urlscan.io logo urlscan.io
SecurityTrails logo

medan.tribunnews.com Open in urlscan Pro
52.222.214.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://medan.tribunnews.com/
Effective URL: https://medan.tribunnews.com/
Submission: On November 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 91 IPs in 14 countries across 56 domains to perform 367 HTTP transactions. The main IP is 52.222.214.96, located in United States and belongs to AMAZON-02, US. The main domain is medan.tribunnews.com. The Cisco Umbrella rank of the primary domain is 139699.
TLS certificate: Issued by Amazon on July 5th 2022. Valid for: a year.
This is the only time medan.tribunnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.222.214.49 16509 (AMAZON-02)
1 52.222.214.96 16509 (AMAZON-02)
18 18.66.147.107 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
16 52.222.236.125 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
32 18.66.97.75 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 18.65.39.21 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 13.32.121.17 16509 (AMAZON-02)
3 18.65.39.30 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
16 2a02:2638::3 44788 (ASN-CRITE...)
5 185.89.211.26 29990 (ASN-APPNEX)
5 89.149.192.64 60781 (LEASEWEB-...)
7 2a02:2638:1::1a 44788 (ASN-CRITE...)
5 37.252.173.228 29990 (ASN-APPNEX)
2 213.19.147.43 3356 (LEVEL3)
1 18.192.184.0 16509 (AMAZON-02)
1 103.132.192.30 138552 (RTBHOUSE-...)
2 34.98.64.218 396982 (GOOGLE-CL...)
1 185.64.189.112 62713 (AS-PUBMATIC)
6 185.86.137.17 201081 (SMARTADSE...)
1 104.18.19.126 13335 (CLOUDFLAR...)
1 110.238.107.108 136907 (HWCLOUDS-...)
5 185.94.180.123 35220 (SPOTX-AMS)
1 88.221.169.49 16625 (AKAMAI-AS)
6 2602:803:c003... 26667 (RUBICONPR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 223.119.20.23 58453 (CMI-INT-H...)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
19 2606:4700:1::... 13335 (CLOUDFLAR...)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 19 172.217.16.130 15169 (GOOGLE)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
2 3 185.89.210.90 29990 (ASN-APPNEX)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
3 3 213.155.156.183 1299 (TWELVE99 ...)
1 1 2600:9000:224... 16509 (AMAZON-02)
2 3 51.89.9.254 16276 (OVH)
2 3 13.248.245.213 16509 (AMAZON-02)
3 3 3.126.56.137 16509 (AMAZON-02)
1 1 37.252.171.52 29990 (ASN-APPNEX)
4 2a00:1450:400... 15169 (GOOGLE)
1 178.250.2.148 44788 (ASN-CRITE...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 88.221.168.201 16625 (AKAMAI-AS)
1 185.64.189.221 62713 (AS-PUBMATIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:2638:1::8 44788 (ASN-CRITE...)
2 2a02:2638:1::17 44788 (ASN-CRITE...)
2 142.250.186.130 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2620:116:800d... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 15.197.193.217 16509 (AMAZON-02)
5 5 3.122.172.96 16509 (AMAZON-02)
2 2 54.170.158.38 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 185.59.208.177 43541 (VSHOSTING)
1 198.47.127.19 62713 (AS-PUBMATIC)
2 178.63.45.45 24940 (HETZNER-AS)
4 185.64.190.80 62713 (AS-PUBMATIC)
1 1 103.229.205.242 30419 (MEDIAMATH...)
1 3 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 2 52.95.126.160 16509 (AMAZON-02)
2 2 37.157.4.23 198622 (ADFORM)
3 114.119.175.30 136907 (HWCLOUDS-...)
2 2606:4700:1::... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 162.19.138.83 16276 (OVH)
2 2001:41d0:701... 16276 (OVH)
2 162.19.138.118 16276 (OVH)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
2 2 185.64.190.79 62713 (AS-PUBMATIC)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 198.47.127.20 62713 (AS-PUBMATIC)
367 91
1    52.222.214.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-49.fra56.r.cloudfront.net
medan.tribunnews.com
1    52.222.214.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-96.fra56.r.cloudfront.net
medan.tribunnews.com
18    18.66.147.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-107.fra60.r.cloudfront.net
t-1.tstatic.net
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
11    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:6ea0:c700::20 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
delivery.r2b2.io
16    52.222.236.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-125.fra56.r.cloudfront.net
t-3.tstatic.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
32    18.66.97.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-75.fra56.r.cloudfront.net
t-2.tstatic.net
5    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    18.65.39.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-21.ams1.r.cloudfront.net
asset.kompas.com
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    18.65.39.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-30.ams1.r.cloudfront.net
apis.kompas.com
3    2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
12    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
16    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    185.89.211.26 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
r2b2-emea.adnxs.com
5    89.149.192.64 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
7    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
5    37.252.173.228 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
etarget-emea.adnxs.com
2    213.19.147.43 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
targeting.unrulymedia.com
1    18.192.184.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-184-0.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
kompascybermedia-d.openx.net
u.openx.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
prg8.smartadserver.com
1    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    110.238.107.108 (Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-110-238-107-108.compute.hwclouds-dns.com
hb.jixie.io
5    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    88.221.169.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-49.deploy.static.akamaitechnologies.com
a.teads.tv
6    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    223.119.20.23 (Hong Kong)

ASN58453 (CMI-INT-HK Level 30, Tower 1, HK)
scripts.jixie.media
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
22    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
15    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
10    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
19    2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
19    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
cm.g.doubleclick.net
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
3    213.155.156.183 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
1    2600:9000:224a:b000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
4    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
4    2606:4700:10::6816:46af (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ipromcloud.com
a.ipromcloud.com
1    88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    185.64.189.221 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
2    2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a02:26f0:480:f::213:7ed6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
3    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
5    3.122.172.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-172-96.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.170.158.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-158-38.eu-west-1.compute.amazonaws.com
ads.avct.cloud
2    2a05:d018:d29:3601:d9a0:8a83:a4c7:eb08 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    185.59.208.177 (Czech Republic)

ASN43541 (VSHOSTING, CZ)
PTR: webgarden-track-lb-ha.vshosting.cz
log.r2b2.io
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    178.63.45.45 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.45.45.63.178.clients.your-server.de
de-core.iprom.net
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    114.119.175.30 (Singapore, Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-114-119-175-30.compute.hwclouds-dns.com
traid.jixie.io
2    2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
2    2606:4700:20::ac43:4b59 (United States)

ASN13335 (CLOUDFLARENET, US)
eu-1-id5-sync.com
2    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
2    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
66 tstatic.net
t-1.tstatic.net — Cisco Umbrella Rank: 105852
t-3.tstatic.net — Cisco Umbrella Rank: 136774
t-2.tstatic.net — Cisco Umbrella Rank: 38487
645 KB
42 googlesyndication.com
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
308 KB
39 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 320
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 367
286 KB
23 google.com
cse.google.com — Cisco Umbrella Rank: 4454
accounts.google.com — Cisco Umbrella Rank: 126
www.google.com — Cisco Umbrella Rank: 17
adservice.google.com — Cisco Umbrella Rank: 134
ampcid.google.com — Cisco Umbrella Rank: 2413
region1.analytics.google.com — Cisco Umbrella Rank: 3868
194 KB
22 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
pix.eu.criteo.net — Cisco Umbrella Rank: 5787
csm.eu.criteo.net — Cisco Umbrella Rank: 5892
431 KB
21 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7063
c.mgid.com — Cisco Umbrella Rank: 5191
cdn.mgid.com — Cisco Umbrella Rank: 9490
servicer.mgid.com — Cisco Umbrella Rank: 7215
s-img.mgid.com — Cisco Umbrella Rank: 4955
cm.mgid.com — Cisco Umbrella Rank: 1967
201 KB
14 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 724
ads.pubmatic.com — Cisco Umbrella Rank: 732
st.pubmatic.com — Cisco Umbrella Rank: 1576
image6.pubmatic.com — Cisco Umbrella Rank: 922
image2.pubmatic.com — Cisco Umbrella Rank: 1407
simage2.pubmatic.com — Cisco Umbrella Rank: 979
image8.pubmatic.com — Cisco Umbrella Rank: 886
simage4.pubmatic.com — Cisco Umbrella Rank: 1586
24 KB
14 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 866
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10346
ads.eu.criteo.com — Cisco Umbrella Rank: 5761
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7537
dis.criteo.com — Cisco Umbrella Rank: 941
gum.criteo.com — Cisco Umbrella Rank: 481
mug.criteo.com — Cisco Umbrella Rank: 1946
60 KB
14 adnxs.com
r2b2-emea.adnxs.com — Cisco Umbrella Rank: 99640
etarget-emea.adnxs.com — Cisco Umbrella Rank: 38196
ib.adnxs.com — Cisco Umbrella Rank: 313
secure.adnxs.com — Cisco Umbrella Rank: 690
90 KB
11 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1881
prg8.smartadserver.com — Cisco Umbrella Rank: 19692
5 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 317
218 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
114 KB
6 eu-1-id5-sync.com
eu-1-id5-sync.com — Cisco Umbrella Rank: 1531
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1556
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1785
35 KB
6 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 681
8 KB
6 google.de
adservice.google.de — Cisco Umbrella Rank: 5594
www.google.de — Cisco Umbrella Rank: 3590
ampcid.google.de — Cisco Umbrella Rank: 44162
2 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 415
3 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 407
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 715
3 KB
5 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 688
6 KB
5 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 743
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819
4 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
4 KB
4 ipromcloud.com
cdn.ipromcloud.com — Cisco Umbrella Rank: 139491
a.ipromcloud.com — Cisco Umbrella Rank: 205472
88 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 352
117 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
189 KB
4 jixie.io
hb.jixie.io — Cisco Umbrella Rank: 37753
traid.jixie.io — Cisco Umbrella Rank: 34013
2 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 883
eb2.3lift.com — Cisco Umbrella Rank: 571
2 KB
4 kompas.com
asset.kompas.com — Cisco Umbrella Rank: 31179
apis.kompas.com — Cisco Umbrella Rank: 42371
3 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 457
921 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1095
821 B
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6929
867 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
231 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1165
68 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 678
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 1002
1 KB
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1256
2 KB
2 iprom.net
de-core.iprom.net — Cisco Umbrella Rank: 730472
565 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4359
890 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1432
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
20 KB
2 openx.net
kompascybermedia-d.openx.net — Cisco Umbrella Rank: 50652
u.openx.net — Cisco Umbrella Rank: 977
512 B
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1259
168 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 207
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
87 KB
2 r2b2.io
delivery.r2b2.io — Cisco Umbrella Rank: 40977
log.r2b2.io — Cisco Umbrella Rank: 45845
91 KB
2 tribunnews.com
medan.tribunnews.com — Cisco Umbrella Rank: 139699
35 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1229
761 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 723
726 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5036
104 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 989
463 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1999
63 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 361
5 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 951
441 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 475
10 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 jixie.media
scripts.jixie.media — Cisco Umbrella Rank: 30234
26 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1607
411 B
1 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 16242
182 B
367 56
Domain Requested by
32 t-2.tstatic.net medan.tribunnews.com
22 tpc.googlesyndication.com medan.tribunnews.com
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
19 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
medan.tribunnews.com
18 t-1.tstatic.net medan.tribunnews.com
t-1.tstatic.net
16 static.criteo.net delivery.r2b2.io
ads.eu.criteo.com
t-3.tstatic.net
static.criteo.net
16 t-3.tstatic.net medan.tribunnews.com
15 pagead2.googlesyndication.com medan.tribunnews.com
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
12 www.google.com 2 redirects cse.google.com
medan.tribunnews.com
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
tpc.googlesyndication.com
11 securepubads.g.doubleclick.net medan.tribunnews.com
securepubads.g.doubleclick.net
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
www.googletagservices.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
8 cdn.mgid.com medan.tribunnews.com
jsc.mgid.com
7 bidder.criteo.com delivery.r2b2.io
t-3.tstatic.net
6 fastlane.rubiconproject.com t-3.tstatic.net
6 prg8.smartadserver.com t-3.tstatic.net
5 x.bidswitch.net 5 redirects
5 search.spotxchange.com t-3.tstatic.net
5 etarget-emea.adnxs.com delivery.r2b2.io
5 prg.smartadserver.com delivery.r2b2.io
5 r2b2-emea.adnxs.com delivery.r2b2.io
5 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.gstatic.com medan.tribunnews.com
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
5 fonts.googleapis.com medan.tribunnews.com
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
client
4 cm.mgid.com jsc.mgid.com
4 image2.pubmatic.com ads.pubmatic.com
4 pix.eu.criteo.net ads.eu.criteo.com
4 s0.2mdn.net medan.tribunnews.com
s0.2mdn.net
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 googleads.g.doubleclick.net 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
medan.tribunnews.com
4 jsc.mgid.com securepubads.g.doubleclick.net
jsc.mgid.com
4 www.googletagservices.com medan.tribunnews.com
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
4 region1.analytics.google.com www.googletagmanager.com
3 traid.jixie.io scripts.jixie.media
3 simage2.pubmatic.com 1 redirects ads.pubmatic.com
3 match.adsrvr.org 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
ads.pubmatic.com
scripts.jixie.media
3 cdn.ipromcloud.com medan.tribunnews.com
cdn.ipromcloud.com
3 ups.analytics.yahoo.com 3 redirects
3 eb2.3lift.com 2 redirects
3 onetag-sys.com 2 redirects medan.tribunnews.com
3 d5p.de17a.com 3 redirects
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.google.de medan.tribunnews.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 accounts.google.com t-1.tstatic.net
accounts.google.com
3 apis.kompas.com t-1.tstatic.net
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com medan.tribunnews.com
www.googletagmanager.com
3 maxcdn.bootstrapcdn.com medan.tribunnews.com
maxcdn.bootstrapcdn.com
2 image8.pubmatic.com 2 redirects
2 gum.criteo.com 1 redirects medan.tribunnews.com
2 id5-sync.com eu-1-id5-sync.com
2 lbs.eu-1-id5-sync.com eu-1-id5-sync.com
2 lb.eu-1-id5-sync.com eu-1-id5-sync.com
2 eu-1-id5-sync.com jsc.mgid.com
2 s-img.mgid.com medan.tribunnews.com
jsc.mgid.com
2 servicer.mgid.com jsc.mgid.com
2 c1.adform.net 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 de-core.iprom.net 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
medan.tribunnews.com
2 pr-bh.ybp.yahoo.com 1 redirects
2 ads.avct.cloud 2 redirects
2 googleads4.g.doubleclick.net medan.tribunnews.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 targeting.unrulymedia.com t-3.tstatic.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 sb.scorecardresearch.com medan.tribunnews.com
2 connect.facebook.net medan.tribunnews.com
connect.facebook.net
2 medan.tribunnews.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 u.openx.net
1 mug.criteo.com
1 c.mgid.com jsc.mgid.com
1 dis.criteo.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 a.ipromcloud.com medan.tribunnews.com
1 image6.pubmatic.com ads.pubmatic.com
1 log.r2b2.io delivery.r2b2.io
1 dclk-match.dotomi.com 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
1 cms.quantserve.com 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
1 code.createjs.com s0.2mdn.net
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 st.pubmatic.com cdn.jsdelivr.net
1 ads.pubmatic.com cdn.jsdelivr.net
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 secure.adnxs.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 cdn.jsdelivr.net 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
1 ads.eu.criteo.com 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com medan.tribunnews.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 www.facebook.com medan.tribunnews.com
1 scripts.jixie.media www.googletagmanager.com
1 a.teads.tv t-3.tstatic.net
1 hb.jixie.io t-3.tstatic.net
1 htlb.casalemedia.com t-3.tstatic.net
1 hbopenbid.pubmatic.com t-3.tstatic.net
1 kompascybermedia-d.openx.net t-3.tstatic.net
1 prebid-asia.creativecdn.com t-3.tstatic.net
1 tlx.3lift.com t-3.tstatic.net
1 asset.kompas.com medan.tribunnews.com
1 cse.google.com medan.tribunnews.com
1 delivery.r2b2.io medan.tribunnews.com
367 106

This site contains links to these domains. Also see Links.

Domain
www.tribunnews.com
www.tribunnewswiki.com
style.tribunnews.com
travel.tribunnews.com
wow.tribunnews.com
newsmaker.tribunnews.com
video.tribunnews.com
www.tribunjualbeli.com
health.tribunnews.com
trends.tribunnews.com
jakarta.tribunnews.com
wartakota.tribunnews.com
bekasi.tribunnews.com
banten.tribunnews.com
tangerang.tribunnews.com
depok.tribunnews.com
jabar.tribunnews.com
bogor.tribunnews.com
cirebon.tribunnews.com
jateng.tribunnews.com
solo.tribunnews.com
banyumas.tribunnews.com
muria.tribunnews.com
pantura.tribunnews.com
jogja.tribunnews.com
jatim.tribunnews.com
surabaya.tribunnews.com
suryamalang.tribunnews.com
mataraman.tribunnews.com
madura.tribunnews.com
bali.tribunnews.com
aceh.tribunnews.com
prohaba.tribunnews.com
gayo.tribunnews.com
sultra.tribunnews.com
palembang.tribunnews.com
bangka.tribunnews.com
batam.tribunnews.com
belitung.tribunnews.com
babel.tribunnews.com
padang.tribunnews.com
bengkulu.tribunnews.com
pekanbaru.tribunnews.com
jambi.tribunnews.com
sumsel.tribunnews.com
lampung.tribunnews.com
kupang.tribunnews.com
flores.tribunnews.com
banjarmasin.tribunnews.com
kaltim.tribunnews.com
kalteng.tribunnews.com
kaltara.tribunnews.com
manado.tribunnews.com
gorontalo.tribunnews.com
sulbar.tribunnews.com
pontianak.tribunnews.com
palu.tribunnews.com
makassar.tribunnews.com
lombok.tribunnews.com
ternate.tribunnews.com
ambon.tribunnews.com
papua.tribunnews.com
papuabarat.tribunnews.com
www.tribunnetwork.com
www.gramedia.com
ebooks.gramedia.com
www.youtube.com
www.facebook.com
instagram.com
twitter.com
news.google.com
www.tiktok.com
account.tribunnewswiki.com
tribunmedanwiki.tribunnews.com
tribunmedantravel.tribunnews.com
shopping.tribunnews.com
www.kgmedia.id
Subject Issuer Validity Valid
tribunnews.com
Amazon		 2022-07-05 -
2023-08-03		 a year crt.sh
tstatic.net
Amazon		 2022-07-05 -
2023-08-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
1838731126.rsc.cdn77.org
R3		 2022-10-20 -
2023-01-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
kompas.com
Amazon		 2022-04-03 -
2023-05-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.jixie.io
Sectigo RSA Organization Validation Secure Server CA		 2022-04-30 -
2023-05-31		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.jixie.media
Sectigo RSA Organization Validation Secure Server CA		 2022-08-28 -
2023-09-28		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.r2b2.io
AlpiroSSL ECC DV CA		 2021-10-19 -
2022-11-18		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.eu-1-id5-sync.com
E1		 2022-11-04 -
2023-02-02		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh

This page contains 31 frames:

Primary Page: https://medan.tribunnews.com/
Frame ID: DCAF6C1A314265D8F28F95CA1267A45C
Requests: 180 HTTP requests in this frame

Frame: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: BBFD329EC1DCF1066807963B3AB2E7C6
Requests: 1 HTTP requests in this frame

Frame: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: EC2FFDB23AC0FF6DA077D8BC7ED7311D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: D6FEC57F7091E89DDF710B96E0114D8B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: A29388522613FEDC750461C1B9ED69E0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: CDD676FF39BB13510C985CE746E3677C
Requests: 13 HTTP requests in this frame

Frame: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: BD91C8FBFB633C2716409F62020DBF65
Requests: 15 HTTP requests in this frame

