACgHICwHYEw2IFAHQFQGYFgGAFwGyFxoKGAgAEhRwdWItNzQ4NjEzOTA1MzM2NzY2Ng&sigh=GM34tD0Z8Sg
Requested by: Host: palu.tribunnews.com
URL: https://palu.tribunnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A35 143 B
245 B 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com
URL: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 29 Jul 2021 06:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame 2FA8 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/window_focus_fy2019.js

Requested by

Host: cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com
URL: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 07:10:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FA8 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com
URL: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:14:03 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame 2FA8 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com
URL: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 07:12:26 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 2FA8 0
0 14ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlimifu1LE8O2ciN5zV-bAmA2ILVfCNvK1EAxaSgL7eDKUmPclWSFdGkmfH7v5mZ15m98avLWl9l37I04-ZlUUdqGOhQ
Requested by: Host: cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com
URL: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 030D 83 KB
27 KB 17ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:03 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jul 2021 07:14:03 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 96AA 83 KB
27 KB 20ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:03 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jul 2021 07:14:03 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9C30 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 29 Jul 2021 06:47:51 GMT
expires: Fri, 29 Jul 2022 06:47:51 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DEF5 783 B
532 B 16ms
15ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c511b74e058e570f8cc8db1709bec0fa9c4acd2ed008772f00fc03e1568ebdc8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q/zCo9voiXkqcNRAvx/OkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://palu.tribunnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://palu.tribunnews.com/

Response headers

expires: Thu, 29 Jul 2021 07:14:03 GMT
date: Thu, 29 Jul 2021 07:14:03 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Q/zCo9voiXkqcNRAvx/OkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame DF35 83 KB
27 KB 15ms
15ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:03 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jul 2021 07:14:03 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 030D 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMa7kivA-jP9zhUv8iCYgGRUqYQH8EUYzEXuSWx8VNCdVLbvqvcVt4caJF_hMLWfq0va5Sz3ajIsNnDLtfIOxGbhrduBE8KhpQZwSuuGIkeHiQHd06&sig=Cg0ArKJSzDMZmZ2wLA6aEAE&id=lidar2&mcvt=1058&p=502,1075,1102,1375&mtos=1058,1058,1058,1058,1058&tos=1058,0,0,0,0&v=20210726&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=145075749&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627542841923&rpt=357&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D7D4 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstw68r0jrNEZobYD_nNJLXuI59tL56uC5jIUpoPck8PHCvtKVg1oeC0ZM_O8r39-LEm3sdAFJIJ3IWExicUtFfqMllOyHGwdtbgsk3wUQABzRTjwiAe&sig=Cg0ArKJSzKeT9-8AjbFoEAE&id=lidar2&mcvt=1059&p=869,536,984,665&mtos=0,1059,1059,1059,1059&tos=0,1059,0,0,0&v=20210726&bin=7&avms=nio&bs=1600,1200&mc=0.99&app=0&itpl=19&adk=201145796&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627542841945&rpt=418&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 030D 83 KB
27 KB 15ms
15ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:03 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jul 2021 07:14:03 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 96AA 83 KB
27 KB 15ms
15ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:03 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jul 2021 07:14:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9F85 2 KB
595 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2130554153fa8c200d17c28a5c70c3b0cf4bd9b4796d6e431c89c7f99417a1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 07:14:03 GMT
server: ESF
date: Thu, 29 Jul 2021 07:14:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jul 2021 07:14:03 GMT

GET
DATA 200
OK truncated
/ Frame 2FA8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29fdec903411d0f9e56961049613164a3466f6ed02cfd15f479330a0b8f4ea0d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9F85 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 18:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 29 Jul 2021 18:13:47 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9F85 26 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 29 Jul 2021 12:37:33 GMT

GET
H3-29 200 z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3186 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13261
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 18:46:42 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A35
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

27ms
14ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com
URL: https://cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 29 Jul 2021 07:14:03 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 29-Jul-2021 08:14:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Jul 2021 07:14:03 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 29 Jul 2021 07:14:03 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 9F85 23 KB
23 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 197842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:16:41 GMT

GET
H2 200 N0bU2SZBIuF2PU_0DXR1.woff2
fonts.gstatic.com/s/bungee/v6/ Frame 9F85 17 KB
17 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bungee/v6/N0bU2SZBIuF2PU_0DXR1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 04:58:01 GMT
x-content-type-options: nosniff
age: 180962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17268
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:47:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 04:58:01 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 9F85 22 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 08:34:22 GMT
x-content-type-options: nosniff
age: 167981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:34:22 GMT

GET
H3-29 200 z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E07 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13261
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 18:46:42 GMT