Frame: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 23775FB135F9F1C991BB4FFB6A036F52
Requests: 10 HTTP requests in this frame

Frame: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: EEB975265C11CBEC82A5F5C59746D9A3
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: 34B30405B33E3948BEC838CBDFFD522B
Requests: 12 HTTP requests in this frame

Frame: https://jsc.mgid.com/t/r/tribunnews.com.1210784.js
Frame ID: 7F9D30789209C3DE7E744B06755340F9
Requests: 19 HTTP requests in this frame

Frame: https://jsc.mgid.com/t/r/tribunnews.com.1181811.js
Frame ID: 5F300F4CCBD9A7990A7C7F344C172D55
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_sSxDOkOwBGLGK7tUBMAE&v=APEucNU4HpbjDheV9jLTur0TFZsD7B8VgelvW_uzqI2ht6AHUUbDiXO8jOaqZgMreXt_Jhdy2DPutOdShQ7-xHGYeHA0kzFA-uExcSfnznNaHVS9mFWQy3OV1g_uY97456qtEzgvSeOLKmC38y4Dn1iO5TMK6lpsULcrZsijLugONsuHgoqX73g
Frame ID: 5A158DB4A048C1136E197EB61C54E3E4
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Frame ID: 6AFC287B8E95878D9DE80300045E843E
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 120E167082268AAA8A9BF605C1A6259D
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ipromcloud.com/ipromNS.js
Frame ID: 0294058A06FAF29289264DE98639D80E
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 97A3BF212E0A16E19C277F775E74E244
Requests: 8 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156479&siteId=961895&adId=4462245&adType=10&adServerId=243&kefact=0.046076&kaxefact=0.046076&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1667962082&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.041299&dcId=3&tldId=0&passback=0&svr=BID22633U&adsver=_58432382&adsabzcid=0&cls=BID&i0=0x3100000000000000&ekefact=4hRrY-DHBADFncAu-IUl56SU-bbSNuen8xZ2GrnJGTuMUdDi&ekaxefact=4hRrY_XHBAA6eXnvDAj9bmiuk9zqqUaeyh_3Mlq_fUOqliTh&ekpbmtpfact=4hRrYwfIBADWiKgepNu0o9y6-A3knAUPoj6lhHWsymCyZAiU&enpp=4hRrYxjIBAAzv--IkXqChQSXmoiflv2yDPyCqPEwHSgM_C-y&pfi=1&domId=7137948530833482826&dc=AMS&crID=1002293&lpu=www.portoroz.si&ucrid=9967652842780484261&campaignId=23357&creativeId=0&pctr=0.000000&wDSPByrId=518&wDspId=1277&wbId=0&wrId=0&wAdvID=1283542&wDspCampId=176006&isRTB=1&rtbId=6C27811F-9C23-4B0A-9CC4-ABA50E48F13B&cksum=BDE554FD871E1070&ver=2&dateHr=2022110902&imprId=DA8571D8-047B-4509-BD66-A6404C1178B3&oid=DA8571D8-047B-4509-BD66-A6404C1178B3&cntryId=58&sec=1&pAuSt=3&wops=0&sURL=medan.tribunnews.com&BrID=5
Frame ID: F0F66DB99E6B6F911B5F7AE3E6DCFB61
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14262351684860381711/728x90_R42_Alemania/728x90_R42_alemania.html
Frame ID: 370BB61BA0EB56A737AFC2079B33643D
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 410C10D28AB8E55A9A5DA26F2D8CC97B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E08F7C1E6D3818A14BC964ADEB763B27
Requests: 3 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6255431256272086534
Frame ID: FA9BAAFC57769BDD79A5C3D3B3B14941
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c1f5636b-14e4-4400-a145-cf6c006fd218&gdpr=0&gdpr_consent=
Frame ID: 5164987E09C31B2924236DB5ACCB8877
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 389B98738E97645B59A997F090D4DADC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F33F0C0E-D372-4006-9D31-A0EE0DCD713B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 0B3A9094F6D93F98474372960D546339
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2455387110921716327&gdpr=0&gdpr_consent=
Frame ID: CCDD5C2C7DB95FA02B919072EA1A49D9
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1667962084496514332983
Frame ID: 3885C3D4452B0FF9DA7875C62FAD9C1C
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1667962084511270676457
Frame ID: 6ACFEEDC3B217C2228FD25A4B7D30F8C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=medan.tribunnews.com
Frame ID: 7B8BDF04C068D0A57160B937635CBED3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D50E5BEDD8A2D0C0672109B50C614617
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 60CE0E7C85A5869E443DB5756A6FF8FD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tribun-medan.com - Berita Terkini Medan

Page URL History Show full URLs

  1. http://medan.tribunnews.com/ HTTP 301
    https://medan.tribunnews.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

367
Requests

92 %
HTTPS

47 %
IPv6

56
Domains

106
Subdomains

91
IPs

14
Countries

3673 kB
Transfer

11763 kB
Size

67
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://medan.tribunnews.com/ HTTP 301
    https://medan.tribunnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 229
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWYOwzoO2_iBNtvoGqYl5U&google_cver=1
Request Chain 231
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2sU47IEFbVLuucReTZNMwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWYOwzoO2_iBNtvoGqYl5U&google_cver=1
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEoo5VX6gArtG3ncY-Fgopk&google_cver=1
Request Chain 233
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ1NTM4NzExMDkyMTcxNjMyNw%3D%3D
Request Chain 234
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 237
  • https://um.simpli.fi/gp_match?google_gid=CAESEDqzSyuOFbg0SemXJIWZxQk&google_cver=1&google_push=ASkJ3Fb18umx-bzVnqTWdrxozaM6bNfKuuLPu28iktUpdXeL0kCETYKpNtWlXZM2losXbxytB3JnQmlpnAFwan-bipiSjKe--gSM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5D7C610D4B95421A95AC369DD908FD52&google_push=ASkJ3Fb18umx-bzVnqTWdrxozaM6bNfKuuLPu28iktUpdXeL0kCETYKpNtWlXZM2losXbxytB3JnQmlpnAFwan-bipiSjKe--gSM
Request Chain 238
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEPJUihmXrmv2ZQpKh-fWPY8&google_cver=1&google_push=ASkJ3FaoFLpUDVp0N8ToTraJw9ubI2U1Q9feU0aJ7LP_mhD1Kp0kDhEnGlQDfI5ol0kh8WfBX-0XDt4WGmFqz-QfHQqE3nTEvCih HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPJUihmXrmv2ZQpKh-fWPY8&google_cver=1&google_push=ASkJ3FaoFLpUDVp0N8ToTraJw9ubI2U1Q9feU0aJ7LP_mhD1Kp0kDhEnGlQDfI5ol0kh8WfBX-0XDt4WGmFqz-QfHQqE3nTEvCih HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaoFLpUDVp0N8ToTraJw9ubI2U1Q9feU0aJ7LP_mhD1Kp0kDhEnGlQDfI5ol0kh8WfBX-0XDt4WGmFqz-QfHQqE3nTEvCih
Request Chain 239
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPPxfeS3pPtEPose3LUbuo8&google_cver=1&google_push=ASkJ3FbF4Yf2_ycjvy2EZjope1TsjQb_hBfNEy6JXWNrwGlEmgBoHA6MLmN_E1iTCL5OnrAlTZuab4W7bFmAe7D9cM2V_0lAPcS9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FbF4Yf2_ycjvy2EZjope1TsjQb_hBfNEy6JXWNrwGlEmgBoHA6MLmN_E1iTCL5OnrAlTZuab4W7bFmAe7D9cM2V_0lAPcS9
Request Chain 240
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHZOYV6Ra_WtEubviBqbU_w&google_cver=1&google_push=ASkJ3FYPi6oaeY6tnOQhz8sk5XY0b2NqpVCU22Rn8AtU9911UeT3OW86l1Eogaa5W4xqyxGK7Nwoq5TtmOR1LbUMl98CyvENDds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYPi6oaeY6tnOQhz8sk5XY0b2NqpVCU22Rn8AtU9911UeT3OW86l1Eogaa5W4xqyxGK7Nwoq5TtmOR1LbUMl98CyvENDds
Request Chain 241
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPSXMN3ti7iRASOxWGEu1RU&google_cver=1&google_push=ASkJ3FZ4pkybyCsBIQnlwmC7ENajVIW22bpO9kyqsJiR61qll26RbV9vpbGlE9Q8EDksQJSQTPhuFX6NJIsvXg6bEGQzPje4Ci8 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FZ4pkybyCsBIQnlwmC7ENajVIW22bpO9kyqsJiR61qll26RbV9vpbGlE9Q8EDksQJSQTPhuFX6NJIsvXg6bEGQzPje4Ci8&google_gid=CAESEPSXMN3ti7iRASOxWGEu1RU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4OTcyNDU2OTI2MzUwMTc1NzMyNQ%3D%3D&google_push=ASkJ3FZ4pkybyCsBIQnlwmC7ENajVIW22bpO9kyqsJiR61qll26RbV9vpbGlE9Q8EDksQJSQTPhuFX6NJIsvXg6bEGQzPje4Ci8
Request Chain 242
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENBm-uwEM_MYC3eHO5lM-QA&google_cver=1&google_push=ASkJ3Fb9DBBx_XtxKm3g4W8eeLrdlYG3ooOACrdgsTTO1fZhRMFqq_cLL5-vRZQc3Ov5Eh2LTZHypR7jfSR5rhTcyhrqx_DTvVBw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENBm-uwEM_MYC3eHO5lM-QA&google_cver=1&google_push=ASkJ3Fb9DBBx_XtxKm3g4W8eeLrdlYG3ooOACrdgsTTO1fZhRMFqq_cLL5-vRZQc3Ov5Eh2LTZHypR7jfSR5rhTcyhrqx_DTvVBw&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HYWFVdlpkRTJ1RU0uX284Ukxxcmpnblh3RHBjcmlNQX5B&google_push=ASkJ3Fb9DBBx_XtxKm3g4W8eeLrdlYG3ooOACrdgsTTO1fZhRMFqq_cLL5-vRZQc3Ov5Eh2LTZHypR7jfSR5rhTcyhrqx_DTvVBw
Request Chain 243
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEGwhhSuSswudRwEkr7zbt4&google_cver=1&google_push=ASkJ3FZTGtJ_7rKJPRX0mpffihEdwRDdBfeNzcbWJRYtsCQz_LsyaKlQbGdz9pd9bzAyDnNtDok-SgDD7ISx3XqzLrLIsYHShyyd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQ1NTM4NzExMDkyMTcxNjMyNw%3D%3D&google_gid=CAESEEGwhhSuSswudRwEkr7zbt4&google_cver=1&google_push=ASkJ3FZTGtJ_7rKJPRX0mpffihEdwRDdBfeNzcbWJRYtsCQz_LsyaKlQbGdz9pd9bzAyDnNtDok-SgDD7ISx3XqzLrLIsYHShyyd
Request Chain 285
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELN5AlE4dzW3p0OQ1a0nSvI&google_cver=1&google_push=ASkJ3Fa9_Rn7z1c7wF9NoHd1CEZ81NOKgHQbvyVuHkQSdbRBEx-KYiee7BH8K7FPs3TqZhK92uFt_JC2l7pfA0TGOjhyJ2utOSM HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELN5AlE4dzW3p0OQ1a0nSvI&google_cver=1&google_push=ASkJ3Fa9_Rn7z1c7wF9NoHd1CEZ81NOKgHQbvyVuHkQSdbRBEx-KYiee7BH8K7FPs3TqZhK92uFt_JC2l7pfA0TGOjhyJ2utOSM HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=727f9ad9-7e01-480e-bb0b-9f6f6f81ee7a&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fa9_Rn7z1c7wF9NoHd1CEZ81NOKgHQbvyVuHkQSdbRBEx-KYiee7BH8K7FPs3TqZhK92uFt_JC2l7pfA0TGOjhyJ2utOSM&google_hm=Q-OQFf_fQImU6t9PknUXgw==
Request Chain 286
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEA47ghyfwqdKHm2Ffnx2FGc&google_cver=1&google_push=ASkJ3FbUmpHalie-blqnGYyvRQvvp8WbeGk8SeSa2O1R93a2Gy8fm--6JrQB2BTQKi9z1-iAYmQZ2T76DimRZAV0yYbG2fMh49k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FbUmpHalie-blqnGYyvRQvvp8WbeGk8SeSa2O1R93a2Gy8fm--6JrQB2BTQKi9z1-iAYmQZ2T76DimRZAV0yYbG2fMh49k&google_hm=ODgzNzQ2NzY5OTM2NDgwNDIxNA%3D%3D
Request Chain 287
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENBm-uwEM_MYC3eHO5lM-QA&google_cver=1&google_push=ASkJ3FZnLaQkxzoypXArJgLhbm4TWO_vOUprO0qinYyZfaAV35pIGv8FakSDfi9e4OyPThgw7AhbNQE1HeMLQ7yPQ0PJ80IXPMgr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HYWFVdlpkRTJ1RU0uX284Ukxxcmpnblh3RHBjcmlNQX5B&google_push=ASkJ3FZnLaQkxzoypXArJgLhbm4TWO_vOUprO0qinYyZfaAV35pIGv8FakSDfi9e4OyPThgw7AhbNQE1HeMLQ7yPQ0PJ80IXPMgr
Request Chain 288
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHZOYV6Ra_WtEubviBqbU_w&google_cver=1&google_push=ASkJ3FbZ6I3rQR7f0Czwp_9qicqHASrRV--rCn9qtCaqqPerjwN3735LaJS1YyoOwrv8tCGVgracKloY3RvYN_XTQwYtP2xTck76 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FbZ6I3rQR7f0Czwp_9qicqHASrRV--rCn9qtCaqqPerjwN3735LaJS1YyoOwrv8tCGVgracKloY3RvYN_XTQwYtP2xTck76 HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 303
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6255431256272086534
Request Chain 304
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c1f5636b-14e4-4400-a145-cf6c006fd218&gdpr=0&gdpr_consent=
Request Chain 306
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F33F0C0E-D372-4006-9D31-A0EE0DCD713B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F33F0C0E-D372-4006-9D31-A0EE0DCD713B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 307
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2455387110921716327&gdpr=0&gdpr_consent=
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjMzRjBDMEUtRDM3Mi00MDA2LTlEMzEtQTBFRTBEQ0Q3MTNC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 309
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBrBZEUmM1ArmbidNSoCqm4&google_cver=1
Request Chain 311
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8974553998113243072
Request Chain 360
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=tribunnews.com&sn=ChromeSyncframe&so=0&topUrl=medan.tribunnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=2tEqJnw5blVzdWs5aHkvZGxMaWFOOWduN2FnbXJIWGNaUDRaTGlZSkdMeXZGeWZMY1FnOVo4VVdyY1pMZS92VG9NODBPeXd6NjNsSTRTdFExUmNuV3dtZ1NrQXJKYlYyaXNQOWVjN1JXd2JrUThYZkJ1ZEFqSDBOZndMZ1RqSDJUSGF3Mkk5MmRNS2cwb0w2d2lxaTJXUGtIMzhRQTd6NUh3REhKbTQvSVl6cHUrSTN3OE5ncVVUT1lVYWxzZ0wySXlWb3RYaGNYWXpQV3EyaG5GMTU3WmFEYkJuR2t6VE1FVXZvWVZaYU5qYThRbnkyYVJoUStmOWx5cTBKckRIK2hMaXB5ODhTZzR6TW5wb0VpRys3WkxoSXB4VjdtdmVxdTdBSFJSRWZCbjM0eW1jcz18&cppv=2
Request Chain 369
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479 HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084922454641992&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=43e39015-ffdf-4089-94ea-df4f92751783&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/F33F0C0E-D372-4006-9D31-A0EE0DCD713B?gdpr=0&gdpr_consent=

367 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
medan.tribunnews.com/
Redirect Chain
  • http://medan.tribunnews.com/
  • https://medan.tribunnews.com/
232 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-96.fra56.r.cloudfront.net
Software
TribunOS /
Resource Hash
9053e0044b44e599ddc499c02fe7f71113aa1ed623c68df99633a000ca960467
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tstatic.net fonts.google.com adservice.google.co.id adservice.google.com *.gstatic.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google-analytics.com datastudio.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io *.jixie.io *.criteo.com i.connectad.io *.mgid.com *.facebook.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
141
cache-control
no-store, no-cache, must-revalidate no-transform
content-encoding
br
content-security-policy
frame-ancestors 'self' *.tstatic.net fonts.google.com adservice.google.co.id adservice.google.com *.gstatic.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google-analytics.com datastudio.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io *.jixie.io *.criteo.com i.connectad.io *.mgid.com *.facebook.net
content-type
text/html; charset=UTF-8
date
Wed, 09 Nov 2022 02:45:40 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy
geolocation=();notifications=();push=();sync-xhr=();fullscreen=(self);
pragma
public
referrer-policy
strict-origin-when-cross-origin
server
TribunOS
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-id
q_rnenN4uC8FOPBKK8DbjTZ7aUI8RyT9Yh6x-eg4xuR6nGcDorb1jg==
x-amz-cf-pop
FRA56-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Security-Policy
frame-ancestors 'self' *.tstatic.net fonts.google.com adservice.google.co.id adservice.google.com *.gstatic.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google-analytics.com datastudio.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io *.jixie.io *.criteo.com i.connectad.io *.mgid.com *.facebook.net
Content-Type
text/html
Date
Wed, 09 Nov 2022 02:48:01 GMT
Location
https://medan.tribunnews.com/
Pragma
public
Referrer-Policy
strict-origin-when-cross-origin
Server
TribunOS
Via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
X-Amz-Cf-Id
bAoI6-yeWYImHyHN_Wq-Y2k286g4kW0vScsP1OMiVdzkwRp0wU84Fw==
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Redirect from cloudfront
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
style_daerah_web_20221017.css
t-1.tstatic.net/css/theme21/ 		48 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/css/theme21/style_daerah_web_20221017.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b6a43a7f24c942e8f1ed28c87453afdd7f05a75dc8fdc74a98b857e0732866c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 08:40:34 GMT
x-amz-version-id
XVdtPTO.xgQ7wMux83pJU_XrqnX79Ojf
content-encoding
br
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1706847
x-amz-meta-sha256
1b6a43a7f24c942e8f1ed28c87453afdd7f05a75dc8fdc74a98b857e0732866c
x-cache
Hit from cloudfront
last-modified
Mon, 17 Oct 2022 06:13:53 GMT
server
AmazonS3
etag
W/"24e1ec6c73acf58b5a55a6fc89223099"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
x-amz-cf-id
p7lJU8aF6xUk4apVIWmgmwQDeQrBUaoFNQBjVhTPU6Xgks7yFkZwkQ==
x-amz-meta-s3b-last-modified
20221017T061228Z
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
24858347
cdn-cachedat
2021-06-08 14:23:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
990eb37a8813a99367bd383681b974a4
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
76733a229acb91e9-FRA
cdn-requestpullsuccess
True
jquery-1.8.3.min.js
t-1.tstatic.net/js/jquery/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/jquery/jquery-1.8.3.min.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:04:58 GMT
x-amz-version-id
null
content-encoding
br
last-modified
Wed, 25 Mar 2015 04:27:56 GMT
server
AmazonS3
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"e1288116312e4728f98923c79b034b67"
age
1255383
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-id
m8OKKIvJ7g73IDAdnVWZMV4bPjYujzyy5U0cNNLIZznvX1U9cO80uQ==
expires
Tue, 24 Mar 2015 16:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26611e4f579c7c6d9bd06c96e10d7780c5da29037b9ac1571a4b953f27b5fd31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27322
x-xss-protection
0
server
sffe
etag
"1388 / 885 of 1000 / last-modified: 1667948827"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 09 Nov 2022 02:48:01 GMT
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 01:24:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Nov 2022 02:48:01 GMT
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 01:22:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Nov 2022 02:48:01 GMT
jquery.fancybox_2.min.css
t-1.tstatic.net/js/fancybox2.1.3/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/fancybox2.1.3/jquery.fancybox_2.min.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 02:53:18 GMT
x-amz-version-id
null
content-encoding
br
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
777284
x-amz-meta-sha256
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a
x-cache
Hit from cloudfront
last-modified
Wed, 10 Jun 2020 05:52:59 GMT
server
AmazonS3
etag
W/"9dba4b0617628815180b9c368b6bf56e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
x-amz-cf-id
u1VvD04GuRXVHqLeEdeDGtRu231QdLnF90-5gAyV-XAQl3D0uJ-PRA==
x-amz-meta-s3b-last-modified
20200610T055203Z
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617
age
21109612
cdn-cachedat
2021-06-08 21:08:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
76733a229acc91e9-FRA
cdn-requestpullsuccess
True
tribun.1.8-20190807.js
t-1.tstatic.net/js/tribun/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/tribun/tribun.1.8-20190807.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92d6b966c3b2fb58c469e35de5c5cdf8cdaa30ea9bb7a3e15e1b86765f892452

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 01:53:28 GMT
content-encoding
br
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Mon, 08 Jul 2019 09:23:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1817673
x-amz-meta-cb-modifiedtime
Mon, 08 Jul 2019 09:22:04 GMT
etag
W/"be91403c70880ee1b6e1f2ee7540a674"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=2592000, public
x-amz-cf-id
iFfG3CGO3Etq3XHEK20pVYeWaOaTQeLbL1IOJTcxbutwOBIlq4GClw==
jquery.bxslider.mini.js
t-1.tstatic.net/js/bxslider/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/bxslider/jquery.bxslider.mini.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
130368e1880972a560164d6a42407eb853179a8eb98aa11b3ec7605296dfe775

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date
Thu, 03 Nov 2022 09:15:28 GMT
last-modified
Wed, 25 Mar 2015 04:27:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
495154
etag
W/"d7163e041d3b536a19694784ad2ec6da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-id
seWp_SgvhvGvSsJwUjB3xgqThwZX7g1hrUbFVx1Ivil90m1y3G78Xw==
expires
Tue, 24 Mar 2015 16:00:00 GMT
jquery.fancybox.pack.js
t-1.tstatic.net/js/fancybox2.1.3/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/fancybox2.1.3/jquery.fancybox.pack.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ff9d4ae2b3407b031e3359007ff4d7ac9e0b342f25ce44c77d3cb7f14f65043

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
br
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date
Wed, 02 Nov 2022 02:19:53 GMT
last-modified
Wed, 25 Mar 2015 04:27:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
606647
etag
W/"38b8a249b8b955e0c789a490847d9cc5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-id
oe1w5RmWNAn0gsPg9JlCibSPqgDXR-330k0N6QNcfvKIOdwIw9lCFg==
expires
Tue, 24 Mar 2015 16:00:00 GMT
tribunnews.com_desktop
delivery.r2b2.io/hb/kompasGramedia/ 		315 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
120eccb83458748d291aef61dd5ea425addd4408c384eed78f977e5e36d411ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
631
content-length
92477
x-77-nzt
AdRmOI2zdj3/dwIAAA
x-accel-expires
@1667963250
adt-powered-by
slim
server
CDN77-Turbo
etag
031f737af1d0c7e90971a00afbb1dc00
x-77-nzt-ray
61iJ9mbEXkI
content-type
text/javascript; charset=utf-8
cache-control
s-maxage=1800
accept-ranges
bytes
prebid6.29.1-19082022.js
t-3.tstatic.net/ads/prebid/ 		333 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f35bb4bcaf2396e85660c9e3d973f2096814c4953cabf71cd308611ed932d8af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:01:58 GMT
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 04:21:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
1586764
etag
W/"23986ded528aca6846a7a14814957cff"
x-amz-meta-cb-modifiedtime
Fri, 19 Aug 2022 04:20:37 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=2592000, public
x-amz-cf-id
BvjKfFeoaJNIa5_cEudO1lWZasSIuJ1kEXjCwkkfvsBSX9Zuycwjjw==
glightbox.min.css
t-1.tstatic.net/css/glightbox/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/css/glightbox/glightbox.min.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 04:54:03 GMT
x-amz-meta-cache-control
max-age=2592000, public
content-encoding
br
x-amz-version-id
null
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1547639
x-amz-meta-sha256
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
x-cache
Hit from cloudfront
last-modified
Fri, 08 May 2020 08:14:16 GMT
server
AmazonS3
etag
W/"7443f26fb8ef9bb0368d931f2b1f1cb5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
x-amz-cf-id
S8UbNrT9Rqe0r8VOthVX8dgNSs9_FuoYRX_NooPnUBv2DiKZXDSAvA==
x-amz-meta-s3b-last-modified
20200331T194635Z
glightbox.min.js
t-1.tstatic.net/css/glightbox/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/css/glightbox/glightbox.min.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 05:37:24 GMT
x-amz-meta-cache-control
max-age=2592000, public
content-encoding
br
x-amz-version-id
null
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
2495438
x-amz-meta-sha256
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
x-cache
Hit from cloudfront
last-modified
Fri, 08 May 2020 08:14:31 GMT
server
AmazonS3
etag
W/"c8e60c852f16b93503708e1b27423274"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-id
uUHJoU0tGelF9AUmLBpcgTa_q2bufui8UVJz3ZPoBAHOSa08WvmEOw==
x-amz-meta-s3b-last-modified
20200331T184655Z
sdk.js
connect.facebook.net/id_ID/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/id_ID/sdk.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e21b7721a9e959aed3bd48d0d9540e6a5474862bd7a4325889356ebbc38a23f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://medan.tribunnews.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 09 Nov 2022 02:48:01 GMT
content-md5
14gsxzb6syQd7HwKU4uqSA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
L3EqUOJBCkpOf60dAAsBByfTg3Mt8GJpEvi3rHVW4wIvGZ3p33YVzWgUrs1pWaDKHAAg7nwB6D3NHTI8KqPpPg==
x-fb-trip-id
917726464
x-fb-content-md5
927b1ab05c1361f4d30f8504a187a706
cross-origin-opener-policy
same-origin-allow-popups
etag
"823151d98b1d7a2f27fdaf3037039917"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Wed, 09 Nov 2022 02:51:04 GMT
tribunmedan.svg
t-1.tstatic.net/img/logo/daerah/svg3/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-1.tstatic.net/img/logo/daerah/svg3/tribunmedan.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a8cdf7c03a39d4aa2f2830f3f05f3a54bb441b6991f91afd2aaa9f7165f26c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:04:31 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 22 Feb 2018 09:01:50 GMT
server
AmazonS3
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"19dc44a6afc974f446d568155d12d5c5"
x-amz-meta-cb-modifiedtime
Thu, 22 Feb 2018 08:54:16 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000, public
age
1586610
x-amz-cf-id
y1rO7QWEKwKW_BS1DOQsmYasoUaxmE8GQmPHPtbo5Mmjl98McTIsZQ==
cse.js
cse.google.com/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=05d7b8ef00c5d4a0b
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
028c6a8af88f84ef91d1263ec6e88d087ead24462df7f3684e78585e687a6adf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server
gws
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3001
x-xss-protection
0
expires
Wed, 09 Nov 2022 02:48:01 GMT
Logo_T_blue.svg
t-1.tstatic.net/img/logo/tribun/svg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-1.tstatic.net/img/logo/tribun/svg/Logo_T_blue.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date
Tue, 01 Nov 2022 21:46:30 GMT
last-modified
Sat, 15 Aug 2015 14:25:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
622892
x-amz-meta-cb-modifiedtime
Fri, 24 Jul 2015 09:49:00 GMT
etag
W/"2881375fb0f9e7fc4d0a2f42434696e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000, public
x-amz-cf-id
YOdlJNPoMiLUycqvGCmJRmZmphDuWINFpOZjpCyfYwA7RI7RjdWJiQ==
Inilah-wajah-8-polisi-berpangkat-Bripda-yang-diduga-menyerang-RS-Bandung.jpg
t-2.tstatic.net/medan/foto/bank/images2/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/images2/Inilah-wajah-8-polisi-berpangkat-Bripda-yang-diduga-menyerang-RS-Bandung.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfb821a412dd39129f52a774d8c9abb96a149f202bbaec1121a2c760b1cd54a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 14:45:10 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 13:20:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
129772
etag
"f45ae0d5c980b1018177929f69027366"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
73882
x-amz-cf-id
QjLwQYICs4dGiUMJmaYQe7zpw_wGjgFIGEKvwb8WTTFfUhDXnsxG8w==
ferdy-sambo-ismail-bolong-tribunmedan.jpg
t-2.tstatic.net/medan/foto/bank/images2/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/images2/ferdy-sambo-ismail-bolong-tribunmedan.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a95f9d9d49b752e0a911a68038ce6b765e98426e151666841e246319d8c3eee0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:32:32 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 22:31:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
930
etag
"64184bdd46a396edf5c3260b09ba554f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
34649
x-amz-cf-id
JnF2SjbQJX0EwfZfjLI7Msn4tgNfhJROoItt0_VaBX8b4eA_EhVipA==
Sosok-Pemeran-Kebaya-Merah-Viral.jpg
t-2.tstatic.net/medan/foto/bank/images2/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/images2/Sosok-Pemeran-Kebaya-Merah-Viral.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82d50266429d4d44805d84a951eeae98de6d4a5f7c6883e4fa829bf5eed4a499

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 17:33:20 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Sun, 06 Nov 2022 17:12:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
206082
etag
"5a157d3fd05858b14df3b01d0256f4da"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
40747
x-amz-cf-id
jTigyJlluA2a7C7WjH-0fYTwtGuHShMqYmQa2ZQT7TBEyeYr329yMw==
manuel-neuer_20160929_141103.jpg
t-2.tstatic.net/medan/foto/bank/images2/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/images2/manuel-neuer_20160929_141103.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
378b3aac9f23f23a601eeb907c602a5d021fde41ea7ba208980f68fd52c783ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 11:35:37 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2016 07:12:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
54745
etag
"e4a87393b2b0ce794698f2b1cd68d349"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
25230
x-amz-cf-id
vi-s-P2XV2A9faWapOpfCBi8fEoew4thfk188CT9oG8j3ioEChp7Cw==
Isu-perang-Indonesia-VS-Australia.jpg
t-2.tstatic.net/medan/foto/bank/images2/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/images2/Isu-perang-Indonesia-VS-Australia.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7b087c59e41f61baab97ccc71a85e0ff3647f3ad45fb9f505a942906d819a31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 11:12:22 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 05:30:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
56140
etag
"dbeb852dfa5e1d5e5f717b60e08ae0c8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
77935
x-amz-cf-id
DkZ37LfDjoVxZYMrNuqMBo0X_-H6T59P70MxpLg_-kyEYuVDRJ9eFA==
Inilah-wajah-8-polisi-berpangkat-Bripda-yang-diduga-menyerang-RS-Bandung.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Inilah-wajah-8-polisi-berpangkat-Bripda-yang-diduga-menyerang-RS-Bandung.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f2636910ed5d720a958d71951e547a8879f2cac5bc78148be1995820f3be25d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 13:25:50 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 13:20:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
134532
etag
"bdc44e6c468add305f633b9c902023ad"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5574
x-amz-cf-id
SjLJUOYTi4K0ushz19ON-0ZrEVbOpzlSAu_4ewVLf8gqcQUSiki0hw==
ferdy-sambo-ismail-bolong-tribunmedan.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/ferdy-sambo-ismail-bolong-tribunmedan.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
044fc3eb59e779c96e8687063bc41697b7e19970fa22ee68f570c20edbbebb7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 22:53:56 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 22:31:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
14046
etag
"1f4a6fae9b905fe627fc8ecf4e9a090a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3876
x-amz-cf-id
Id2Ja7Enc0LrLywD3K09PQ2FMoLptopoFD1SdoA11gxvkYsIvFG-vA==
Sosok-Pemeran-Kebaya-Merah-Viral.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Sosok-Pemeran-Kebaya-Merah-Viral.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e5b68d7ccd08ea80ad68cce44ecd39fe69c8f3801baf4bc7bf02c2c63984ca5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 17:24:54 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Sun, 06 Nov 2022 17:12:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
206588
etag
"ecd2b070ccef6e75853e88c10006f6d2"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4197
x-amz-cf-id
ZO5byUnpslel1bNJH1sMME8-mC1PDbGzagJ-d-gHhbhmkLLpx0j6pQ==
manuel-neuer_20160929_141103.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/manuel-neuer_20160929_141103.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d83f151c7f401a8a986e57dc81e6507fc728cdd09f55c65497d81cb88b83cf0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 00:32:57 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2016 07:12:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
94505
etag
"19feec265b8e8c320916ec1c070e80af"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4243
x-amz-cf-id
5779BY-hRfYiGEHvvDZX68T-SR6reQLxwiDWWU88foOhEVhX79NbXw==
Isu-perang-Indonesia-VS-Australia.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Isu-perang-Indonesia-VS-Australia.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91969c1090d53c593d7010c2588d2c720982abcbf50eceb9850326dc48aeaf6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 05:34:38 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 05:30:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
76404
etag
"3ac02faece26447af39cb822c87fdbd7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6291
x-amz-cf-id
3r8I-bFL3Ft-7LNtCAB4-jWtlBRXGQGCC34m2zAl_k264FgEEeP_9A==
jack-grealish-dan-guardiola.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/jack-grealish-dan-guardiola.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
823e185db968ecdf493e30586db0c1b541e3d729bab4b3dc2b0e1e864cdaf1ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:45:42 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Sun, 08 Aug 2021 04:41:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
140
etag
"5b92fc6ac6b5354ed6841ba3c1fd574c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5174
x-amz-cf-id
xgNVX0g9e-p0ONXgQiDCxtCkQGr0FIxpVR_bnzECiSAkhZ6QXJg77g==
Donor-Darah-Sehat-Bersama.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Donor-Darah-Sehat-Bersama.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad38dc2d166ec7163422df767ecb7b4681aa13145e46a7964e94f93b95dbaad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:45:42 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 02:38:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
140
etag
"36781bc0386b6016480acba52650af52"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5534
x-amz-cf-id
3cJshoJj9eJ4nxgTndynvO-YAc34d6NdPSlURn4zaRltAaQRgOc7Qg==
DAMSON-Sebut-Yosua-Temperamen-dan-Kerap-Marah-marah-Merasa-Berkuasa-di-Rumah-Ferdy-Sambo.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/DAMSON-Sebut-Yosua-Temperamen-dan-Kerap-Marah-marah-Merasa-Berkuasa-di-Rumah-Ferdy-Sambo.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a73e24517e0d1a39ed5e04f7a21bcfde42cd60be7f8c875d7938973a75a836e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:43:18 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 02:37:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
284
etag
"c7885bdf6024b228d8478aa2353bb092"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5482
x-amz-cf-id
3JYjcPIJ8mnzBVcbmZYHp9At6AD0C5k3ahMStBLPq0yvtIQAVK_vKA==
16-besar-uefa-champions.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/16-besar-uefa-champions.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b37a91fac51b23f29eafeb913010bf4e41a6bdf0d4703dc9298bcf929165ae3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 11:46:16 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 11:37:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
140506
etag
"c520ba351feeaa408ac06ea919819972"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5473
x-amz-cf-id
s4E5qMsWNZoPxJjy4mxlbb661g5_14Y9du_obmdI21TKJ4JfJtLOBA==
7-tahanan-kabur-Rutan-Klas-IIB-Sipirok.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/7-tahanan-kabur-Rutan-Klas-IIB-Sipirok.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f77866ff60225d671556ef89598c6d1e99b81643bedbc95d7f7ec0816cd1659f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 02:28:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
1048
etag
"5c2c89eca2054ac1b3b38124744c8373"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4638
x-amz-cf-id
DiiIUknqdqmbG91e5mUgOEqo3zguB5_-_NMOFnygRvDMjCehoVt_XA==
emak-emak-hutan-mangrove.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/emak-emak-hutan-mangrove.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
817c3c0e8004e8edb21061dee878f7d8fa85cea76eae2f3db6b9403d6310161b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 03:26:53 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 03:24:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
84069
etag
"69a6d8fd3bac2e03a7035a657973e2e0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5263
x-amz-cf-id
6fZcZ1BKTv-INfXeNntnXbzkfx1QXK-YvMs1L-nOQFNsjbTyHMcejw==
tribunshopping.svg
t-1.tstatic.net/img/logo/tribun/svg/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-1.tstatic.net/img/logo/tribun/svg/tribunshopping.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99dd300f70b33cff7246c8e19268061eefb84cab54398ed804ff215f8db32c77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
KWsm2Pnz2B_tmAlNi.BGzmhH1OmkB_pG
content-encoding
gzip
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date
Thu, 27 Oct 2022 07:49:14 GMT
x-amz-cf-pop
FRA60-P4
age
1105127
x-amz-meta-sha256
99dd300f70b33cff7246c8e19268061eefb84cab54398ed804ff215f8db32c77
x-cache
Hit from cloudfront
last-modified
Mon, 12 Apr 2021 05:37:16 GMT
server
AmazonS3
etag
W/"449ce3df281678ce0bd54d92009c5e8a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000, public
x-amz-cf-id
5V-Q32RpkswUWiJX6OU02Zh_-2m55JX9TR9ygGQVSyq3qZOOooFa9w==
x-amz-meta-s3b-last-modified
20210405T052030Z
goto-veto-vacuum-cleaner.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/goto-veto-vacuum-cleaner.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f03c6e02aa965f94f17f3063279a345c0ffb41648202a229f9bd3702f4c2341

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:32:31 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 10:52:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
40531
etag
"806b88f2f558b31408b44105965ae851"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5354
x-amz-cf-id
oa9_T4-yDNOaDKvrBLAE-jiKfXjryeawtEWOi4h3lsUAPicwPBZyYQ==
ice-coorel-notebook-cooler.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/ice-coorel-notebook-cooler.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4730daad5fb2bac2d6868018aa47a1366d69e0c46cd432a98fab2dced26d61ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:32:31 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Thu, 28 Apr 2022 10:17:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
40531
etag
"7d1f31040be645b28b12d1399cb7fa54"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3842
x-amz-cf-id
LFOLstvg3RJ8fXgkfxxKFznj1OFKMtcdi93o2H6GCuISE7PbxzNZIg==
kulit-wajah-kusem.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/kulit-wajah-kusem.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f0229ab7b7b060ff56be2899983c7d6a4b9ba036e992690f40a9a4d875ef984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:33:08 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 10:01:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
40494
etag
"2208b53405af6090af70ffe711af3533"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3227
x-amz-cf-id
NgxfImfINSkOjKckrYuOLXO6UX212MIhI7BMEHSqThAgoA8VZlWhyg==
kipas-harus-rajin-dibersihkan-agar-udara-yang-dihasilkan-lebih-bersih.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/kipas-harus-rajin-dibersihkan-agar-udara-yang-dihasilkan-lebih-bersih.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae27903ac0710c9faf2f50a91764597a8e22e8047b4289d71588c118ed776800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:33:08 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 08:22:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
40494
etag
"3dd7fd08ff3b0732fcb4b01442f7967a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3778
x-amz-cf-id
1YXnL2JnQAWvDgaaXrfIPiCZu3AKaWbmQ29QOVExr9KbN5A5H_DoMQ==
logitech-webcam-c270-hd.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/logitech-webcam-c270-hd.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0728accf6e1f227a9b89845a044afef5dacdf8f451989ed974e9f6639fdcd937