GET
H3-29 200 z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C30 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13261
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 18:46:42 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7164 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072403&jk=32505919658833&bg=!ISKlImbNAAals0SOpbM7ACkAdvg8WhzHZpRy_n4r4J3OEGVcV8mxWJTqOeUwT8_h7OFrY2ItWvFZPwIAAAIGUgAAADNoAQcKAEwV20yHVDWMTfvP3k7johyGRXJkwnm6r8vevVIt3l2mVDjj5EatJD9LkjQG3LBf9viOt2-Ok_XPGm_jSIyBXIi-onTUNrDtbgxYcXaumQKSmzRJyrmF9mj9y0DtCiKy3s8eskJK2kWQhlS-uXSxuzehf2Cz4FMKZ-WF6VjlhOi67uH1d_Bf7SyPopZsuNTNrdTb00IjYnMRyF5O-pNSI4vcWS2sAF41Wdi1hberNrRTCh5eSzxwzuxBCGVjstsJYS9DnTLDFTDHCno9R_CKq4Z_lfXOzwJtye_Pfy6ta07pFs-EKAiIs8OAzCqXLiz7L2ngbMvPY2IAMSSdRvGACV1q_eR2TUFRCmKL_CwDgcvEORt5g9CxlSE4q5vHsv2fY3k6c0mCgx_fkclm5p_4IVgO6kEWrY6FrnSnNDc-FWymHnxSrbQxO3Cb9kvG83McyNQj8___f7HpG4EIDGpVFo5FAnloM_F8TiRuJnFFMHSfTPlBWJa0xXAfeAHT99-nuZQF_J5TLt35hyH84Fgb-wJkUds3oec5dhhKyUvo4l1TPDwvHvTeFpzh94WrILRhFTdvsRK89NyToscIkSxHf1smaB8cyIwCw3TuXG81kzFqn4ErecdQ8rzoVthxwmoXlrKrPg1tNk7myrkgxCXAENv_Z4Mm7wFQpQJCfWBjWPNOUn1f9Qirfpk45FnHkcF6_zRpiTE08wYB5lVMeGnsG7yZmNhvnO4juIgYk76MPYdK5aCvS3ZX3ZaQMyfgNDTnscssLb7AhI_oN_pnupB5scvD4NzKrdsu5OUKb38oUSicjycqnND-7YF2jkdp7jD6VGkHMyfIGCChmHLWaJhfRq67k4i0jndvaZZv6CQd8plLCbfDPP8yZhkqgtVzDxc8s4NrHsCObs1PxxAltmRQpVWsNF0UlqcEupM1IqAs0ktkOuSkWy8g3_M3CrKe47v_rMq7z3nAtE0p5mSA3-JNslUCqA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 null-leasing-logo-final_white_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 9F85 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/null-leasing-logo-final_white_1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 189288
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1738
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Tue, 27 Jul 2021 02:39:15 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 02:39:15 GMT

GET
H3-29 200 autos_licht_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 9F85 6 KB
6 KB 8ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos_licht_1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 117455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5867
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Tue, 27 Jul 2021 22:36:28 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 22:36:28 GMT

GET
H3-29 200 autos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 9F85 48 KB
48 KB 9ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 156716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49113
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Tue, 27 Jul 2021 11:42:07 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 11:42:07 GMT

GET
H3-29 200 hintergrund_plain.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 9F85 30 KB
30 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/hintergrund_plain.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 154618
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30604
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Tue, 27 Jul 2021 12:17:05 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 12:17:05 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 1681 83 KB
27 KB 14ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:03 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jul 2021 07:14:03 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C15A 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjrG9Le6RKUK2nie2pDl_6v0DeuLh6oSxcYsQKmio_f-87Ri3W_wsu3ZQfWpVMiBd_oMmBCTK2iiEPav-ax4Jpl3_TevNXrs3mEdrKUvgs4pvlP_j0&sig=Cg0ArKJSzGoJ3L0WkSfwEAE&id=lidar2&mcvt=1018&p=502,225,1102,385&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20210726&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1514582817&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627542841920&rpt=802&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 96A8 291 B
591 B 18ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=palu.tribunnews.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=palu.tribunnews.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tpc.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=9948b52f-5bdb-4ab4-9ab2-86e4dc9d7da7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 4743
date: Thu, 29 Jul 2021 07:14:02 GMT
content-length: 321