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:33:08 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Thu, 21 Apr 2022 02:36:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
40494
etag
"151ed7d1ce742b22a375823305019409"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3921
x-amz-cf-id
TnGc0F7dhb2a9LLXTkXIhe86CBhXcaI3Tv1XJ00B5HOFQ_6ObfaudA==
Sosok-Pemeran-Wanita-Kebaya-Merah-Dicari.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Sosok-Pemeran-Wanita-Kebaya-Merah-Dicari.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
347ea568fa76cd677b93d8751795bdaa2dea47b046e6f81144315799e01acbcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 17:57:49 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Sun, 06 Nov 2022 17:46:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
204613
etag
"bc1293f9fddea8184c0133e473ab706f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3063
x-amz-cf-id
9kkVjBeDRN061STai6Jky3sj03E92QZD6Mwn8jGYNk0vNxVwTlv0uQ==
Iwan-bule-ketum-PSSI.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Iwan-bule-ketum-PSSI.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
726e0b8a396348134d195d62a53eb3506586bf6058d4ec99c4f3762a46d75478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 08:12:05 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Mon, 31 Oct 2022 08:10:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
758157
etag
"134276cd4cf0553432493f0513451b25"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5330
x-amz-cf-id
zu3cLbS5e8lBuCk2992WVUBuZFiKyi7pTLwZQVeZvAu5vfOx_3lTww==
Akibat-Banjir-Pengiriman-Ikan-Asin-jadi-terkendalagg.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Akibat-Banjir-Pengiriman-Ikan-Asin-jadi-terkendalagg.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adf8bdbabb55f51df938ee7384454e81471bf5c5857f072853edbe316f2b880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:07:16 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 17:05:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
34845
etag
"5187c345cdc3f69dd0e80cdf0dacd9d9"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6335
x-amz-cf-id
Z9GnTzlmBv7mVxkT49O6Kt4MOeQviImMPYx0_qhhvcB0MgY0RuMoAg==
iis-dahlia-ancam-suami-satrio-dewandono-okee.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/iis-dahlia-ancam-suami-satrio-dewandono-okee.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e9bcb9fb091ac3fba889e2203f4145c496a2e1a97ed53c92831a29b23e92400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 12:16:22 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 17:59:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
52300
etag
"3c688a6014b0f48d7d9d13015be3f889"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4856
x-amz-cf-id
z0pkNJuUhtCoZeHbGtutgJR7A4EFx3K1ipzj5DyRqfjHO33rKz7YyA==
Lydia-Kandou-Ternyata-Sudah-Punya-Kekasih-Baru.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Lydia-Kandou-Ternyata-Sudah-Punya-Kekasih-Baru.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42a6562cb56831b97e3a808dbe75c1aaec8fd338b332b1aa4dd34440342e0a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 12:08:04 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 22:20:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
52798
etag
"3d8e872c46a617a4d6d306207d46970b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4783
x-amz-cf-id
K40nCWSqRJBpAObGASiMG8BxyAgGVsHYfrEU_2sx1psExUVfSs4VLQ==
brigadir-j-chuck-putranto-tribunmedan.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/brigadir-j-chuck-putranto-tribunmedan.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d18c444bd70933a905716388632a8c7326e5c8aaa98130789082e29a338525c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:45:42 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 00:13:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
140
etag
"98680be353b4864a840437033b03159f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5462
x-amz-cf-id
xrhgOVChv8XdNE8rTmA0vN2Y-K-FQ18Kgr6YaWTsmvDK15lyzq2f8w==
Aneh-Nomor-HP-Brigadir-J-Mendadak-Aktif-dan-Keluar-dari-Grup-Keluarga.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Aneh-Nomor-HP-Brigadir-J-Mendadak-Aktif-dan-Keluar-dari-Grup-Keluarga.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0bfa83177776f16b76c20f0f10f48630c410a4802c1aa20d793613e3c54debbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:45:42 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 13:19:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
140
etag
"c629109918a88ce6e95616534e8a1278"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5320
x-amz-cf-id
TCRCkiv2PsJ_dUX1v1dS__Mk16MdWYQMnJJA_x_rLy8nS58KhRdltw==
Inilah-Tim-Senegal-Sadio-Mane-Cs-Ditakuti-di-Piala-Dunia-Qatar.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Inilah-Tim-Senegal-Sadio-Mane-Cs-Ditakuti-di-Piala-Dunia-Qatar.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88677e3212f08097e57ee9aa5637e19495993ff787018d78d8409f78d226c78d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:45:42 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 23:50:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
140
etag
"623371b66d075498039e697fdf5f676e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5977
x-amz-cf-id
AwmUleek2F1N6LAzOis5GE5AjwIjtI6FdLrvC0AS3exNIgVUprmXWw==
Bripda-Tito-Tampubolon-penyerang-RS-Bandung.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Bripda-Tito-Tampubolon-penyerang-RS-Bandung.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9428a0815b121f5d67fedd4c6f41cd7daf59d6cb101acc96bd3172ce85c3681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 02:55:31 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 02:54:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
85951
etag
"d83de72984ef57e8c81c80734c886ef6"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5507
x-amz-cf-id
an9iRBFJmU6exFdWyJ-_aqhptaaP8Xf7HrKHF6k4SBisnV9u_me8jw==
Kamaruddin-Simanjuntak-dan-Brigadir-J.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Kamaruddin-Simanjuntak-dan-Brigadir-J.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94e3aa1e0713a67ebddc226229b3492e772e16a128a32b16e784488548216e72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 23:44:07 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 23:52:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
11035
etag
"de74f80497810d8f61b83426c1bf2a7a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5781
x-amz-cf-id
5FiNJO0NMpDaJ7HS5dcGhbV0ZWRmbC9pBricIEtMCqwWE1tyfVvqHA==
Aurel-Hermansyah-Atta-Halilintar-pfowf.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Aurel-Hermansyah-Atta-Halilintar-pfowf.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
054ce6577c5c6089e14aebc65ac639ddbc66fb9459ab9784ddbd9c51fa123b7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:29:12 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 05:14:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
929929
etag
"4ff5c390e72c0f7544fe62f2c863d9cd"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4870
x-amz-cf-id
yIk8-PHd6fqZ08aBjQWQTj1Hln19DQn3pjxX1x67CqSTAjtEuvb_DA==
tjb_small.png
t-1.tstatic.net/img/logo/tribuniklan/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-1.tstatic.net/img/logo/tribuniklan/tjb_small.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f9ecb8e1c41aeeb8983591498e78e82342ca1fd4be35250764c5494f4ccd05a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 21 Oct 2022 19:21:11 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
last-modified
Wed, 25 Mar 2015 04:27:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1582011
etag
"d3e661155656ba666f8431241e75089c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
6045
x-amz-cf-id
zIS4khuhj9dhqMRV7oj3ur8LltJocjTvB88pFaCHize0pomWF3uarQ==
expires
Tue, 24 Mar 2015 16:00:00 GMT
1-1607162071-Tanah-sentral-Canggu-Berawa-Bali-view-sawah-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560110/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560110/1-1607162071-Tanah-sentral-Canggu-Berawa-Bali-view-sawah-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
badec949b73175097cbe5d6bacad2b8bb327c4d0939eace1a2975418940782f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 16:19:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
4158
etag
"1cab6aa9fb97384c3785382858503c4e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3056
x-amz-cf-id
x37Fpb_jXxENstQ0_hG3_vA7T74ANAHMyjZnQ58RttejEO5ti8Ziaw==
1-1857356203-Rumah-Tinggal-Perumnas-3-Bulak-Kapal-Bekasi-Timur-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560058/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560058/1-1857356203-Rumah-Tinggal-Perumnas-3-Bulak-Kapal-Bekasi-Timur-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ab88ceba97e0038e73d25ed8cbc7d377a81dca0327a569d61346d1083984b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 12:37:23 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 12:03:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
51039
etag
"15aee003645af8ae1f75fcde8530c51e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3781
x-amz-cf-id
KKc03JFi5DsWVd4mcxIhDLbVq-yAl1zT4vIRW5N5aCX9dgSNmaYghw==
1-1756237200-Rumah-di-jual-ciledug-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560099/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560099/1-1756237200-Rumah-di-jual-ciledug-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
958a9dfac97be53f97adbff36738769aacae18cb0b2a24bdd7d5744ea2b2bd65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 14:42:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
4158
etag
"75712cd6fd9d57b9725b3fca76202ee8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4487
x-amz-cf-id
FsUWZW1DAnYFjzB87MqPb8XvHLPHIfYoISnlzljCP1mnZhde0kCvVg==
1-1300195050-Rumah-Citraland-Palma-Grandia--Surabaya-----Low-Budget-Property.-thumb.jpg
t-3.tstatic.net/jualbeli/img/2021/3/2372459/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2021/3/2372459/1-1300195050-Rumah-Citraland-Palma-Grandia--Surabaya-----Low-Budget-Property.-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba9f40d1854c8a80885f6911ccd5b407ceaabb6a310bd9e3436ebb29e66e47b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Thu, 25 Mar 2021 15:11:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
4158
etag
"22e1fab40c79c903d2f0a3720d161c63"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3635
x-amz-cf-id
yh5hAD4LCXqjpDQ7Yh8RCal-Co64V4ecg8A9b3wkrtRqO4PVYf91dw==
1-420427902-Rumah-2-Lantai-Murah-Dekat-Kampus-UAD-dan-Kota-Jogja-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560087/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560087/1-420427902-Rumah-2-Lantai-Murah-Dekat-Kampus-UAD-dan-Kota-Jogja-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44237d6f7b954abc0c4e4ecb391c1166c989132a853dcec3b0bc63bb0b1f8a43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 13:28:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
4158
etag
"5d7a8059aa235e30bae070d933a01c30"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3152
x-amz-cf-id
S4nffSvGCp9WYGGpLKCqmHM0JoaCqUuJ-vrBLJakOLFxUFyNmBNUrQ==
1-738925861-Rumah-Semi-Furnished-Perumahan-Bumi-Rawa-Tembaga-Jakasampurna-Bekasi-Barat-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560143/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560143/1-738925861-Rumah-Semi-Furnished-Perumahan-Bumi-Rawa-Tembaga-Jakasampurna-Bekasi-Barat-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d365251d0034548751123752d1b00b716d2ef730e67f57f689438cf8a2d9e85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 00:51:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
4158
etag
"a2737ca4d9121fc3b19c1c647ef4cac9"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3598
x-amz-cf-id
92Ol_Ud5ou9gYGsgrmtrD4A0poUvpTqruGJGH8DBnLopo0qbhgsCEQ==
1-1837099396-DIJUAL-RUMAH-CANTIK-SIAP-HUNI-200-JUTAAN-DEKAT-BANTUL-KOTA-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560136/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560136/1-1837099396-DIJUAL-RUMAH-CANTIK-SIAP-HUNI-200-JUTAAN-DEKAT-BANTUL-KOTA-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b095db73501882c8569a7857c6511c4dfb3be5dbd4d0a60c9969d919cd0b0d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 00:37:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
4158
etag
"77a9f820963697b5f1a06ed645be1904"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3866
x-amz-cf-id
8p6ygqlb52kkXb6j-lSAjrOtryN4TQzksPe6aHKwWtTRQ4P4rHkquw==
1-1134192794-Miliki-Vlla-Mewah-di-tempat-Wisata-kelas-Internasional-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560133/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560133/1-1134192794-Miliki-Vlla-Mewah-di-tempat-Wisata-kelas-Internasional-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
647dcbc3049856019f815bdcddba2b5561d3f87ac2c5e98ff1f09f38edfd8e5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 23:28:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
4158
etag
"0e0aba922d96584ff0b191482c56bdb4"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3096
x-amz-cf-id
kS4xizD5G7zbeZseqWdC1j-qP8Jl6NFkzaLnZfX2a1M7s13BtEIS1A==
1-2099384858-Komplek-Perumahan-Green-Garden--Rumah-Dekat-Kantor-Polsek-Sungai-Raya-Kubu-Raya-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560132/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560132/1-2099384858-Komplek-Perumahan-Green-Garden--Rumah-Dekat-Kantor-Polsek-Sungai-Raya-Kubu-Raya-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83ff9988e815c6492c161c43ca007675ec54d7c7f221093325e5b0271b89aa8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:45 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 23:21:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
4157
etag
"169e1eeb7bf4a1c3af69a9c6d89ef5e7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3517
x-amz-cf-id
aPEO8LawleSY6aDikvKh0jH-UY90V7s3kC-a7kQzP2igAtGGCORjLA==
1-1546448716-RUMAH-LUAS-DAN-MURAH-DEKAT-CANGGU-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560126/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560126/1-1546448716-RUMAH-LUAS-DAN-MURAH-DEKAT-CANGGU-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b05e6218d62af483d488d439a06d95da34ff26df8854d47be13c2693f37e2d3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:45 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 23:00:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
4157
etag
"24be49cda48868feec68c9d5a3e26ec0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3451
x-amz-cf-id
pIMKaFuLTN-XsClV6E_bPEFuEZCzWngPCFVFjeDnsPuaqXYTBxN8GA==
1-1320772412-Rumah-Luas-700-m-Di-Kasemen-Dekat-Terminal-Pakupatan-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560113/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560113/1-1320772412-Rumah-Luas-700-m-Di-Kasemen-Dekat-Terminal-Pakupatan-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c61c9120f5ceaae5b2a05ff1354f51543cbf5aff1491ea216084870920980e86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 00:51:14 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 18:23:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7008
etag
"0b98dc6315adcbe51ca78e467fcefa2e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3102
x-amz-cf-id
RaP53KiZWXNdrkS2do9BbPMPB0v4T81T3AjkRq4coI6UBizQTlc-Aw==
1-1671148778-Rumah-Over-Kredit-Atau-Lunas-Di-Kasemen-Dekat-Kawasan-Banten-Lama-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560112/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560112/1-1671148778-Rumah-Over-Kredit-Atau-Lunas-Di-Kasemen-Dekat-Kawasan-Banten-Lama-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f98455e68cacdf4a309c68b07a5fe4db993695ee437996d4b9b3343f449d9f50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 00:51:14 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 17:12:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7008
etag
"6b1f008ed715005ef62270a6e0e9cac8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3663
x-amz-cf-id
atvqGxTDTi6qV1tmzz-qyIk5oUjE1PSux43zRbPs3gCbTNhjnUZ2Cw==
1-2116601436-Rumah-2-Lantai-Terlaris-Gaya-SCANDINAVIAN-di-Mampang-Pancoran-Dekat-Stasiun--dan--Tol-Sawangan-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2559095/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2559095/1-2116601436-Rumah-2-Lantai-Terlaris-Gaya-SCANDINAVIAN-di-Mampang-Pancoran-Dekat-Stasiun--dan--Tol-Sawangan-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac55e1bb592dafcd166e05eb2ff3c87dd283e6cdadce14da6b4e2d97a5354224

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 10:28:35 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 09:16:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
145167
etag
"7925a727c96d257a5421d455cc91e4d0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3387
x-amz-cf-id
eJMsgh4yeNFkotP2dmbHr194s4rubSg-bxB2XHmMMc5h1yQXw84H5A==
1-299434775-Jual-ruumah-di-comdet-jakkttiim-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2555651/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2555651/1-299434775-Jual-ruumah-di-comdet-jakkttiim-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc453b09b4ab460df1b7c7e88e33b13f12a73f355ff0f3b4b934e929867baa3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 09:42:33 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Thu, 03 Nov 2022 04:03:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
493529
etag
"a324e4ce43518a69c14247a4f5aaf0fb"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2926
x-amz-cf-id
cT7vmMiW0_2fi2MI9BHFf85DGKlGl8wUFnXXfkcsVGWZfmKumlN4JQ==
1-1513603957-Rumah-Tlogosari-Siap-Untuk-Dihuni-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560074/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560074/1-1513603957-Rumah-Tlogosari-Siap-Untuk-Dihuni-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae2b09edcf7adea52bb3eafb3d085fccf11cfc19c5cc94c9464af1877984aa39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 13:04:37 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 12:31:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
49405
etag
"28c082743fa391534f645e64ac550ca7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3536
x-amz-cf-id
K4mNLxwoKMYMBmDVLZNOr4EDUm0NfdH_tx6Thd1Hsk9MOjn8B7oMHg==
lozad.min.js
t-1.tstatic.net/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/lozad.min.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 04:14:54 GMT
x-amz-version-id
null
content-encoding
br
last-modified
Fri, 31 May 2019 01:51:20 GMT
server
AmazonS3
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"34b722949a97a9f6734cd66d940531ce"
x-amz-meta-cb-modifiedtime
Fri, 31 May 2019 01:49:18 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=31536000, public
age
3277988
x-amz-cf-id
BtUdCFakkNPLNLwIjmdIREg5jmYYUs3rKfIU8uThWozmafsYoO9akA==
firebase-app.js
www.gstatic.com/firebasejs/5.5.6/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-app.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 19:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12419
x-xss-protection
0
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 Nov 2023 19:13:46 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.5.6/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-messaging.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 21:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10096
x-xss-protection
0
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 21:52:10 GMT
kgnotif_tribun.js
t-1.tstatic.net/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/kgnotif_tribun.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df4f9c3d7d11a4ba21b585bfdaff006aa925b32c3ec626969a38a5036a5aa03e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 04:52:56 GMT
x-amz-version-id
o90oKk95.kQcQjo2jl5g8uZJQM55rPPc
content-encoding
br
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1547706
x-amz-meta-sha256
df4f9c3d7d11a4ba21b585bfdaff006aa925b32c3ec626969a38a5036a5aa03e
x-cache
Hit from cloudfront
last-modified
Tue, 09 Nov 2021 09:46:35 GMT
server
AmazonS3
etag
W/"923baa9abb9b96a2804d3114a8ba3016"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-id
xPM9D79ZZLCWcr9rmWbyCR-tz66EbFGeiI9RiI3u1vejJf9NMXRYXw==
x-amz-meta-s3b-last-modified
20211108T081414Z
sso_g_signin.min-1.2.js
t-1.tstatic.net/js/kgmedia/tribunnews/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.2.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f061b380e02f436858e76db0520500568d2fd4555863a2bb9b4ea3e617891c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
9BXIgNJob9bJF2m_mf40rheLI1N070kc
content-encoding
gzip
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date
Wed, 26 Oct 2022 02:08:27 GMT
x-amz-cf-pop
FRA60-P4
age
1211975
x-amz-meta-sha256
6f061b380e02f436858e76db0520500568d2fd4555863a2bb9b4ea3e617891c0
x-cache
Hit from cloudfront
last-modified
Fri, 23 Sep 2022 09:32:32 GMT
server
AmazonS3
etag
W/"5c701b18c97c0ad7481c2ce1220bc726"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-id
ujVOw9mqm7v2Rp6v8fcSwDkkt8EVxlfoIMRCDVnH1FC8ZbDNFo82Tg==
x-amz-meta-s3b-last-modified
20220923T093716Z
extender.min.js
asset.kompas.com/data/2021/sso/js/ 		1000 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2021/sso/js/extender.min.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-21.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
67a09458aa2b97d54491755dcf3d3d00298de54799b49fded2de6db24e103a94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Sat, 28 Oct 2023 03:25:27 GMT
x-amz-version-id
MOZ46XzJdcFn1e02WvQVITzvQ0X1BXOD
content-encoding
gzip
via
1.1 b26a5eb677aed7368a2c7fd7f1d673dc.cloudfront.net (CloudFront)
date
Fri, 28 Oct 2022 03:25:27 GMT
x-amz-cf-pop
AMS1-P1
age
1034554
x-amz-meta-sha256
67a09458aa2b97d54491755dcf3d3d00298de54799b49fded2de6db24e103a94
x-cache
Hit from cloudfront
last-modified
Wed, 21 Sep 2022 22:43:02 GMT
server
nginx
etag
W/"826a4aaed58c0b038c78fad576e7b0d4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
FEXau3y_tFg1Fy-exHXMjEnDm0VC69TYz1xFPcHwXks7zctxtMA8Hg==
x-amz-meta-s3b-last-modified
20220921T224110Z
ssouser.min-1.0.js
t-1.tstatic.net/js/kgmedia/tribunnews/ 		827 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/kgmedia/tribunnews/ssouser.min-1.0.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79aa57c367c93a86fbf20383e55c0d23134f8b2184d78fcd0661296c3550cce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 03:57:21 GMT
x-amz-version-id
wa3d33yDjakIiwa0gH3t3kxmqgs5QhxR
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1896641
x-amz-meta-sha256
79aa57c367c93a86fbf20383e55c0d23134f8b2184d78fcd0661296c3550cce9
x-cache
Hit from cloudfront
content-length
827
last-modified
Tue, 18 Oct 2022 03:41:04 GMT
server
AmazonS3
etag
"e5941d7143a2c0798f2801a0b57bce01"
content-type
application/javascript
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
vt3Vuqk8g_xY6YIhmJbikcDQVKCYtnoZncWuicDiw8iZ0lgNdC1j6A==
x-amz-meta-s3b-last-modified
20221018T033928Z
gtm.js
www.googletagmanager.com/ 		248 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c7049490571fbaf8fbe6ec97ae894142b304cc9b352d3af62a40135ae8ad17f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80094
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Nov 2022 02:48:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 18:50:24 GMT
x-content-type-options
nosniff
age
115057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 18:50:24 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617, 617, 617, 617
age
174998
cdn-cachedat
2021-06-08 21:22:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56780
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c77fece8de88b583637a288214bfb709
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
76733a232edfbb59-FRA
cdn-requestpullsuccess
True
pubads_impl_2022110301.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 22:33:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15284
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131019
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 08:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Nov 2023 22:33:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		409 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=medan.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f9790594ea01903178ad509cddbb3d58b5ff680804be1c0fdbb09ff81f72237
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
168
x-xss-protection
0
expires
Wed, 09 Nov 2022 02:48:01 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 05:43:41 GMT
content-encoding
gzip
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
77266
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
CWbGqrcPL7k_PEGWdHbf6iza2tqMZfYjhFedIUChngC04OoWvvWnkA==
matlok_memilih.png
t-1.tstatic.net/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-1.tstatic.net/img/matlok_memilih.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e169cf4f2fde53ff50ff2ecb38b0df2cbc613aaf3b93b2e52202cad8ce93a8bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:57:52 GMT
x-amz-version-id
T0clr0qUHmWxhANs7kCSWhmPkvyvy8UK
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1583410
x-amz-meta-sha256
e169cf4f2fde53ff50ff2ecb38b0df2cbc613aaf3b93b2e52202cad8ce93a8bd
x-cache
Hit from cloudfront
content-length
1055
last-modified
Mon, 12 Sep 2022 03:56:24 GMT
server
AmazonS3
etag
"7c3cd375a8dc8d79a2afc6e5395fe8e8"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
FCWw4-iJhsMS7iNOB6wk5yDBbIF-sS9SjEvHsoWIM3cKm02ti8z6Ww==
x-amz-meta-s3b-last-modified
20220909T085209Z
user
apis.kompas.com/api/activity/ 		87 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/activity/user
Requested by
Host: t-1.tstatic.net
URL: https://t-1.tstatic.net/js/jquery/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-30.ams1.r.cloudfront.net
Software
nginx / PHP/7.3.28
Resource Hash
0af2d22c11f2ba0844ce3028a5dbb3c37062579527404c2f81d3019a2fa08553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
via
1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS1-P1
x-powered-by
PHP/7.3.28
x-cache
Miss from cloudfront
mail-subject
Join_via_header
we-hiring
jobs@kompas.com
content-length
87
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
cache-control
private, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, X-Requested-With
x-amz-cf-id
QJzTcqXkMh85PNq5e82-lGe2BRJUhB9Ao6_rTmFNTUTgciDnv4FJKA==
expires
-1
client
accounts.google.com/gsi/ 		191 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: t-1.tstatic.net
URL: https://t-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a7e260959c0dd98e9b2d17fee09954ba0c5faa81bffad13b1c7a8074ff1d57b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-tBSMuy1_80wbgSvkgcsN5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-tBSMuy1_80wbgSvkgcsN5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 09 Nov 2022 02:48:02 GMT
cse_element__de.js
www.google.com/cse/static/element/f275a300093f201a/ 		302 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/f275a300093f201a/cse_element__de.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=05d7b8ef00c5d4a0b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4cc3c4828ca3466dd9ae6fc32714aa6dc832c16205e709d78ff886275c39329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 14:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
390024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103343
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:37:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 04 Nov 2023 14:27:38 GMT
default+de.css
www.google.com/cse/static/element/f275a300093f201a/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/f275a300093f201a/default+de.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=05d7b8ef00c5d4a0b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 14:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
390024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:37:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 04 Nov 2023 14:27:38 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=05d7b8ef00c5d4a0b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 09 Nov 2022 03:24:20 GMT
sdk.js
connect.facebook.net/id_ID/ 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/id_ID/sdk.js?hash=ad0cd79680ffb25b9d0b872a13165a7c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/id_ID/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
32db6f7e4924750677b824d2f27932c85e7222fb93710a6e445bf69c37b93fc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://medan.tribunnews.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 09 Nov 2022 02:48:02 GMT
content-md5
KuX5+pY6UxMjK+KHTHy1Aw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86928
x-fb-rlafr
0
x-fb-debug
xHq+DA9XwMz77/tYDYiGeK0ZFudW60UJY4OWX4KQ7mFzKRX1IGxO7BX6wO9n3TyyGqsEvQqsJq6SIoZFV94jug==
x-fb-content-md5
345963206505a6550226e2fc23fb93bf
cross-origin-opener-policy
same-origin-allow-popups
etag
"8ea47f53bfcd46efd1febfc9e3f9feba"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 09 Nov 2023 01:02:45 GMT
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=8077308&cs_it=b3&cv=3.8.0.210223&ns__t=1667962081984&ns_c=UTF-8&c7=https%3A%2F%2Fmedan.tribunnews.com%2F&c8=Tribun-medan.com%20-%20Berita%20Terkini%20Medan&c9=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:01 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
uZZeN807CKmcx4Ywd3DF3d89pRcqkszcJGY0N3sq5zmWXbgqeyDPCw==
x-cache
Miss from cloudfront
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=medan.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=medan.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		153 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3596572478205433&correlator=2168137020119357&eid=31070790&output=ldjh&gdfp_req=1&vrg=2022110301&ptt=17&impl=fifs&iu_parts=31800665%2CTribunMedan%2CHome%2Cvignette&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=3068406939&sfv=1-0-39&ists=1&fas=8&prev_scp=pos%3Dvignette%26page%3Dhome&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1667962082016&lmt=1667962082&dlt=1667962081671&idt=318&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmedan.tribunnews.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1793639517.1667962082&ga_sid=1667962082&ga_hid=1822125748&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0791bb2da48d7832020a6d44caf2117c04419543c7a6a2ae090df4cd6f548ee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44774
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame BBFD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:48:02 GMT
expires
Thu, 09 Nov 2023 02:48:02 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022110301.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022110301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ee392dca9cf6955b327a13a4212fc607bd8b6e01f53237ff2146526d84e0150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13864
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 08:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Nov 2023 14:41:40 GMT
bx_loader.gif
t-1.tstatic.net/css/theme21/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-1.tstatic.net/css/theme21/images/bx_loader.gif
Requested by
Host: t-1.tstatic.net
URL: https://t-1.tstatic.net/css/theme21/style_daerah_web_20221017.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t-1.tstatic.net/css/theme21/style_daerah_web_20221017.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 02:39:20 GMT
x-amz-version-id
Hpwrz52PSL722wx25QIBrifPqiYmzn1T
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
864523
x-amz-meta-sha256
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
x-cache
Hit from cloudfront
content-length
8581
last-modified
Sat, 19 Jun 2021 21:55:45 GMT
server
AmazonS3
etag
"931bdb6b50816b03206c66921760b246"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
QWGgwmnzRJd41HWzUSsNauptCxtFQftM87HX-OQ-86kW_n5bFJdLPw==
x-amz-meta-s3b-last-modified
20210619T215418Z
publishertag.standalone.js
static.criteo.net/js/ld/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://medan.tribunnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400
date
Wed, 09 Nov 2022 02:48:02 GMT
expires
Thu, 10 Nov 2022 02:48:02 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
publishertag.standalone.js
static.criteo.net/js/ld/ 		94 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b0fccf88d0ee7903a0708933b870de0a072ec9cfda9b2b8db5f37c7c8651ef46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/javascript

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-17656"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Nov 2022 02:48:02 GMT
prebid
r2b2-emea.adnxs.com/ut/v3/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.26 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c800b541c1a3fd24fc4db8606cfbd77e1c4a8d25400961f15ecf2e7f8b218f6d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 09 Nov 2022 02:48:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
57adf8a2-987c-4d2e-ad6c-855dc3a5c246
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:01 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ 		234 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=85894362259
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d17a720db0babba37731d05e123ac3c1e63c338f3314990adf9c905a79c7164b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
211
prebid
etarget-emea.adnxs.com/ut/v3/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://etarget-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
da7ab2a16994ad7cc24e95cb002984a2d4297407987103b4a3afc1c7d41f3ddd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 09 Nov 2022 02:48:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dd297988-7b95-428b-abfe-787800df4260
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
r2b2-emea.adnxs.com/ut/v3/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.26 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6a25d5cd9c69f1a5662ac1bea960ed75fa2d343c708f36ada25bd6a1edc1a6f8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 09 Nov 2022 02:48:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c8c25c2a-afa7-4cb6-a2f9-11d0607d6aec
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		232 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=92247387538
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
5634f3625861ee92783372b57954fcbc5ceb7bc7cde2c8347025a0f0ec893d1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
210
prebid
etarget-emea.adnxs.com/ut/v3/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://etarget-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c32337433e919b42ff2a6cdfe96d5b0f7a82b07461ab51bf982a853384dd8c3f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 09 Nov 2022 02:48:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
14d69ba6-0d73-4695-a84c-a51dc1099543
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
r2b2-emea.adnxs.com/ut/v3/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.26 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
95980362f4f7d049ac1e5a561e6691c931da3e1072d424bfe362d3698876f952
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 09 Nov 2022 02:48:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4820b930-8345-4a79-85f5-dc1744a32b44
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		234 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=59385740748
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
2cdfb9177dcf4ce604f890ff83c54ec13a77c770cefcb94300049188eab01a48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
212
prebid
etarget-emea.adnxs.com/ut/v3/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://etarget-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7e7fffeb913f670ca98a9f0320ed4f14ae3eb9739257754881796cc372913952
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 09 Nov 2022 02:48:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
18f8506a-344f-4b6d-8eda-6d7b3c015851
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
r2b2-emea.adnxs.com/ut/v3/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.26 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d82a1066bfe09ee8646ed30bc86c3c8e757d48c921bb115a401b93cea2e0b0d0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 09 Nov 2022 02:48:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b6c4e44d-ddaa-470a-82d2-9cb0bba3daa8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ 		234 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=20765807491
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
866fd1260c875af69792fac179f107a6168cfbef90860d04518537516af2f183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
210
prebid
etarget-emea.adnxs.com/ut/v3/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://etarget-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b6497229dd2dc71ae271999fa16fc39b3c7abf8eeae2c8affcedbdffdc5f8a16
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 09 Nov 2022 02:48:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
87bc74fc-ea92-4790-8c4a-e4e95a834e74
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
r2b2-emea.adnxs.com/ut/v3/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.26 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b6cfe3ffed0f0e2a8e65926e0371426327dcf6919a6f095216975e914d16cddf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 09 Nov 2022 02:48:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 931.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
34761137-a88e-4681-92ad-cb7d4359f8a7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:01 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ 		232 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=7304472380
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d10a8834df7acc85072b18ff1a35c19265ac91e5e1fff8e954875321a96a9c50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
209
prebid
etarget-emea.adnxs.com/ut/v3/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://etarget-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
be893dd9d31367c06e86b5341e239a68373860fb1b526aad37350f840add5bd8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 09 Nov 2022 02:48:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
87197bcf-6ea8-43a4-aa7a-2670b3e49924
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://medan.tribunnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://medan.tribunnews.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 09 Nov 2022 02:48:02 GMT
auction
tlx.3lift.com/header/ 		19 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2Fmedan.tribunnews.com%2F&tmax=2000
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.184.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-184-0.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
accept-ch
sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://medan.tribunnews.com
pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 09 Nov 2022 02:48:02 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
arj
kompascybermedia-d.openx.net/w/1.0/ 		73 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kompascybermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fmedan.tribunnews.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bf2ae61f-a6f9-4f0f-9403-02ead8c26c34%2C4247b4e4-9b56-4444-a465-37d1262d5b5c%2C7bb76f15-0f3e-4a4c-8cf4-d54a95f93dcf%2Ca5331d9c-6558-412e-aafb-e709d75080c1%2C98216fdc-230b-4b79-9dd5-316ffeb52570%2Cea756a31-f4ff-4669-af0b-ec6ce34cd629%2C967e8077-77f1-487b-9494-56a55ffc0849%2C4cc88306-109c-4aeb-8690-808e971fe630&nocache=1667962082099&ttduuid=&aus=728x90%2C970x90%2C970x250%7C160x600%7C300x600%2C300x250%7C300x250%7C300x600%2C300x250%7C300x250%2C300x100%2C1x1%7C320x100%2C320x50%2C1x1%7C640x100%2C468x60%2C320x100%2C1x1&divids=div-Top-Leaderboard%2Cdiv-Left-WideSkyscraper%2Cdiv-Right-MediumRectangle-1%2Cdiv-Right-MediumRectangle-2%2Cdiv-Right-MediumRectangle-3%2Cdiv-Inside-MediumRectangle%2Cdiv-BelowArticles%2Cdiv-BelowImages&aucs=%252F31800665%252FTribunMedan%252FHome%2C%252F31800665%252FTribunMedan%252FHome%2C%252F31800665%252FTribunMedan%252FHome%2C%252F31800665%252FTribunMedan%252FHome%2C%252F31800665%252FTribunMedan%252FHome%2Cdiv-Inside-MediumRectangle%2Cdiv-BelowArticles%2Cdiv-BelowImages&auid=540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f80661f5616a4b167ed3f80e1af1bb911787ad2edeb6ecaea8f0778af7bd574e

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		29 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3af7b0125cb069de003c4dc4c20329007c3bee2208ff134e942d0068cc0a5451

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 09 Nov 2022 02:48:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.1&cb=60698096961
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v1
prg8.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:01 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg8.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:01 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg8.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:01 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:01 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=450352&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2271dfefe365fab38%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmedan.tribunnews.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fmedan.tribunnews.com%2F%22%2C%22domain%22%3A%22medan.tribunnews.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22tribunnews.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A8%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A8%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fmedan.tribunnews.com%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2272d52121cbe1616%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F31800665%2FTribunMedan%2FHome%22%2C%22gpid%22%3A%22%2F31800665%2FTribunMedan%2FHome%22%7D%7D%2C%7B%22id%22%3A%22757def6dba313d1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F31800665%2FTribunMedan%2FHome%22%2C%22gpid%22%3A%22%2F31800665%2FTribunMedan%2FHome%22%7D%7D%2C%7B%22id%22%3A%227670a49cf151c77%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F31800665%2FTribunMedan%2FHome%22%2C%22gpid%22%3A%22%2F31800665%2FTribunMedan%2FHome%22%7D%7D%2C%7B%22id%22%3A%22781d3a07309b796%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F31800665%2FTribunMedan%2FHome%22%2C%22gpid%22%3A%22%2F31800665%2FTribunMedan%2FHome%22%7D%7D%2C%7B%22id%22%3A%2279d5cf147a4c059%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F31800665%2FTribunMedan%2FHome%22%2C%22gpid%22%3A%22%2F31800665%2FTribunMedan%2FHome%22%7D%7D%2C%7B%22id%22%3A%228144bf1c00e3811%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%221x1%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x100%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2283b02d9dd961241%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%221x1%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2286a18b06ba1b885%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%221x1%22%7D%7D%2C%7B%22w%22%3A640%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22640x100%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c07d73b6b22bbd71908f1b756ddfba11635c481188f1a06d868fe4ec1a244e4

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vuKUOlcxqagOiRaB0mrnu7ReDrc52UYnWg8TEwx7VKmXSC9T4Cxp8%2FglNUkCbKl3W3yjIASLVkmuzYu2fItIZ2FeuDKZJRNbbYAlVryhnfyqFA89ipSLjXlxvahbdcWtsPY7FsU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76733a25692d9046-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.1&cb=56663526814
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
hbpost
hb.jixie.io/v2/ 		62 B
899 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.jixie.io/v2/hbpost
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
110.238.107.108 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-110-238-107-108.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
0d4b6cded9dd956b98828ffc2eac772e3ee61c4bc57dffd5a40bf56177db9642

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:48:02 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
edce5350-5fd8-11ed-9c17-e32a36d7d501
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
-1
280686
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/280686?src_sys=prebid
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Wed, 09 Nov 2022 02:48:02 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.003583
X-SpotX-Timing-Transform
0.000286
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.003583
X-SpotX-Timing-Page-Require
0.000267
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001313
X-fe
082
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.009607
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003358
Last-Modified
Wed, 09 Nov 2022 02:48:02 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Exception
0.000015
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000011
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000770
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
282137
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/282137?src_sys=prebid
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Wed, 09 Nov 2022 02:48:02 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.002715
X-SpotX-Timing-Transform
0.000286
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.002715
X-SpotX-Timing-Page-Require
0.000417
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001697
X-fe
120
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.009527
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003515
Last-Modified
Wed, 09 Nov 2022 02:48:02 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Exception
0.000016
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000014
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000865
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
301966
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301966?src_sys=prebid
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Wed, 09 Nov 2022 02:48:02 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.002276
X-SpotX-Timing-Transform
0.000317
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.002276
X-SpotX-Timing-Page-Require
0.000339
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001433
X-fe
035
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.009045
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003812
Last-Modified
Wed, 09 Nov 2022 02:48:02 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Exception
0.000020
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000014
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000831
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
301967
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301967?src_sys=prebid
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Wed, 09 Nov 2022 02:48:02 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.002274
X-SpotX-Timing-Transform
0.000365
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.002274
X-SpotX-Timing-Page-Require
0.000306
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001919
X-fe
060
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.009414
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003720
Last-Modified
Wed, 09 Nov 2022 02:48:02 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Exception
0.000020
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000013
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000794
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
282227
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/282227?src_sys=prebid
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Wed, 09 Nov 2022 02:48:02 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.002323
X-SpotX-Timing-Transform
0.000335
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.002323
X-SpotX-Timing-Page-Require
0.000375
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001438
X-fe
068
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.009259
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003875
Last-Modified
Wed, 09 Nov 2022 02:48:02 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Exception
0.000016
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000012
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000882
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 09 Nov 2022 02:48:02 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		423 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484472&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.domain=medan.tribunnews.com&tg_i.pbadslot=%2F31800665%2FTribunMedan%2FHome&tk_flint=pbjs_lite_v6.29.1&x_source.tid=bf2ae61f-a6f9-4f0f-9403-02ead8c26c34&l_pb_bid_id=12068429e580a957&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F31800665%2FTribunMedan%2FHome&slots=1&rand=0.4760965646954347
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0e6ac74f5509ac65d0d0906338585fc596b3b7b1af009948534babb8338a4396