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 1681 83 KB
27 KB 17ms
16ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:03 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jul 2021 07:14:03 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8B7 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072701&jk=1057717307742452&bg=!np2lndnNAAals0SOpbM7ACkAdvg8Wgni5kc7U-wYH6s8fAi2Vvq2sxO3M5GrsxpxUT0y6wmw3BzV4gIAAAInUgAAAD5oAQcKAM1iNEUBzXpYazPBvTfXJKUjZxoMUjc1TVvXBNYgL7DTjs1YQBfjny5zY9hRxgdbEbsmP30pM3-9Q02hifuEQRao-fycjwDqWEaXDmBEVxNgdaZJjKLf4grQS8JSvjc28KdWM2maEq8bPe1jnhREk_UnEjyWiywn7I2t0ZutH-SnYRC98k8E9-WmlJjCfJzOlNT5-2QTle-I-EahCNizhQYWTqV2rz6ey-X5U_c_WufPVplUJM8sd4CQ0U6TNtScbTtsue9LcmCAWSxcnkGOmQLBwpcjxsXsElLfzInFA0WpEh4VRUvbfUs7gEOXAmQvvQhNcSOLZSJL2qpu7SzxB-tkK7exZVzhwOxC9iT6TGX4fy9jTk32mRbVj26gU_S3xTA6Y2pqMzDH0xyv_F0pQUyfcHmd4NVEOzavB-OF67tvrAoOs1qQhLTXq2PSTVmoMOe7UGzihoQMcCyu8dmbugqGciqqdIOPy3MTq81BnuWUmqrqZ-AlCIqQrtGrv6zXtHWDN1mbv41nJDMWbrruGVh4pKSLwJRALKqDLKSJ6T0UE3PEAgbH4sHHA1ybQnIkWblwIYms5oB-QmGEvtaYm4l8XXW2tKgtK_72xs4RFkoZyAn4MyDo6Nh3r4X4_5tdhrQIvFNmUkAugOIqHLJcpFxxoKFnFoxEHo473rMkvgUV6MYnfWZ3zWV4-4M_ZKYB3XUVcgUfVt_tFz-oUB7AvPkNGiKHYfBwX9Va2upJ3j5HnOXbVEOIEDryT94MHsvPie5OK8Tqkgo7soxsciR3coQQopPTERnu9lICqh1k4kXApVcQ3LQ-TyPpLk8sTFqJBaDnfJV8mlcPJAXiP61oY26BBpvoBPFRhAPW-9GPQc6TB0tD28gSSqS_hfm6ZhwmyZOSwe_s2LWQTMMruxiI3d0Kea8SFryo52KBN_OIHOXWnM9tskqO3fMjjhTURzbtIEefLHUqMDUJW5_5aUfG5hTiHCWLN5imWpBTcPv56JF3OWwWbma1oIzNE__5BmloP5d1acAG-dZdSPLNREsFQvnsJl6HP7ezBwYUCHGrqGF_6UK7r82oPf0_fvc0iGYWCPC8NqLAkl-3ADqZ4Ppb5TXaL_nL3X6C0EMfdHgB8vHV3oDPqyCdVAiP99nTnZeEzPOYPz2-5AKhe47zFmB_CfxCKnjIsrS8KAaAXPc70-OyNLvx3aDexJ4VDLORuQAEIQ42

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 3D28 83 KB
27 KB 16ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn-3.tstatic.net
URL: https://cdn-3.tstatic.net/ads/postbid/prebid4.11.0-tribunpostbid-12102020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:03 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jul 2021 07:14:03 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3D28 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssg82A3Nm51EM5VZCk0Qq7-EVMisvWIXtpSlm_X4M7WKb1tCnJdqzlImnfV9Ygyi8CJYrlBlItM2Add_MsxmPHJXdaPy6hpHeJ3JOaHRPVy0ukDByh_&sig=Cg0ArKJSzO-KUeOktZjqEAE&id=lidar2&mcvt=1024&p=0,0,600,300&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20210726&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=3792745561&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627542842676&dlt=21&rpt=122&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D3C4 291 B
591 B 17ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=palu.tribunnews.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=palu.tribunnews.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tpc.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=9948b52f-5bdb-4ab4-9ab2-86e4dc9d7da7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 3487
date: Thu, 29 Jul 2021 07:14:03 GMT
content-length: 321