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:48:02 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
423
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		400 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484474&size_id=9&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.domain=medan.tribunnews.com&tg_i.pbadslot=%2F31800665%2FTribunMedan%2FHome&tk_flint=pbjs_lite_v6.29.1&x_source.tid=4247b4e4-9b56-4444-a465-37d1262d5b5c&l_pb_bid_id=121547b155ad6904&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F31800665%2FTribunMedan%2FHome&slots=1&rand=0.07638203883065264
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
77bc1df8da4665fe67482c981d7d685fb5851c93c9e12444c3d4a9bccba4a063

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:48:02 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
400
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		421 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484476&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.domain=medan.tribunnews.com&tg_i.pbadslot=%2F31800665%2FTribunMedan%2FHome&tk_flint=pbjs_lite_v6.29.1&x_source.tid=7bb76f15-0f3e-4a4c-8cf4-d54a95f93dcf&l_pb_bid_id=122c1ebb7fba445e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F31800665%2FTribunMedan%2FHome&slots=1&rand=0.40250158934007785
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0003fab3382338a09539e86d5e2bdd7a9b1ced520a10b54d28e4c3225415404e

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:48:02 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
421
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		401 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484478&size_id=15&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.domain=medan.tribunnews.com&tg_i.pbadslot=%2F31800665%2FTribunMedan%2FHome&tk_flint=pbjs_lite_v6.29.1&x_source.tid=a5331d9c-6558-412e-aafb-e709d75080c1&l_pb_bid_id=1238336222d4d94e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F31800665%2FTribunMedan%2FHome&slots=1&rand=0.4120193859521175
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e70a6f2ca4ea41c2c85be28bdf5159698c44dbbe15f21757f4ba9916edf6020e

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:48:02 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
401
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		421 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484480&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.domain=medan.tribunnews.com&tg_i.pbadslot=%2F31800665%2FTribunMedan%2FHome&tk_flint=pbjs_lite_v6.29.1&x_source.tid=98216fdc-230b-4b79-9dd5-316ffeb52570&l_pb_bid_id=12471fa3e664f15f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F31800665%2FTribunMedan%2FHome&slots=1&rand=0.6215041360894711
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f3abf51ce7e0805701c1060adac00965dd08d989a0a90f58f634b41dfc769620

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:48:02 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
421
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		416 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484482&size_id=15&alt_size_ids=19%2C221&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.domain=medan.tribunnews.com&tg_i.pbadslot=div-Inside-MediumRectangle&tk_flint=pbjs_lite_v6.29.1&x_source.tid=ea756a31-f4ff-4669-af0b-ec6ce34cd629&l_pb_bid_id=125e09d6e24a2162&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6268276377072839
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
98d2a0e8769517fa5e20928f7412d4d00dcd83f462dd346447312823fc7b8d5d

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:48:02 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
416
Expires
Wed, 17 Sep 1975 21:32:10 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 09 Nov 2022 01:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5528
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 09 Nov 2022 03:15:54 GMT
js
www.googletagmanager.com/gtag/ 		227 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
629e1280f96e4cfe40905cc70bf0cfd10ae21b5e8b47434821b6030bba179794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79716
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 09 Nov 2022 02:48:02 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
039ddca531ae1290db5225079f203d88bd377bea02f471f9cd8fe208c60696d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75907
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 09 Nov 2022 02:48:02 GMT
jxpublisher_3_1.min.js
scripts.jixie.media/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/jxpublisher_3_1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.119.20.23 , Hong Kong, ASN58453 (CMI-INT-HK Level 30, Tower 1, HK),
Reverse DNS
Software
openresty /
Resource Hash
5dc685ed4935640fc69a56126575082ea8379cf3e588d9f1d7c1c6a1aff762ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

nginx-hit
1
date
Wed, 09 Nov 2022 02:48:03 GMT
via
EA-SGP-EDGE1-CACHE2[1],EA-SGP-EDGE1-CACHE8[0,TCP_HIT,0],EA-SGP-GLOBAL1-CACHE14[2],EA-SGP-GLOBAL1-CACHE29[0,TCP_HIT,1]
x-ccdn-cachettl
2592000
x-amz-version-id
aG2xyryM3T_tewlAPS7SOjwDyC.2MlqH
age
9156400
x-amz-request-id
M94G0E9H47XFW9NW
content-length
26290
x-amz-id-2
QV5osWFDn2yUMPP7FU+CJJ372BxTHAPvRbCmvm7TYcjHHp6I1T/E6uC5atPOcWdZEc3QkED09vg=
last-modified
Tue, 26 Jul 2022 03:20:58 GMT
server
openresty
etag
"bf81efb754e98c5d547786eb79360e62"
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
x-ccdn-expires
2592000
accept-ranges
bytes
x-hcs-proxy-type
1
style
accounts.google.com/gsi/ 		533 B
328 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-X8FdYOX15A36B-cbb6zNlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-X8FdYOX15A36B-cbb6zNlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 09 Nov 2022 02:48:02 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=114488588566911&ev=fb_page_view&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&rl=&if=false&ts=1667962082212&sw=1600&sh=1200&at=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Nov 2022 02:48:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
publisher:getClientId
ampcid.google.com/v1/ 		74 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FYJCTGV1LV&gtm=2oeb70&_p=1822125748&_gaz=1&cid=1793639517.1667962082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667962082&sct=1&seg=0&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&dt=Tribun-medan.com%20-%20Berita%20Terkini%20Medan&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FYJCTGV1LV&cid=1793639517.1667962082&gtm=2oeb70&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FYJCTGV1LV&cid=1793639517.1667962082&gtm=2oeb70&aip=1&z=1340618967
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DFP7BBGFWN&gtm=2oeb70&_p=1822125748&_gaz=1&cid=1793639517.1667962082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667962082&sct=1&seg=0&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&dt=Tribun-medan.com%20-%20Berita%20Terkini%20Medan&en=page_view&_fv=1&_ss=1&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DFP7BBGFWN&cid=1793639517.1667962082&gtm=2oeb70&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DFP7BBGFWN&cid=1793639517.1667962082&gtm=2oeb70&aip=1&z=929419105
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame EC2F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:48:02 GMT
expires
Thu, 09 Nov 2023 02:48:02 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publisher:getClientId
ampcid.google.de/v1/ 		3 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
css2
fonts.googleapis.com/ Frame EC2F 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 00:55:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Nov 2022 02:48:02 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame D6FE 		2 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 14:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
43065
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 14:50:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame D6FE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 14:03:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
45898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
server
cafe
etag
12585499704757265805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 14:03:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame D6FE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
27341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 19:12:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame D6FE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
43757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 14:38:45 GMT
l
www.google.com/ads/measurement/ Frame D6FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTk1f_JI3YYvlinxlOtBbJMNQopXvfMTTcyjoKJTGFtKnmpNWDtYJ8KTmFpAwhNUieKyK8Co9sI-NyijGgEYxDXA-FJJQ
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D6FE 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48209
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667824238049716"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 02:48:02 GMT
0d3fd3b530a886383bd6b91513e5ed38.js
www.gstatic.com/mysidia/ Frame D6FE 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 20:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14033
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 22:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 01 Feb 2023 20:18:51 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame EC2F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
349544eac2a5e347ebc6e23a6ca44ab6531e59c40f5d337ddddf1270608ce257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
39592
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7963
x-xss-protection
0
server
cafe
etag
15183902602499586604
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 15:48:10 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EC2F 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 00:17:06 GMT
x-content-type-options
nosniff
age
9056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 09 Nov 2023 00:17:06 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EC2F 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:38:43 GMT
x-content-type-options
nosniff
age
559
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 09 Nov 2023 02:38:43 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1822125748&t=pageview&_s=1&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&ul=en-us&de=UTF-8&dt=Tribun-medan.com%20-%20Berita%20Terkini%20Medan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAQCACAEK~&jid=1905776651&gjid=1341648762&cid=1793639517.1667962082&tid=UA-15224089-38&_gid=133919355.1667962082&_r=1&gtm=2wgb70NNJ5M3B&cd5=medan&cd10=homepage&cd20=1793639517.1667962082&z=1016281485
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-15224089-38&cid=1793639517.1667962082&jid=1905776651&gjid=1341648762&_gid=133919355.1667962082&_u=YCDACEAABAQCACAEK~&z=1284012773
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 09 Nov 2022 02:48:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-15224089-38&cid=1793639517.1667962082&jid=1905776651&_u=YCDACEAABAQCACAEK~&z=711567442
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-15224089-38&cid=1793639517.1667962082&jid=1905776651&_u=YCDACEAABAQCACAEK~&z=711567442
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
pagead2.googlesyndication.com/bg/ Frame A293 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16184
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 19:30:53 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=medan.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=medan.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		169 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3596572478205433&correlator=3261070665032238&eid=31070790&output=ldjh&gdfp_req=1&vrg=2022110301&ptt=17&impl=fifs&iu_parts=31800665%2CTribunMedan%2CHome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=160x600%2C728x90%7C970x90%7C970x250%2C300x600%7C300x250%2C300x250%2C300x600%7C300x250%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=2&adks=1365649329%2C1151295369%2C645028135%2C2464932481%2C645028121%2C3110274607%2C3110274592%2C976996096%2C976996097%2C709143181&sfv=1-0-39&ists=31&prev_scp=pos%3DLeftWideSkyscraper%26page%3Dhome%7Cpos%3DTopLeaderboard%26page%3Dhome%7Cpos%3DRightMediumRectangle-1%26page%3Dhome%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.04%26hb_adid_pubmatic%3D126d6c5db52bed61%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D126d6c5db52bed61%26hb_bidder%3Dpubmatic%7Cpos%3DRightMediumRectangle-2%26page%3Dhome%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.04%26hb_adid_pubmatic%3D1285b6608aead968%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D1285b6608aead968%26hb_bidder%3Dpubmatic%7Cpos%3DRightMediumRectangle-3%26page%3Dhome%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.04%26hb_adid_pubmatic%3D129a0b1dc4245154%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D129a0b1dc4245154%26hb_bidder%3Dpubmatic%7Cpos%3DNativeAds-Latest-1%26page%3Dhome%7Cpos%3DNativeAds-Latest-2%26page%3Dhome%7Cpos%3DNativeAds-Populer-1%26page%3Dhome%7Cpos%3DNativeAds-Populer-2%26page%3Dhome%7Cpos%3DPremiumTopframe%26page%3Dhome&eri=1&sc=1&cookie=ID%3D46b7434a59539b63-226d4c8971ce001d%3AT%3D1667962082%3AS%3DALNI_MaoTkE_hsWFzeeZ2yWD_Gxe-rESzQ&gpic=UID%3D00000b7eb13c7ab0%3AT%3D1667962082%3ART%3D1667962082%3AS%3DALNI_MYZgHnJ9DHbuaRWXM3F5n0QAgKvJg&abxe=1&dt=1667962082879&lmt=1667962082&dlt=1667962081671&idt=318&adxs=225%2C436%2C1075%2C1075%2C1075%2C-9%2C-9%2C1225%2C1225%2C-12245933&adys=537%2C180%2C537%2C3260%2C4223%2C-9%2C-9%2C1261%2C1366%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C-1%7C-1%7C3%7C4%7C-1&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmedan.tribunnews.com%2F&frm=20&vis=1&psz=160x600%7C970x250%7C300x600%7C300x600%7C300x600%7C0x-1%7C0x-1%7C300x105%7C300x105%7C0x0&msz=160x-1%7C728x90%7C300x250%7C300x-1%7C300x250%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x0&fws=128%2C132%2C640%2C640%2C640%2C2%2C2%2C0%2C0%2C128&ohw=0%2C728%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1793639517.1667962082&ga_sid=1667962082&ga_hid=1822125748&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbc0d1e5783c1af2d5459d2c520a75370e5d5365b5c3e6f309aff492763499cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36165
x-xss-protection
0
google-lineitem-id
-1,-1,-1,5721986381,-1,5778375738,5782653578,5806199487,5782655009,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,138353114088,-1,138361972125,138362601929,138366796737,138362660293,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210191347000/ Frame CDD6 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 08 Nov 2022 18:47:48 GMT
age
28815
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61564
x-xss-protection
0
server
sffe
etag
"84cdcac007f64412"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Nov 2023 18:47:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame CDD6 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:32 GMT
age
120991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5198
x-xss-protection
0
server
sffe
etag
"aeb1502543fb438c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame CDD6 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 04 Nov 2022 03:28:40 GMT
age
429563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28845
x-xss-protection
0
server
sffe
etag
"fdb7364f8f067758"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Nov 2023 03:28:40 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame CDD6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:32 GMT
age
120991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1912
x-xss-protection
0
server
sffe
etag
"9f4a70ec77acc0d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame CDD6 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 02 Nov 2022 09:07:25 GMT
age
582038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"2923b90bb7365105"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Nov 2023 09:07:25 GMT
truncated
/ Frame CDD6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94d3297b59c96da49e4fc2c69a442948eb5274a5416725ad2c0c63b457d6ab77

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
container.html
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame BD91 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:48:02 GMT
expires
Thu, 09 Nov 2023 02:48:02 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 2377 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:48:02 GMT
expires
Thu, 09 Nov 2023 02:48:02 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6190647522664867804
tpc.googlesyndication.com/daca_images/simgad/ Frame CDD6 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/6190647522664867804
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c22d03091d299d60805c813a2fe62f6283e23a07e812803658a1775aaf4b93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 16:15:28 GMT
x-content-type-options
nosniff
age
556355
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47004
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 13:05:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Nov 2023 16:15:28 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CDD6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:48:56 GMT
x-content-type-options
nosniff
server
cafe
age
39547
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
expires
Wed, 09 Nov 2022 15:48:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CDD6 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 08:13:18 GMT
x-content-type-options
nosniff
server
cafe
age
66885
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 09 Nov 2022 08:13:18 GMT
l
www.google.com/ads/measurement/ Frame CDD6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7NhemrJfQriSNcUj9SLtIVusFv1kirtvx7ltvEa-nzuuZYdPUPENbLeMN_cnWF9rLXhKYfofg5BHfv-06SA8LQGYKtA
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame CDD6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSe0n4hRrY5fpPPKS9u8PkP6IWOrY7Jpt76-D88IQ79fp-OIwEAEgytbjH2CVgqKCsAegAZC16vsDyAECqQJ7g6n7reWwPuACAKgDAcgDCKoE_QFP0BWJySehnfPHlhGZrpQ3UJCdfJ07pHT8wVN59A6iQpTD5qAGDYFQlq3XY3O3Gwvot4V6koThschsH76hw4E3J1jkqjmDTTB6SGZI4IzPoPaQcQe2KHQ980hOlno9JttpsUdO0FJcMYhdgFNsGHvi3K-EkIektQq6TFsO8OLg8rcZbAh4s540XQ337-s2K7jfJT13Yt2AvOxIKS_lBR0tGcdMWJa56vUW05omMGnVSJUZGonMWW8AfH9U93F5Bx7f10oU4p8GXNMczIZAGeVC19fQOLP7F1qky70Ya9RniQ0z6YCLD8IeNRaMptoju0HiYWxyNqtArlBAZ-huwATaqLnJnwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH2MqVBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPHiAtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMC0BUBmBYBgBcBshceChwIABIUcHViLTc3ODQwMzQwNjEyNTMwMjAY0cMR&sigh=EgWxBHYtYoQ&uach_m=[UACH]&cid=CAQSOwDq26N9EpHyJ0KfqzFgzCWOw7PBy-Do8uxuYM_TTNJEP88Hc0bYkQ8lsl82OElXcwWZPMNf-bmlIRsUGAEgEw
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
container.html
55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame EEB9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:48:02 GMT
expires
Thu, 09 Nov 2023 02:48:02 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210191347000/ Frame 34B3 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 08 Nov 2022 18:47:48 GMT
age
28815
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61564
x-xss-protection
0
server
sffe
etag
"84cdcac007f64412"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Nov 2023 18:47:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 34B3 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:32 GMT
age
120991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5198
x-xss-protection
0
server
sffe
etag
"aeb1502543fb438c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 34B3 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 04 Nov 2022 03:28:40 GMT
age
429563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28845
x-xss-protection
0
server
sffe
etag
"fdb7364f8f067758"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Nov 2023 03:28:40 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 34B3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:32 GMT
age
120991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1912
x-xss-protection
0
server
sffe
etag
"9f4a70ec77acc0d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 34B3 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 02 Nov 2022 09:07:25 GMT
age
582038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"2923b90bb7365105"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Nov 2023 09:07:25 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 34B3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:48:56 GMT
x-content-type-options
nosniff
server
cafe
age
39547
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
expires
Wed, 09 Nov 2022 15:48:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 34B3 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 08:13:18 GMT
x-content-type-options
nosniff
server
cafe
age
66885
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 09 Nov 2022 08:13:18 GMT
truncated
/ Frame 34B3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f1162f81e7c3118214db4d6b34eaf63427c7dd6693bb977e1d66ef78c63624b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
tribunnews.com.1210784.js
jsc.mgid.com/t/r/ Frame 7F9D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/r/tribunnews.com.1210784.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f0d86889701e9c0505b7df581b33b35db59057f2fc368cedb5dc71b27c18bef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
x-amz-version-id
fjkXtTHzOdwuJ9HprLkTedBFmgLFQeXm
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
E4EMHQYHYEVE2XHC
age
2578
cf-polished
origSize=2373
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
3XnKjqE28l5BroMUPM2jH0Jbm0QSrqOEY7tLQL90sS0e8yJ39U/E4KImRK7wlBDhlJlhZSQCSMo=
cf-bgj
minify
last-modified
Thu, 03 Nov 2022 14:22:04 GMT
server
cloudflare
etag
W/"3265d213ee7ddc960af9a42720491e1e"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
76733a2e2bf29066-FRA
expires
Wed, 09 Nov 2022 05:48:03 GMT
truncated
/ Frame 7F9D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a687f5c64cf92c75ed9fd3ee703457e19394f886693e4446d1e10783b12136e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
tribunnews.com.1181811.js
jsc.mgid.com/t/r/ Frame 5F30 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/r/tribunnews.com.1181811.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0929c6e38b78521316107239c8415db5243274f97e678f69001af4ad3dd98f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
x-amz-version-id
Y52TsdkCl24FD4t9sPOM8TgPH2JXEWiu
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
1WTTTBYZPJZWP1BX
age
2578
cf-polished
origSize=2373
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
VU6ItBVWTNGW38VDHwhGFYd63M+0HpfrZC+6VYePjK4r0UH/sUlZVFxyE6d86k4GH5Whnj+JLks=
cf-bgj
minify
last-modified
Thu, 03 Nov 2022 14:20:21 GMT
server
cloudflare
etag
W/"343465928dfeef1eb0d900eceee75e20"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
76733a2e2bf39066-FRA
expires
Wed, 09 Nov 2022 05:48:03 GMT
truncated
/ Frame 5F30 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d42ef5bc63ca80f16e44fa145a312e6e6572a3f36a405ee7c1b16b53340ec9c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
16096933925413000740
tpc.googlesyndication.com/daca_images/simgad/ Frame 34B3 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16096933925413000740
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395427f376c7c80bf11e9738a4eeb56cb1c845268c9bab441a5ff057081673ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 14:41:41 GMT
x-content-type-options
nosniff
age
561982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75042
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 13:05:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Nov 2023 14:41:41 GMT
l
www.google.com/ads/measurement/ Frame 34B3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9o5EJYM3dkRwFj9A182wNKjmcrua9gqO2S1Hprgpx7C1sUREV_rBaW-rXY2FIov5BdkpPk-Lww-4HqgZgJ0rRwat22w
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 34B3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CM7tJ4hRrY5vpPPKS9u8PkP6IWOrY7Jpt_6iD88IQ79fp-OIwEAEgytbjH2CVgqKCsAegAZC16vsDyAECqQJ7g6n7reWwPuACAKgDAcgDCKoEgAJP0N4MHFTrYwHqQK4b10U5XyFcKoT8lbmnvHXGyvESNmSBgAYep3Ih1ao_jxUofSxAtPgESFJmjbXB7oYpWl3Q5p1ymj-6n7QLBV5rOs5Xs8lvWvYOEY56e0QL80EjLTwBHnUjrdPe3kyXtBOr2OOodAtKuD6Jpc-KXY7chONnnIkDqz2hvrxojBxt11JuHqdgVwr2JQxK0kSUXkjetY1mMVt-VfZUIWR_Ra7HiTm3wksfb3-Yr8GE_MDJ83K17n9fyV69zBrqUYK3tVi1zsm8DFCk7vb8MJAus2zB3bC-2rA5piAWTPfzdpPCfD17uVUXgJ3QR35f4_QHRF5FdB51wATaqLnJnwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH2MqVBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEImEA9IIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMC0BUBmBYBgBcBshceChwIABIUcHViLTc3ODQwMzQwNjEyNTMwMjAY0cMR&sigh=2qdtuPStHzw&uach_m=[UACH]&cid=CAQSOwDq26N9EpHyJ0KfqzFgzCWOw7PBy-Do8uxuYM_TTNJEP88Hc0bYkQ8lsl82OElXcwWZPMNf-bmlIRsUGAEgEw
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5A15 		624 B
670 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_sSxDOkOwBGLGK7tUBMAE&v=APEucNU4HpbjDheV9jLTur0TFZsD7B8VgelvW_uzqI2ht6AHUUbDiXO8jOaqZgMreXt_Jhdy2DPutOdShQ7-xHGYeHA0kzFA-uExcSfnznNaHVS9mFWQy3OV1g_uY97456qtEzgvSeOLKmC38y4Dn1iO5TMK6lpsULcrZsijLugONsuHgoqX73g
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:48:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame BD91 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_k5NsoOHj1np_zzk1fMkD-yCMbGmQrsJPIPd3Dg5xCSuJ-0NF3YM1PSaKtT86MlgUbS7rGnYTiJb4rqzeQrsbCadPew&cry=1&dbm_d=AKAmf-C0Mg-XpV8DlJgv7gSVUjn7fVSrEsxQSZEr8fgPAfezjG6qyG7Cox_WBcGmNE5kK3lkx2V5YmGUEuzQpUYfM7SEpGWQlnWUvOOdQJ2537RG9O_S3PXD1rbnyW7-PNsXr8YYxhrDLHzJtVGgyuf_e3h80z-4l8tCkOwoTbUCvhme5pwSWjBrKl9cuKtlWYH6PrZ1pRla6i3BBBt2dGJ_QlNz47IZ-JoXdGKCm8_8UdifovKMNqiy2mSyWVOyKRFlNS2SqkBkYZE_Wf2qJ8EryRY48cTcBaV_5kK7PYIqDnGhgwNZHg6VHYRvGdP-mux_CrXzkKtjmyy1sYWsnVTBykQRDJCuV8oGZDipiy3ihwxNBXBqe5jbtUPFcxKWsiz6ILU9G-fWYWjeQxt8zLdGNnw1iPvf-I7HG8Cz55wB89BEZ1Htyi6owLpcOZ_DURAFRCZ9hOVd8J02spI07i2SwXHDjElWO0nx8-AAQosteoqJU5Gk3rioPf7yfkhq379ye9Nd14yf5CE9DuZAH_McamIp4E8JJG6OJKNiBUBaVhssbE-qkvKJCNV0ikEL8zWIRB1Dpqb8TKM-EOZtRUlY1ql_vf1Y0Jkn3jshfFdb9jP2p-_8i4856QtBtkd43fMZ7BJrkxd_S-5A9kj9YvrMoLHbwTySAIMmnrdZZyUORGGvH7xm0f12dWTFnHf7j9HktcJ2h7AyiShinv0WP1-R-aaJQZkIDNxf99yVLdenu7vz--HnUZ-FclhceuteXjoDCtjgiBc-753etf-d4DDuQcd7WhKvbcrLOBa8EGxbedu_NxNgDzWZLZ81UBdwQJsb5GU6LlrhoZ-XlsNY9lDtnqw2Anu_9w_KgYjLMvvzU8EwDa4QMn9ImhaH29A2ehzsA5tD2KjsSje8rtVNZCxggmQCaydX4NpLmKT7gj8nPtGDg2LzsMaQ2D36iJu9QZl33zbiAfMs4nXikFA_35Tuxy5EWewosy3ePKQ6qztxNZh4of0JvVbgIEoVazA24HC7yeUbCVLdrszJTjjZ2RofIBUqKH98f8T94BralMMwEPekN96U4om9GNvT-jzkXHWgqTVk1qcbIrcEm9_3hciKVgmFhYv0JYhySSMgLUTtOD9HuSR2UIFbLr3w8k96ibMDNGS_UAr2CPsEQmsMjsscaOmGNDFNbvCOwrBbYPeGyf_AMQ9ACFFBAz52pmmXpYFdAfTMGHEiLLYm6DyS150uV0PiVUwsgNrHNDbMIKBJ4A4xpCJLcw4GJyX5cPdghT1p_LRLvBud4CEBsNIefNtR035aOeQdJlsMeaamX_ax9y_qs4RRZvQQgAFY53wsaL5r3I1-xYwDRF0ZXCc_B75dKoBmFrUabqa3jJ92NmFe4UD8IOr2KXRt7-7slvaWRKdWgx0BhzQADSNsQ54oKZhyq8c4zrfFARQ4eI_k4PUb4cmHjTz5s-CfybodfXWq38f3nE8YogNvgcq3jj-S74LtEGqovCqJ64k-GZdgTlhatNsXNQiG3BpQLCJCwRyUoBC9CleYOHJiWik3YiUuTabvhWPtMHqOIAaLljGUbb65J8T3VZUNbce21Ai600fFr2Ih1-E9TblJhH0SOQeayHtLnrrnWPq4HdctXTJeuiy52nyFN7ihYjJ-n4o-M6Ay6DZ0GA9nJPHhtWgohNu8Zz9xqazlVTawXoYIshgVpPqWWlswvCvZTnRLDTI3DSF0y8yBRre9scAm2P7yNs4idKw4jEz1lcefqx5TkA50PEEowlsmNpF0PeZ8ZLmcA_NW7FJq2Otl1umaEBSXB5ODWbkvllFQcpHOHxLinzQNm_5LPFJe_FzqtGiwV-wMHjnqXF8aQBfIXFsoel2sVF_aMwO1YwXbyDsHjDQvVN3rG0QYWs76s4zk6pCZGU3c2N_w7I4AgXIxTnZwgtNqGJSrYpGCB2rHVi5pDng2EZ5oblMSL2VbBatR62dEQO3SohiLfnjQElicZ6OZgZG30Pg1C3q4Qn7YxWjO14Ko-E6vef2DUF_JCiPVz_o6iiFI5psbajlNS4BdQoZSVArWq1kE5DsDOzuVUAwXlgN8gaRwDeXWX2Of5_11m8HqVRlw064apcprJoAVTwPP2tQ-sRejfaqLHgGKbqBwhXZPLi6INEU-C-kuwidghvKk3_wDsMcDfY0kjG_IdK70BL61MO2EKzLFldJdVO7y7_-L1PqfynJolgjhkEIFbOfeJU7OUIVDS2J5_qVp81b8qKcYrIW9VvuNxAMBxKEzHACw21PuO_KQZxbbG-mIMOMxC2dZFKxUG9LgKCnLUQzB0hggTpLZMHaB6O1BHvjJRuPMl2--kvtQkvi-BsptBTxBGAklvrCQek-8OiNUYszRZAtqzLq19EiUFGcaxa8s90hDeViEIUSqc9Kf1ICsWAnJpw8ifl33Bld-pNAFwo0su3fFH0_ujC0MpWdkGBdmnFnW-4oNFYBX0fmc1CIQNWd9j-5LFh_Zi21Ux2LsY6DAJ8TcVcjHx8JgXX76qNSafb1mAoEGIsrZ72Wl04VcfxUogk2YJqW51xQNmOZ2yypfk4q2fYZ0j47sWJgF8sX0A47lktGVoEUIvqpD-6vR8dnNRZ_T8BFBkp38M5FIsDkxU7AprZeVWtdYXU57JFLXlgpcWnHR8oPkPtBrsk-tSIjH6QR0RFQ_ey6smH8QxV8idmMpfQTKbm-kCB_MCnzXmeV15L-1K_3JUPuE-0aZ2oyZr7CLlzB8_lA5sxmkrTaj6OmqB_Q964J00PNlJvQlg22g91PQcDndynMVMeYJlFRkde45csFHzB0NTTcrXBSwfMyLugCAQznmo1xkUVzebdyUdwKoxC-F4mM4OyOwUTe8BNWmWJqSKI2Giy9EqLNEWVZrWTo4uYTx82-koSVNzCEypBs2YL0Y-xy5ZhXKRKHFFadSgPUVg7cvS49VBFwyRfgW1P-W_OqiR4iMpyr6efOjZ7ucDFk-nyZ9A9HuAuwD72oxWlLtfJyoIjHlOaKR-M2UquS6E7a_w1Ghn0jxvZzYUmIUMamaSU5gNE12lUmou7blP_VFfwOvsVGHySx3rgetcPD0x0WphcGsJxGZaRa6AH56PvIMZLtUHTS3FIReYFLCRZ0Aiv9Dcu-0unxaMdtwy-rSZSrvsIfsUQt-gpYqpqlZJOtG198-a9oIrZiwvJCc1FriuiXCAC9UkI0F1FS7AJZu0sx7iKTF2KPySuWrL6pla4oS9nfJ67uRnKsr52eZoj3z78YJlrHvurec8mE7tb-_4JXIx4hHQOp5CQ&cid=CAQSOwDq26N9EpHyJ0KfqzFgzCWOw7PBy-Do8uxuYM_TTNJEP88Hc0bYkQ8lsl82OElXcwWZPMNf-bmlIRsUGAEgEw&rfl=1%2Chttps%253A%252F%252Fmedan.tribunnews.com%252F%240
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7659a58de80efb0e8fdde41820da5032f9fbcca5106be0586ae49ede7198f6c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD91 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Clgv6Ekk_N-SFfUg1Bz-4wBLIqeON8Dli-UGhy_CLs5KigBvXOQhEN9Nm0Pw5ddrXY23zlpRa2oePsHWYNSoD8dxrMTU4DsFUfH4BN78UsCYMWpZA
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame BD91 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
27342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 19:12:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame BD91 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
43758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 14:38:45 GMT
l
www.google.com/ads/measurement/ Frame BD91 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4O_Lr9OCnJb2sLUVp2_VBfYXni0sHBtFcBkXwuL6DekXRs1_hRCLJWCUNfloE3MC5eq4NQszlo2dEfygvnhxABEIOzg
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BD91 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48209
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667824238049716"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 02:48:03 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2377 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAmEy4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBOoBT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOkLbxK6pKdvkKwB2fU-YG85KOgGMj24ou9O8TJldvmNVjWb2r6mY4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc3ODQwMzQwNjEyNTMwMjAY0cMR&sigh=MW2H4jrT6Oc&uach_m=[UACH]&cid=CAQSOwDq26N9EpHyJ0KfqzFgzCWOw7PBy-Do8uxuYM_TTNJEP88Hc0bYkQ8lsl82OElXcwWZPMNf-bmlIRsUGAEgEw
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 2377 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k_79Eo-lBKwC2ASdg2ICAgAAAKLmQkjgO2bdYflEegk5jtsQ4hRrYxReUwxkXD5nneRQABIAAA&wp=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
189356
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6AFC 		150 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
476308e731b1308104ce93b26e43f00516f0460fffd4e7bbc448d92d6b88ec33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:48:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2IYMIOdDmiuBhOL69QgfHhpuM6UQKkKQyBRkYdaOj3BIuRWyU7EIH2p1g6UcLD8iLpCfkaas33JNdClxu8koUrhdocBBJPAG-dSH-O7ePeiU40O6FbYgOw2j3w9uuq3RHab57M6xQC_Ave2t7J7Sx3h5vM49MVVlIJFYcyp5q_jdtoE_rmPMQnOR4_zRZsXPqgpVTJAyHL7KQ4Purc6FFvOw_1aKnhzAS2eKq6f_1MOG0jd0pWe233zBJ2nMy3hiU8KeAg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
60513055
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 2377 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
27342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 19:12:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 120E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
48916
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 13:12:47 GMT
etag
48472445140208031
expires
Wed, 09 Nov 2022 13:12:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 2377 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
43758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 14:38:45 GMT
l
www.google.com/ads/measurement/ Frame 2377 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwOjjEVwdJ9s8Q5prVuTyeM2b2alME2Us9b8vag80tpFR5Rkz4MS60wRFqTiF5Gwbn2E877-KDoDoCCAbVyj2cjMk06g
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 2377 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Nov 2023 19:12:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2377 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48209
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667824238049716"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 02:48:03 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame EEB9 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Nov 2023 19:12:30 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame EEB9 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a76a7ff51b1eb5f1ea0e715070bb3a31274b2a7059597dd9effe100a74a926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16053
x-jsd-version
1.14.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19167-FRA, cache-yyz4569-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6c5a-B7CcN0WmU38aLrErV7huhShFoTM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8I6PjpZnfU4BQhqLSHgtBp6UJ1VV4e9EnDRFd4G45KzjfBYrOLWwC7vpdYxezxCWVXRrDA6XDtBcYxw%2FUQRUTZty%2Byv7pOj1Ns2U9ir96dg5XZyzktExEIwfSTdIhxpql3YdiKWQZhFLYqAUL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76733a2e781f8fc8-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EEB9 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48209