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 3D28 83 KB
27 KB 25ms
24ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:03 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jul 2021 07:14:03 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 930D 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072403&jk=323091150631435&bg=!QEOlQwfNAAals0SOpbM7ACkAdvg8Wi-mE6qCz_8wXU0yCroNg5H9txcgHci9-PCJsUi_nH_PkZwe4AIAAAFQUgAAACBoAQcKAMAAVKluajdew70XfvSw4tv6ubp7ihVuBnAxtRi0IztFaG9mwxoFqZQt39Y6nEKqIMAHbCxQGs2guJpsZzg2wbScQM0C5jr1Xkf6AbmWTg3pw-R-9IHNRRfS2aP57rfrvLwRRTcm4knoeqYckDqxdbt5UQei17-v8_T5PzNFHWIY_hLbP7Oo0Vvv_KIcuZ5---PQT45PoNjKSAsv-k9dPgXMq-uZ0fV0roYRimtenZ_t4KlH3moYqHNh06sRWIpqR2mZAqwbg9b8Mn0ZWxl4ht2jadYKW3CzehyYmTT1TZ1CA72yIlflzCJlmN0yab4krz97Vh8deauvO_eJ_eGT1nkcG3Z3cpsHICr7jmW26HSc9uXPWrLUap4Gvkapjv8hlSHnhTqeEgkzrhr1Tba7jfqiVZzp9hmixJGgeRiZEXz3ZpDkNItZ0Ynm8jYgl9u-sMahI9Llo76y-grNHV-XrgdjvEKDIHbaMcbgAYPSfN4rOQ-FtJ9w3eppxpnPa-0CVe4VO2ybUAx4LHo9sKju4Qgil9DbUEIlfKBvanJ7_BCdwOazUjRpSihHlzrtQiLUefT4pPSyTV8MSAFOSylLVsuqzhhz1UU1cLxnl0lc0Lb1jP089g9AR9G_RKMnXBXLsNx0XwDKlDGyaFOOtHU7yCJlHdVQNdabmLU1INPDLq4xZZ4XDGXQ2Yl_aCHUjO2WlUS-ZI_Yt0iqaiIsT5FRlHGvu8UUpi0vb_bUuIYCOkQP4HCDkrVCGjwvBHuSVQcqULB8cmCVmDrXjOtgee45ZHeGnkb2S4rZVMPgMQKdHuy5GZxDNFedAcpi0bZ6SheyEqcK5not3UOhjVulG4fJAKzWelAVEI0uCxFF6467Eh7f_gn18e4pCVr5GaqWHAefzoLsGDwp3aUUGZWIOikBWGygIhAdD_sa4-yYZJSAgWln1ESllMdSLiDEYAneL2vz38HI-JwprzD2odwsMVqVtdBzcvWTgsjVDRG2VsnEDJJOUn2V3G9tOOsn1Ty1E796d8BtkyJTaVviK7cIoKfcEhrkWQRFYYSrEhpSmZl0ticj4FS6i5Xb1vJdFHdqYrH9wb-I-IySIpt43m2ljSK-IJFtZ_N4or0aD5vZHBaGgCUE-q3qP1dx9xVTrlVwxlS4T2NNfzRbBMze7nSI_UkSED4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072403&jk=3324396679612950&bg=!hYalhsLNAAals0SOpbM7ACkAdvg8WlFDMFVZ6rxQflcKgd6wPgUaGQRK9xTfqcfpXssGRBBXsKQxIAIAAAEdUgAAABFoAQeZAne_bX2cIUKAsh3D0DwQkzN53ngBgii1f1TSpBrJs8yuOcFAsU2vxXEZp2QrK2Uu4gs7YISjOGqRE5kHf1muW2M5DQrUf7FqRdBx8eQ7OThzMTzPrimMp8SFR02g8qAvukJ_trdeR5f6hvCvLIwL1GfSIgXm0ZrH_XCKVyrmNkPfn3ekCJ7-lj_DrhAwVi7QqddSB4FRgsavpjrtsBUiecHEcX9PoFRbfLCBqgceaB0Q6RbLd16FrIyKYKKBpR_evqtD-pPnppUl5E1rMiBKUu7lJmEoU_wFTdcfiOl-d6yfaS2jW905aPNs0oIgk3R67Yf9e7eNpmxNXvWPq1A7UfZEGstYBX3Yx0wsvma2fBrc8C8QWlsU2vAtqurHlzjbE_gHsoMvczwBAdD2gvJkT2R-WIXTIs2EdwG-XyEf8HulSWn5LQJyDnzW-SQ3hfV-vuzzwgCFt4DixLLUP6r8Fko7nyH-pTf0kHwlZSkk2xmgGEBD_uBcUwFp60ICOz-brer_QKJ49sMa5Nfmg_BFL7zckLxQTyMX4QsZ12HlEDXxkR9hoJv2jMMHv74I0KqCUJiU059JASIaVccLGlQXiie7h1K5_VLofNghq9Jm8OshkoVXvnxbB7_-YNQSSwUaiJsxbo20xX37ZRmZtayLIEQLgbs5eabteJJbK6Nc6NooD_cQeph-wXN3Lx3Gfe9kyWaAxT3c3K2S-NQ2A6CMOqVDtJi2mDwlIbsXxDaZlW6Pfg8_YvE9nAk-9Bs9Xy81IMNC0KoE3C20JG8q3vS4B4nYy63Ruhg-gqNp9Y0RUsXWTrTLSDTEO-cKDMU5fmAYRzfOG-AKUfO6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F72 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072403&jk=2969835748910737&bg=!DA-lD0vNAAals0SOpbM7ACkAdvg8WrgWLhwaWcBsaIuAqF0VgqBxMImUX1EHLQ4T-EPq6gsWwWCW4gIAAAEOUgAAAA5oAQcKAN7Oj4C304Kb0UXSuSEeeet7mndyqG761L_fA8Kds9LKFT6-OCFO-kB_VfkwheR4EXHPHb7jGsw3TO9tJT0rmJN4sNH8s8jQA5AhGUjGGrtXdtxZ6NpKbk6hrdwTSDNRgsHtEjmOWuVp56yKnyzJRcRnYzBldX9aP-CGSUJHXCX-DaOS1lHgxETNAiqPO-IhI2XTAPzW4eHnZXAjPxDdW4_2FFj2FT6sVe6XsC73l9KE3b2nB3RMaF3Dhbx2Zf7izJRLjKycK-SvEXTa9h6Deul7t1jXMyol87BQNLz2LRGZAqlWY_afXCoap3Pvu08_Y_tkTiTY7J0XsBLdmkLASrATpyIUZxSl2S4k8jQw9CUv_ehVPLX4gE-aJg5FiONE9r9a6fw6X0om7U8AojPsXQCNOA4KKX1SnAHYH2o-QQnK-krUhwNiGDn1HHBxXV1vSoa872T5BRubQX6zGIdc5M5292ndUxGubd8fIwj3mL8uHQhmBavrHRJ2FHc_gnAwHjMEu9njh_YndU-O11FgzvaywkCrpMvDpSEkYt6379Ja3IOY_FoKkqmoNPpHcPE8NqRowRBU7JnDQNk2Dmt1yWHzVdeJKh_lwjkk9Pny2oI9FErX_wwXIhFVg3W-ibrIW6s2Ity9pk2SAJKn_sus3xdry906dRQrqXk1G0N5qph6g-A4OUpHPJ1TMfTozZ5gVQ_AtnXJhVUgJR-ZIup4Fb-lFywvs-g2MyPfTyE5ObWQ8yuWG0xVei9w_gFziyKT08Vqdl60sE4Rb6OcCu_jf0s0kp6AA6Mmft6GGS2tpRUxamHamHvcUmv16Uvmm_LD_py6cUv47fpNVHtixsJvnpnORL2eSjQydl84uIw34SWtXjcMbUmnK218TJm3G15KJeeAKWIBFadbIs1-ltZtv2QhS86LB81pJ0CIVMAPBEaRF-86exRSlmKbl-Y-Mf10tB72mSlIi79aK2OOGUWvh9g-AmxxiIM729ZhTitOwxOIRmpNF9AYI3wuKVDad5zVdBbuQZvs9I_cVvB3KYFe2YhYfXhEYo3qHpjoIiurnAcf2AiODVwWW4IZGQQovzJKTiNEQPGaNPt4DPoJCVOjrNnBvwOac8Nk0jZVYSt6r6_yzWUavlYUl3eT6HXS5GsB2k5KNWGfFYz1fB3bZAXq4q868DdGjt2kaP9pbI3oXYxODa97TlRdB5Rs9lw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 201F 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssc61_9okig0IGCHJhC9vCbDflcrHVamiR9cSmK0_bbsPugvw5aJ1DxQZHsV_6e2fmymbQSYoqDFp7vdG-SI56a8hiE4oqsopsqB5ruxk3Rnzfrkaq7KKFLbapAJPDsp9f5aMxKXk_qab-jtvhiM2WCAw&sai=AMfl-YTx9hnEDMH3OWVrIgermsWhK1FCGnBbrE3HJyhQhrNwBOaOKGNMHmocBO5ATex4O9C4b8zfcBJfhcssrn9KEC6eisjOkYsLUcygDJBdqu8QL6-LPW2Qb-heZWlB&sig=Cg0ArKJSzJdNVRwXLGoKEAE&cid=CAASF-Ro9ITcU2bReMygtTuw4dxecRtUruxH&id=ampim&o=315,100&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=292&tls=1293&g=100&h=100&tt=1293&r=v&avms=ampa&adk=615982124

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
265 B

138ms
45ms

Image
image/gif

13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date: Thu, 29 Jul 2021 07:14:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156479
https://image8.pubmatic.com/AdServer/ImgSync?p=156479&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzVBQ0Y4MDMtRjdGRC00Q0E4LUJCQ0ItNDUzMjE4OENEODY4&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
159 B

18ms
18ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:14:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Thu, 29 Jul 2021 07:14:04 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:619
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGt5UKWPie8Ht8xgmDxR94s&google_cver=1

43 B
114 B

17ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGt5UKWPie8Ht8xgmDxR94s&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:04 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGt5UKWPie8Ht8xgmDxR94s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 030D
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWUwMmM0ODYtYWU4OC02OTFmLTQyODItZGQ4NWZmZmU1NTIy

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWUwMmM0ODYtYWU4OC02OTFmLTQyODItZGQ4NWZmZmU1NTIy

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 29 Jul 2021 07:14:05 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWUwMmM0ODYtYWU4OC02OTFmLTQyODItZGQ4NWZmZmU1NTIy
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 96AA
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWUwMmM0ODYtYWU4OC02OTFmLTQyODItZGQ4NWZmZmU1NTIy

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWUwMmM0ODYtYWU4OC02OTFmLTQyODItZGQ4NWZmZmU1NTIy

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://palu.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 29 Jul 2021 07:14:05 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWUwMmM0ODYtYWU4OC02OTFmLTQyODItZGQ4NWZmZmU1NTIy
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

openx
match.adsrvr.org/track/cmf/ Frame 1681
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1
https://match.adsrvr.org/track/cmf/openx?oxid=b26d174c-67ff-37bb-5762-873c351c9b42&gdpr=1

70 B
264 B

45ms
45ms

Image
image/gif

13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=b26d174c-67ff-37bb-5762-873c351c9b42&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/openx?oxid=b26d174c-67ff-37bb-5762-873c351c9b42&gdpr=1
date: Thu, 29 Jul 2021 07:14:05 GMT
via: 1.1 google
server: OXGW/16.211.0
alt-svc: clear
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 3D28
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=1
https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3871668137338343392

43 B
106 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3871668137338343392
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:05 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:14:05 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3871668137338343392
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://scripts.jixie.io/jixietracker.min.js?accountid=9262bf2590d558736cac4fff7978fcb1(Line 1) Message: Local storage cannot be accessed: Cannot read property 'setItem' of null
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js?31062033(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	info	URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107200040000 https://palu.tribunnews.com/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

123d0c633895fe339f8c361eaea51cf9.safeframe.googlesyndication.com
781d526dd377f902e06f9c1dad769958.safeframe.googlesyndication.com
9d7c30f052ed2bbadbfbc81b60229d22.safeframe.googlesyndication.com
a.teads.tv
a01970002f1c437440e132dc926a3cf9.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
apis.kompas.com
bidder.criteo.com
c1.adform.net
cdn-1.tstatic.net
cdn-2.tstatic.net
cdn-3.tstatic.net
cdn.ampproject.org
cdn.bhisma.cloud
certify.alexametrics.com
cf0d623760dbae6153eb1865ce4a2233.safeframe.googlesyndication.com
cm.g.doubleclick.net
connect.facebook.net
d31qbv1cthcecs.cloudfront.net
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.jixie.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
id.jixie.io
image2.pubmatic.com
image8.pubmatic.com
js.genieessp.com
kompascybermedia-d.openx.net
match.adsrvr.org
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
palu.tribunnews.com
prg8.smartadserver.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
sb.scorecardresearch.com
scripts.jixie.io
search.spotxchange.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sttribunnews.kompas.com
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
traid.jixie.io
tribunpalu.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.224.193.126
13.224.193.25
13.224.99.12
13.224.99.2
13.224.99.41
13.224.99.66
13.225.87.56
13.248.242.197
13.248.245.213
142.250.184.226
142.250.185.130
178.250.2.131
18.193.194.127
184.30.21.51
184.31.84.150
185.64.189.112
185.64.190.79
185.64.190.80
185.86.137.113
185.94.180.123
20.44.221.204
20.44.221.56
20.44.221.77
213.19.147.43
222.230.178.129
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200d
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c0d::9c
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.1.187.198
3.142.157.144
34.98.64.218
37.157.4.24
47.246.43.224
89.187.169.47
00bbf9065c9ee44162a997a2de18636b880bb702217f94f268ff9523e52539d3
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07b9970f019f61cffc7eb4371c092841d61d88dda75f641bc26ef87ba20e3dd4
081a28dfa5acc18a525c552aa51fc5a0bc1e2eb1c387db969b8f8af3d77a530d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
0f862dc89cfbe216ff7d53929bfbc6157196896b89e56a4e42ba3d631efa7957
10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f06d84deb1812d407b8ed81c74deb4af37c5b67c3a59c948de40bce9e6bafe
128794d73a68830b2bf1321f680e31cf7b1ee8ae285266803600b98a193907ee
12ef031d9496dceda1c4c89f1a47b8d9a2ff3c608557b910d0d2116c99f1db2a
130368e1880972a560164d6a42407eb853179a8eb98aa11b3ec7605296dfe775
133fcaf66bbf8639e2b73461c9c5fbec0ed5c8267dbc935d898891db20f6abb6
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1
15391720f91661e5c1923192fcf60af24abe1e451d1c4c76b674b456921072e5
172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18b522c67f7c02fafe1d20473c8026a5e76b0e99dd8a0cc39dbc2cda30d72a5e
1c42149352cb1ecc54d93657ed2057c6fd90829db44bed159e994bfe9f32a9da
1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca
2130554153fa8c200d17c28a5c70c3b0cf4bd9b4796d6e431c89c7f99417a1a9
259d57a1883217a2e9ba8d568ce172d35c880ed6a7910fa34d45b2d1676c3fd6
267ade676d69bc337296c5891ade9d7b83f3f7fda5d4d173d9dd1ad91dcd3050
280996344976f41937a436819c9f3ae881e32d13c4abf325d504ceb8ec13b2bb
294cb5d732e9bd2efca3d0ba47c64adb68f8e595820697c9bc32cc1e1fad82e8
2962922674282aed943cf9fda1016917496061996c2f0ca58fd46bf802e406f5
29fdec903411d0f9e56961049613164a3466f6ed02cfd15f479330a0b8f4ea0d
2b022788138978dd6c1f958280e4b04d05c4d011fbf3c6974241efdaa4124845
2b05946162c6115ca78a22288ea0f91ebabe3db4b7a348db30d3c6c5d8125080
2de0109003c5075c52a761b2d15ebdd98a1786fe69bd44bdae0341019250ec98
2f498042cc396ccf1d0b4fb7988ce6d5376c8dab4616d1d59f0e3afa93b6999d
35e4358f9f7cde2ebe9374e3ca455e8a21af4ce3aade25c09bee601728f640b5
3a60d1e453b540468254222d40af851211645cc87082d629c464c253aac85a5b
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
3dbd92a4d9dfb02a54188eed15ebb1e53e795290d937d6361e0a91339b446ab2
3e368ec8f6a4930a07f0688ee9375dbe682347f233cb63524a63e3012bab2383
40f741c6fb84c62cd5ecea3c599f116b1fc462577a40c1435194ce4ea8315f45
440d0090b9ce0f8b19dddb87bac569ea428bfdd7635731427d60f12b806d1ba0
46b6d68c80630f7526173c193b8bea75d55b8c92da59abf1b30d498159fb600f
48cf10a3b1ebb48a5df4ca0105a1c1266c4c81be2f440debdd00224a359cb37b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed3afd3e1c378a2d609810648471eb383138c8abac4cb3b9c5580b7fe80a07d
4f77f7e49d29a03278d206ee31931851d5a1a772a9991784fe357dd747e02dc8
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52f2098042ea6f42f6c8c3b1a6d24ca48782c64edb0a67688fdf04fff018808f
5387facf9f23eaefec729338e88aca98feaa80db77200f67db9739860797940b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
565f6ce315f39da13894bfb2c523bc7493e5aeef7cec6b3681c042d463b55da2
5b6c6e2402121bc873b33146f81a48362e8cd3a11f36be404db2106342fa9e1b
5ca057005013190b87e172c88560cb8c3b63ad62dfb9d5a9b190369a7a53254d
5cfe671424099855ae35137698705a000904721ddce7d0eb6c0c94a1bc672e19
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
62b964c6110d2300c2b25824348217c5226ce87eb4a681bde737ed016285b2b1
62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab
65c97c5d948d0dad5d9c855929735520bc03b7db108e274877299fa3b3fa07e9
68470431441ff523bea2624b97707d78e9142349cdac0470110ebad8671332ec
695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a8722814f7bca9ad41d6934c6909c2f35568af8bc3fcf804cb821939b8641ce
6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c
6b97bfd960d4686a8adc7c1199ff547e98bb596923a08727d2c1b3ddb8c4e3b3
6bcf3feea6855567ee353b1dbf32a172367a9c83776e758c044d5d6ebc93672f
6c1f2b87b622e9783e4dfa6417c212e4247542093ae6a75fe86978e08e0b5ef4
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
6dfe1af86e4519f86351d02b09ccb73e6b2efaa827716550505aa1aabfa21787
6e2cea1b72af8853ad3e3040b5ab4e37624d0eb3540da8e124f10e9713901efd
6e8998fcc93c6ba56eb9e6acbf61d8738c6c3b183e7dc0ed7aaf46bbd42984be
727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772
733c6e44bb416671c9651ac9369fb7b95f1e212829ec5cf6d79eb0071fcbcead
7a7f2347ef0c064179dad0c0335fe1c077ac08dcd0426d9c5a5cebff53a4ba65
7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3
7ff9d4ae2b3407b031e3359007ff4d7ac9e0b342f25ce44c77d3cb7f14f65043
80c819940af40ab5681f0a77d23e45961d1f9217e0b56300e2aa6bbc44c8076e
8313ff88bfc8762b8d4513ec6bf32ea6731f591ef517a493ec89af057d7539cc
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83c75c6945fd69ec3ad97a37b0a81ce270f21c1a8c43f5edd1d8cfadafab8954
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85dff621ce266a4ed39e36fc4ed2266ddde3ae98fc0f7f194d48c6220c012cfa
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92d6b966c3b2fb58c469e35de5c5cdf8cdaa30ea9bb7a3e15e1b86765f892452
92ddefed5fc2e803ed5b17851e32d22d084098b43df6b910a32b54a5fb0ee541
9371797a276ddf55a98d19ae0d7ef2bd8b13e9cd5816058ea3c24b425e6923b5
938a99a3e27509604576cacb6df12aface946d0a798bf96c677560cda5081ddb
93ad25346390323235a0b27d7f517853a0b911cb94f0755786ee858f2626acaf
95281293f9a21f246f632ae93119536050f4004de05feeb7e7e5a72cee756ff5
969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8
96e5296ddad0be67d0b7c8642ca9c682872e422e1922af5968012e00c49da9fa
97ba8fcef32c9571ceb8896a2cf70e999a100f7de869cd222df07dc11e487856
9871f1e0eeb8a49d942facac8703c1a5b76ee0bcb5c91d04ec967bf5da4ba216
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9b2cb94031134f699f4ab71b59d43632de3265142b75aab562aa1784a06697e5
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
9dcf0d95a6b3dd3c22e659a12e4d97549e022de5bd7be2b65ec6692f8d94ddb0
9f65c8eaaea81710bbaaf2cf4d28eb107c1fef17e9c702a63238ce1751edeae8
a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57b1f98012faf52f6b585f058b350d190438a053ac7f8b06abb5ed7b139ec17
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28
a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae
a8b630f61d8ed687f559f78e3529d04518530e310f8ca538e45932c24c017c23
aa6d9391202f7396a6acea8d1a44199b334efa384c859edfe061493970fd5807
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a
adfdb3dc4fdff2e6d29b67c47f2de166896215061cb13b9ae2f5e03c89146e5d
ae82184c50da694107e643121789a22bb0fd8acc5e11de3f6cb1daf499fc473f
b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b
b088e13e4bc45ca5c09ca5365c3e2a2ec087de51a4bbe0fb6aec9c582926b9f6
b24a0ab1cc030a37df7f8c27f9e63df2d44470db897a5b453fd95ad07547be7d
b4e6758d5628b2765fa2fcf572e4ff7eb8eb99ca6bf9212931999d249f4b5e17
b5bd7baf44b282b82b31228f18cf96718f73efdbe72052dd00a8bd8e0cae3ec1
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b71e65e95e5eae06fbad0964eb27a7e3ee5787a026043e203e65c8d15bda9ce3
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
be89c14f297310443a803ac4eaaf7db21a27372ef25a0a4b17db745715ec366b
c05153861ac13fc16d93303642bd26c7828613c0b118f023ac14446e203849fc
c0de0e6f78cb26c0e220fa5c2480228bbea91d11790eae331f0533df536cf259
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c511b74e058e570f8cc8db1709bec0fa9c4acd2ed008772f00fc03e1568ebdc8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca852419746f5e5dc4d27335cc101e34e4ab5475adcd5ed3c6e209aeb344c7df
cb51210e71842bcc0c105f61889158722ed2a8942fc4b20dac6cbb89b5b3df94
cb6943e8690610c08bdf51109fe431aeab098a4441fcb80f22c3f7a435042785
cfb03a995b934489f11642e82292e004cf98ebc640344f719baf09e9f61a7e13
cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2
d3150cecceaba3dd7038a7ebe75ece09c40b486ce011c81b92a8b22cb9abfb3d
d473eb93f2a81719b3eee975ed3f4aadb6136067da31ee4235ecd1e127061061
d51b5c14fd6455affd3baceb0d2015c532566645fd80f645260c803a8b0f1c57
dba1b516b83cbf86ddd3a468511c112ff23e4dedf654aa5cea256478a1146c96
dbba45cb3355a22c9ddd6893732795b6746e460fc1ac52e77b5268ec9d685f5f
dbdad70b9c114a72c0afaefeced811142cee2823898b7449f72971af80811064
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df1afa97a201c63b6da6b3b4999f69944ae6b2b3e28607e4283f9a2d7a905261
dff1a5c82f4e3c4874471b2fa1cbfbeef071337b892872fd231e86e73ee55e1a
e08e4d6864de48c1c50a320f48e9f1c14574b14d6541c11293ef4beb5062e43c
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e30e11c5d8eed69cd8045bb77a4c7808bfc2a7a42bb693b11c5140d4d78eb894
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6eb68d4b4b8a4295742792be3d217419fb2652654a75d5b5509a32a9152dc9d
e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce
e7b83dcb9180c06c0d1ea6fd3ea6123b332926eddedb1977fecad4c4a8a3ca32
e7fe2658eb999f3b15e58fb37133962dce8943c53800e4aca85b701d1a343d89
eaa5b4f5b56eb212ecc172b5a7ad7cbaa38c528720db498c7b2f5e0991267d95
ead9f84a20f3c0de4a832bec07399e629c9070ae6197060cb02a8a3ba883ed93
eb1d3b660ad505da483804e091bf03345c012498457e0825295d01f57ab3e74b
eeec4fc3c1f692ef46b28dff16738ab01b17a1ba4ea13d57b48e60d1ab5a8719
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbcc3f526cae97859fdb262d53ed3d5bd245871c94605031a1bf0bb15c00de1
efd6c3fe040e0780295b2bb958b6cb638b10d68ea13bb0a5d3a4da7efce788a6
f1bfe2872a9c74d70815837c145e11115e30a1d692718a148a80105cfd9accbf
f269d8e4611ccb2f1ec9773b6a30a23e20c14d4cbbe16cde735b6b47437c7e4d
f33472fb0529099b682dcc4b94104ea70cec2d79d8ecca8875754a39a6d227ea
f4410561798cf158e9eeb1f6717b69c164de20d0a0e38d89b86038b3d377b484
f5aa71bd228436fe33d28d796c7173959a26c85894f4b3120c7a9d5da949af68
f951b8d30909525216c0b5b7402592e80b05ff1f6c1f9c711670fdb1a5d0d0c8
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffbfcd6161f8f114e3792eb2f176b5fa3bf23da93c7c4c2a598fcd8130d942be

palu.tribunnews.com Open in urlscan Pro 13.224.193.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

301 Requests

100 %HTTPS

47 %IPv6

36 Domains

63 Subdomains

56 IPs

8 Countries

3684 kBTransfer

9277 kBSize

0 Cookies

84 Outgoing links

Page URL History

Redirected requests

301 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

palu.tribunnews.com Open in urlscan Pro
13.224.193.25 Public Scan

Screenshot
Live screenshot

Full Image

301
Requests

100 %
HTTPS

47 %
IPv6

36
Domains

63
Subdomains

56
IPs

8
Countries

3684 kB
Transfer

9277 kB
Size

0
Cookies

301 HTTP transactions
11 data transactions