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667824238049716"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 02:48:03 GMT
tribunnews.com.1181811.es6.js
jsc.mgid.com/t/r/ Frame 5F30 		261 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1583da6c38683eb7abba2c9b2cad109040a6cffa4cabc09bf37735f10c5f8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
x-amz-version-id
gROFq1R2vgNTEHOg_SahIrpNv4tMz_IG
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
2HZNEPX5E47QSCSR
age
5710
cf-polished
origSize=267276
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
gq4diBT5JyzmggQNZ4rF1GGo1SIRi15jgl7svQVHpYZJgqTxsnyhN8EPJ9apNCvqUO6hIyDqmzg=
cf-bgj
minify
last-modified
Thu, 03 Nov 2022 14:20:21 GMT
server
cloudflare
etag
W/"1e5c754fe7635df65b258688a7132177"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
76733a2e7a14bb53-FRA
expires
Wed, 09 Nov 2022 05:48:03 GMT
tribunnews.com.1210784.es6.js
jsc.mgid.com/t/r/ Frame 7F9D 		262 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f487063d07e520ce44cc9b4ba266fa8df7559d824a2b45ced0cb0a74726e3f8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
x-amz-version-id
BhIVwDe_byHBS9YcSQkbJo8J1DO0a3ay
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
SQ7K635SNFSMBCTH
age
1628
cf-polished
origSize=268770
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
YuH9xWCtmxmVe5GURfM5s/kZAJOlIDJJZMrzLhsAWvEgZ5NfrPv7FrjrsuG96aRiRQAZDpytcgg=
cf-bgj
minify
last-modified
Thu, 03 Nov 2022 14:22:04 GMT
server
cloudflare
etag
W/"c1c5b178cf85c001237c9422be13578d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
76733a2e7a15bb53-FRA
expires
Wed, 09 Nov 2022 05:48:03 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CDD6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Wed, 09 Nov 2022 02:48:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 5A15
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWYOwzoO2_iBNtvoGqYl5U&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWYOwzoO2_iBNtvoGqYl5U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_sSxDOkOwBGLGK7tUBMAE&v=APEucNU4HpbjDheV9jLTur0TFZsD7B8VgelvW_uzqI2ht6AHUUbDiXO8jOaqZgMreXt_Jhdy2DPutOdShQ7-xHGYeHA0kzFA-uExcSfnznNaHVS9mFWQy3OV1g_uY97456qtEzgvSeOLKmC38y4Dn1iO5TMK6lpsULcrZsijLugONsuHgoqX73g
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:48:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWYOwzoO2_iBNtvoGqYl5U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5A15
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2sU47IEFbVLuucReTZNMwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWYOwzoO2_iBNtvoGqYl5U&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWYOwzoO2_iBNtvoGqYl5U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_sSxDOkOwBGLGK7tUBMAE&v=APEucNU4HpbjDheV9jLTur0TFZsD7B8VgelvW_uzqI2ht6AHUUbDiXO8jOaqZgMreXt_Jhdy2DPutOdShQ7-xHGYeHA0kzFA-uExcSfnznNaHVS9mFWQy3OV1g_uY97456qtEzgvSeOLKmC38y4Dn1iO5TMK6lpsULcrZsijLugONsuHgoqX73g
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:48:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWYOwzoO2_iBNtvoGqYl5U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5A15
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEoo5VX6gArtG3ncY-Fgopk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEoo5VX6gArtG3ncY-Fgopk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_sSxDOkOwBGLGK7tUBMAE&v=APEucNU4HpbjDheV9jLTur0TFZsD7B8VgelvW_uzqI2ht6AHUUbDiXO8jOaqZgMreXt_Jhdy2DPutOdShQ7-xHGYeHA0kzFA-uExcSfnznNaHVS9mFWQy3OV1g_uY97456qtEzgvSeOLKmC38y4Dn1iO5TMK6lpsULcrZsijLugONsuHgoqX73g
Protocol
HTTP/1.1
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:48:03 GMT
AN-X-Request-Uuid
d693e0a6-f2c0-4e53-9dff-f11ab2479eb2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEoo5VX6gArtG3ncY-Fgopk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5A15
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ1NTM4NzExMDkyMTcxNjMyNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ1NTM4NzExMDkyMTcxNjMyNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_sSxDOkOwBGLGK7tUBMAE&v=APEucNU4HpbjDheV9jLTur0TFZsD7B8VgelvW_uzqI2ht6AHUUbDiXO8jOaqZgMreXt_Jhdy2DPutOdShQ7-xHGYeHA0kzFA-uExcSfnznNaHVS9mFWQy3OV1g_uY97456qtEzgvSeOLKmC38y4Dn1iO5TMK6lpsULcrZsijLugONsuHgoqX73g
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 09 Nov 2022 02:48:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
eddf39ba-7605-4921-bc40-225e750168ad
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ1NTM4NzExMDkyMTcxNjMyNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 34B3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Wed, 09 Nov 2022 02:48:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame EEB9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyQYkKG30EdXLqxARA49fw2kfbzxDI2H8sfcAiRd5RDB7MvgZsw2qfhl60jJeVbGkHcL58hfYmOpd5xMzCjnSfP-Az_aNhOdSl79C-CwFhSIopRiVckVplIPzdXaQUUsUdMAiEEk2rM7h-Q_gy3_DJUWTHwc6K3Y4NjCu9OBjWuENxwnK-4V0eOO3MNoPapy3ssY61PvxK40DtQqoje0-8ZWxmrpQslYYmw3VKzvdkedmE416IrJ2E6vqA6y2SowzP5vPJD6KS5b4cAYIelTA8kN_uWMdXLjltu0b010cz-YgraOiUiliEQrWljrYFc3w2FNFJROtq4lmObfws&sai=AMfl-YRCdKkDHANAGUcxX2kYmZbKLEEeEb-j_mByLWVpEofMck16C4oxo_SBEXPRI-tBVtg-CvH223pgcAylgz8bikZZAj7ddCwHlIYKG_d3FfVv-Eg4StF2h_hHOukPMuXT&sig=Cg0ArKJSzMcRvGojhDjlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 2377 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1580226158aceba2b64f237d9d5a5b122a06c0bf4387b3b67acfe7bba8ef41bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 120E
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEDqzSyuOFbg0SemXJIWZxQk&google_cver=1&google_push=ASkJ3Fb18umx-bzVnqTWdrxozaM6bNfKuuLPu28iktUpdXeL0kCETYKpNtWlXZM2losXbxytB3JnQmlpnAFwan-bipiSjKe--gSM
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5D7C610D4B95421A95AC369DD908FD52&google_push=ASkJ3Fb18umx-bzVnqTWdrxozaM6bNfKuuLPu28iktUpdXeL0kCETYKpNtWlXZM2losXbxytB3JnQmlpnAFwan-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5D7C610D4B95421A95AC369DD908FD52&google_push=ASkJ3Fb18umx-bzVnqTWdrxozaM6bNfKuuLPu28iktUpdXeL0kCETYKpNtWlXZM2losXbxytB3JnQmlpnAFwan-bipiSjKe--gSM
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5D7C610D4B95421A95AC369DD908FD52&google_push=ASkJ3Fb18umx-bzVnqTWdrxozaM6bNfKuuLPu28iktUpdXeL0kCETYKpNtWlXZM2losXbxytB3JnQmlpnAFwan-bipiSjKe--gSM
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 08 Nov 2022 02:48:03 GMT
pixel
cm.g.doubleclick.net/ Frame 120E
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEPJUihmXrmv2ZQpKh-fWPY8&google_cver=1&google_push=ASkJ3FaoFLpUDVp0N8ToTraJw9ubI2U1Q9feU0aJ7LP_mhD1Kp0kDhEnGlQDfI5ol0kh8WfBX-0XDt4WGmFqz-QfHQqE3nT...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPJUihmXrmv2ZQpKh-fWPY8&google_cver=1&google_push=ASkJ3FaoFLpUDVp0N8ToTraJw9ubI2U1Q9feU0aJ7LP_mhD1Kp0kDhEnGlQDfI5ol0kh8WfBX-0XDt4WGmFqz-QfHQqE3...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaoFLpUDVp0N8ToTraJw9ubI2U1Q9feU0aJ7LP_mhD1Kp0kDhEnGlQDfI5ol0kh8WfBX-0XDt4WGmFqz-QfHQqE3nTEvCih
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaoFLpUDVp0N8ToTraJw9ubI2U1Q9feU0aJ7LP_mhD1Kp0kDhEnGlQDfI5ol0kh8WfBX-0XDt4WGmFqz-QfHQqE3nTEvCih
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaoFLpUDVp0N8ToTraJw9ubI2U1Q9feU0aJ7LP_mhD1Kp0kDhEnGlQDfI5ol0kh8WfBX-0XDt4WGmFqz-QfHQqE3nTEvCih
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 120E
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPPxfeS3pPtEPose3LUbuo8&google_cver=1&google_push=ASkJ3FbF4Yf2_ycjvy2EZjope1TsjQb_hBfNEy6JXWNrwGlEmgBoHA6MLmN_E1iTCL5OnrAlTZuab4W7bFmAe7D9...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FbF4Yf2_ycjvy2EZjope1TsjQb_hBfNEy6JXWNrwGlEmgBoHA6MLmN_E1iTCL5OnrAlTZuab4W7bFmAe7D9cM2V_0lAPcS9
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FbF4Yf2_ycjvy2EZjope1TsjQb_hBfNEy6JXWNrwGlEmgBoHA6MLmN_E1iTCL5OnrAlTZuab4W7bFmAe7D9cM2V_0lAPcS9
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 09 Nov 2022 02:48:03 GMT
via
1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
DUS51-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FbF4Yf2_ycjvy2EZjope1TsjQb_hBfNEy6JXWNrwGlEmgBoHA6MLmN_E1iTCL5OnrAlTZuab4W7bFmAe7D9cM2V_0lAPcS9
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
vSLn9SM4xctxwucyNHn5U2jJ3NwCJDnRZgK0sTO1vBFq-Xw-yb_dog==
pixel
cm.g.doubleclick.net/ Frame 120E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHZOYV6Ra_WtEubviBqbU_w&google_cver=1&google_push=ASkJ3FYPi6oaeY6tnOQhz8sk5XY0b2NqpVCU22Rn8AtU9911UeT3OW86l1Eogaa5W4xqyxGK7Nwoq5TtmOR1...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYPi6oaeY6tnOQhz8sk5XY0b2NqpVCU22Rn8AtU9911UeT3OW86l1Eogaa5W4xqyxGK7Nwoq5TtmOR1LbUMl98CyvENDds
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYPi6oaeY6tnOQhz8sk5XY0b2NqpVCU22Rn8AtU9911UeT3OW86l1Eogaa5W4xqyxGK7Nwoq5TtmOR1LbUMl98CyvENDds
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYPi6oaeY6tnOQhz8sk5XY0b2NqpVCU22Rn8AtU9911UeT3OW86l1Eogaa5W4xqyxGK7Nwoq5TtmOR1LbUMl98CyvENDds
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 120E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPSXMN3ti7iRASOxWGEu1RU&google_cver=1&google_push=ASkJ3FZ4pkybyCsBIQnlwmC7ENajVIW22bpO9kyqsJiR61qll26RbV9vpbGlE9Q8EDksQJSQTPhuFX6NJIsvXg6bEGQzPje4Ci8
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FZ4pkybyCsBIQnlwmC7ENajVIW22bpO9kyqsJiR61qll26RbV9vpbGlE9Q8EDksQJSQTPhuFX6NJIsvXg6bEGQzPje4Ci8...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4OTcyNDU2OTI2MzUwMTc1NzMyNQ%3D%3D&google_push=ASkJ3FZ4pkybyCsBIQnlwmC7ENajVIW22bpO9kyqsJiR61qll26RbV9v...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4OTcyNDU2OTI2MzUwMTc1NzMyNQ%3D%3D&google_push=ASkJ3FZ4pkybyCsBIQnlwmC7ENajVIW22bpO9kyqsJiR61qll26RbV9vpbGlE9Q8EDksQJSQTPhuFX6NJIsvXg6bEGQzPje4Ci8
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4OTcyNDU2OTI2MzUwMTc1NzMyNQ%3D%3D&google_push=ASkJ3FZ4pkybyCsBIQnlwmC7ENajVIW22bpO9kyqsJiR61qll26RbV9vpbGlE9Q8EDksQJSQTPhuFX6NJIsvXg6bEGQzPje4Ci8
date
Wed, 09 Nov 2022 02:48:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 120E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENBm-uwEM_MYC3eHO5lM-QA&google_cver=1&google_push=ASkJ3Fb9DBBx_XtxKm3g4W8eeLrdlYG3ooOACrdgsTTO1fZhRMFqq_cLL5-vRZQc3Ov5Eh2LTZ...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENBm-uwEM_MYC3eHO5lM-QA&google_cver=1&google_push=ASkJ3Fb9DBBx_XtxKm3g4W8eeLrdlYG3ooOACrdgsTTO1fZhRMFqq_cLL5-vRZQc3Ov5Eh2LTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HYWFVdlpkRTJ1RU0uX284Ukxxcmpnblh3RHBjcmlNQX5B&google_push=ASkJ3Fb9DBBx_XtxKm3g4W8eeLrdlYG3ooOACrdgsTTO1fZhRMFqq_cLL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HYWFVdlpkRTJ1RU0uX284Ukxxcmpnblh3RHBjcmlNQX5B&google_push=ASkJ3Fb9DBBx_XtxKm3g4W8eeLrdlYG3ooOACrdgsTTO1fZhRMFqq_cLL5-vRZQc3Ov5Eh2LTZHypR7jfSR5rhTcyhrqx_DTvVBw
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HYWFVdlpkRTJ1RU0uX284Ukxxcmpnblh3RHBjcmlNQX5B&google_push=ASkJ3Fb9DBBx_XtxKm3g4W8eeLrdlYG3ooOACrdgsTTO1fZhRMFqq_cLL5-vRZQc3Ov5Eh2LTZHypR7jfSR5rhTcyhrqx_DTvVBw
date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 120E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEGwhhSuSswudRwEkr7zbt4&google_cver=1&google_push=ASkJ3FZTGtJ_7rKJP...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQ1NTM4NzExMDkyMTcxNjMyNw%3D%3D&google_gid=CAESEEGwhhSuSswudRwEkr7zbt4&google_cver=1&google_push=ASkJ3FZTGtJ_7rKJPRX0mpffihEdwRDdBf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQ1NTM4NzExMDkyMTcxNjMyNw%3D%3D&google_gid=CAESEEGwhhSuSswudRwEkr7zbt4&google_cver=1&google_push=ASkJ3FZTGtJ_7rKJPRX0mpffihEdwRDdBfeNzcbWJRYtsCQz_LsyaKlQbGdz9pd9bzAyDnNtDok-SgDD7ISx3XqzLrLIsYHShyyd
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 09 Nov 2022 02:48:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5be1d57b-3bde-48c2-8a99-e4678e8b3bf8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQ1NTM4NzExMDkyMTcxNjMyNw%3D%3D&google_gid=CAESEEGwhhSuSswudRwEkr7zbt4&google_cver=1&google_push=ASkJ3FZTGtJ_7rKJPRX0mpffihEdwRDdBfeNzcbWJRYtsCQz_LsyaKlQbGdz9pd9bzAyDnNtDok-SgDD7ISx3XqzLrLIsYHShyyd
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 120E 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ig_fM6vorL-DyhH7-lDOjEONLbo8YAM8ZTCv4CPn-Gt5vF0VuBg3Jv5YJ7-VLq5Kt7mitIJfc
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame EEB9 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d354f5284b5e7a3933feb42d0008b99e0fe84cce0a822837167228d955e7a505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame EEB9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnDYEfuzhpmrI0SdrItlhBb4yeAlQhznEKP6sq1FDgoMPXJpbDphMQbCYohUQJy1FPfzaK30dRJPPaEvc355KDtOiEXWuC_uuqDbQIgD_nMF1hWm0XJpC12LzyVtsk1qYFygcx6k_NnIK1xZW6D-mliYptMdk3ccb-Us5ofXPz1kgZqA6dcQvff1BM2MXlmtOiFCDiEWMIgP4SVmUNBRA09ZFfKrXlShDRWlFQMJ7wupiGPZJLxxv_WSQ3I85SehU8ZK1qMTsZV6MV4-iDwy-Nhb4jl7mi6btb_MefePiKzvmLYcqBZsB0VIcbf2MY-3czguWAxzT37jZfoPuUa0Q&sai=AMfl-YTsM_Wlm8Be_C3-H-K40uDWPhEvFQ1p393w59wjM7LgftoBEc-ccoTcdwudWdr5P5M_CFXOUbo_IC5NckeDVtlqGrPI0dcEnEDcp3HBwsi7XL7xMwcLnCgbKsKTJVEy&sig=Cg0ArKJSzJIW7txNEcLYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 09 Nov 2022 02:48:03 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame BD91 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
Origin
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 12:10:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 12:10:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame BD91 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_k5NsoOHj1np_zzk1fMkD-yCMbGmQrsJPIPd3Dg5xCSuJ-0NF3YM1PSaKtT86MlgUbS7rGnYTiJb4rqzeQrsbCadPew&cry=1&dbm_d=AKAmf-C0Mg-XpV8DlJgv7gSVUjn7fVSrEsxQSZEr8fgPAfezjG6qyG7Cox_WBcGmNE5kK3lkx2V5YmGUEuzQpUYfM7SEpGWQlnWUvOOdQJ2537RG9O_S3PXD1rbnyW7-PNsXr8YYxhrDLHzJtVGgyuf_e3h80z-4l8tCkOwoTbUCvhme5pwSWjBrKl9cuKtlWYH6PrZ1pRla6i3BBBt2dGJ_QlNz47IZ-JoXdGKCm8_8UdifovKMNqiy2mSyWVOyKRFlNS2SqkBkYZE_Wf2qJ8EryRY48cTcBaV_5kK7PYIqDnGhgwNZHg6VHYRvGdP-mux_CrXzkKtjmyy1sYWsnVTBykQRDJCuV8oGZDipiy3ihwxNBXBqe5jbtUPFcxKWsiz6ILU9G-fWYWjeQxt8zLdGNnw1iPvf-I7HG8Cz55wB89BEZ1Htyi6owLpcOZ_DURAFRCZ9hOVd8J02spI07i2SwXHDjElWO0nx8-AAQosteoqJU5Gk3rioPf7yfkhq379ye9Nd14yf5CE9DuZAH_McamIp4E8JJG6OJKNiBUBaVhssbE-qkvKJCNV0ikEL8zWIRB1Dpqb8TKM-EOZtRUlY1ql_vf1Y0Jkn3jshfFdb9jP2p-_8i4856QtBtkd43fMZ7BJrkxd_S-5A9kj9YvrMoLHbwTySAIMmnrdZZyUORGGvH7xm0f12dWTFnHf7j9HktcJ2h7AyiShinv0WP1-R-aaJQZkIDNxf99yVLdenu7vz--HnUZ-FclhceuteXjoDCtjgiBc-753etf-d4DDuQcd7WhKvbcrLOBa8EGxbedu_NxNgDzWZLZ81UBdwQJsb5GU6LlrhoZ-XlsNY9lDtnqw2Anu_9w_KgYjLMvvzU8EwDa4QMn9ImhaH29A2ehzsA5tD2KjsSje8rtVNZCxggmQCaydX4NpLmKT7gj8nPtGDg2LzsMaQ2D36iJu9QZl33zbiAfMs4nXikFA_35Tuxy5EWewosy3ePKQ6qztxNZh4of0JvVbgIEoVazA24HC7yeUbCVLdrszJTjjZ2RofIBUqKH98f8T94BralMMwEPekN96U4om9GNvT-jzkXHWgqTVk1qcbIrcEm9_3hciKVgmFhYv0JYhySSMgLUTtOD9HuSR2UIFbLr3w8k96ibMDNGS_UAr2CPsEQmsMjsscaOmGNDFNbvCOwrBbYPeGyf_AMQ9ACFFBAz52pmmXpYFdAfTMGHEiLLYm6DyS150uV0PiVUwsgNrHNDbMIKBJ4A4xpCJLcw4GJyX5cPdghT1p_LRLvBud4CEBsNIefNtR035aOeQdJlsMeaamX_ax9y_qs4RRZvQQgAFY53wsaL5r3I1-xYwDRF0ZXCc_B75dKoBmFrUabqa3jJ92NmFe4UD8IOr2KXRt7-7slvaWRKdWgx0BhzQADSNsQ54oKZhyq8c4zrfFARQ4eI_k4PUb4cmHjTz5s-CfybodfXWq38f3nE8YogNvgcq3jj-S74LtEGqovCqJ64k-GZdgTlhatNsXNQiG3BpQLCJCwRyUoBC9CleYOHJiWik3YiUuTabvhWPtMHqOIAaLljGUbb65J8T3VZUNbce21Ai600fFr2Ih1-E9TblJhH0SOQeayHtLnrrnWPq4HdctXTJeuiy52nyFN7ihYjJ-n4o-M6Ay6DZ0GA9nJPHhtWgohNu8Zz9xqazlVTawXoYIshgVpPqWWlswvCvZTnRLDTI3DSF0y8yBRre9scAm2P7yNs4idKw4jEz1lcefqx5TkA50PEEowlsmNpF0PeZ8ZLmcA_NW7FJq2Otl1umaEBSXB5ODWbkvllFQcpHOHxLinzQNm_5LPFJe_FzqtGiwV-wMHjnqXF8aQBfIXFsoel2sVF_aMwO1YwXbyDsHjDQvVN3rG0QYWs76s4zk6pCZGU3c2N_w7I4AgXIxTnZwgtNqGJSrYpGCB2rHVi5pDng2EZ5oblMSL2VbBatR62dEQO3SohiLfnjQElicZ6OZgZG30Pg1C3q4Qn7YxWjO14Ko-E6vef2DUF_JCiPVz_o6iiFI5psbajlNS4BdQoZSVArWq1kE5DsDOzuVUAwXlgN8gaRwDeXWX2Of5_11m8HqVRlw064apcprJoAVTwPP2tQ-sRejfaqLHgGKbqBwhXZPLi6INEU-C-kuwidghvKk3_wDsMcDfY0kjG_IdK70BL61MO2EKzLFldJdVO7y7_-L1PqfynJolgjhkEIFbOfeJU7OUIVDS2J5_qVp81b8qKcYrIW9VvuNxAMBxKEzHACw21PuO_KQZxbbG-mIMOMxC2dZFKxUG9LgKCnLUQzB0hggTpLZMHaB6O1BHvjJRuPMl2--kvtQkvi-BsptBTxBGAklvrCQek-8OiNUYszRZAtqzLq19EiUFGcaxa8s90hDeViEIUSqc9Kf1ICsWAnJpw8ifl33Bld-pNAFwo0su3fFH0_ujC0MpWdkGBdmnFnW-4oNFYBX0fmc1CIQNWd9j-5LFh_Zi21Ux2LsY6DAJ8TcVcjHx8JgXX76qNSafb1mAoEGIsrZ72Wl04VcfxUogk2YJqW51xQNmOZ2yypfk4q2fYZ0j47sWJgF8sX0A47lktGVoEUIvqpD-6vR8dnNRZ_T8BFBkp38M5FIsDkxU7AprZeVWtdYXU57JFLXlgpcWnHR8oPkPtBrsk-tSIjH6QR0RFQ_ey6smH8QxV8idmMpfQTKbm-kCB_MCnzXmeV15L-1K_3JUPuE-0aZ2oyZr7CLlzB8_lA5sxmkrTaj6OmqB_Q964J00PNlJvQlg22g91PQcDndynMVMeYJlFRkde45csFHzB0NTTcrXBSwfMyLugCAQznmo1xkUVzebdyUdwKoxC-F4mM4OyOwUTe8BNWmWJqSKI2Giy9EqLNEWVZrWTo4uYTx82-koSVNzCEypBs2YL0Y-xy5ZhXKRKHFFadSgPUVg7cvS49VBFwyRfgW1P-W_OqiR4iMpyr6efOjZ7ucDFk-nyZ9A9HuAuwD72oxWlLtfJyoIjHlOaKR-M2UquS6E7a_w1Ghn0jxvZzYUmIUMamaSU5gNE12lUmou7blP_VFfwOvsVGHySx3rgetcPD0x0WphcGsJxGZaRa6AH56PvIMZLtUHTS3FIReYFLCRZ0Aiv9Dcu-0unxaMdtwy-rSZSrvsIfsUQt-gpYqpqlZJOtG198-a9oIrZiwvJCc1FriuiXCAC9UkI0F1FS7AJZu0sx7iKTF2KPySuWrL6pla4oS9nfJ67uRnKsr52eZoj3z78YJlrHvurec8mE7tb-_4JXIx4hHQOp5CQ&cid=CAQSOwDq26N9EpHyJ0KfqzFgzCWOw7PBy-Do8uxuYM_TTNJEP88Hc0bYkQ8lsl82OElXcwWZPMNf-bmlIRsUGAEgEw&rfl=1%2Chttps%253A%252F%252Fmedan.tribunnews.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
26576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 19:25:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame BD91 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_k5NsoOHj1np_zzk1fMkD-yCMbGmQrsJPIPd3Dg5xCSuJ-0NF3YM1PSaKtT86MlgUbS7rGnYTiJb4rqzeQrsbCadPew&cry=1&dbm_d=AKAmf-C0Mg-XpV8DlJgv7gSVUjn7fVSrEsxQSZEr8fgPAfezjG6qyG7Cox_WBcGmNE5kK3lkx2V5YmGUEuzQpUYfM7SEpGWQlnWUvOOdQJ2537RG9O_S3PXD1rbnyW7-PNsXr8YYxhrDLHzJtVGgyuf_e3h80z-4l8tCkOwoTbUCvhme5pwSWjBrKl9cuKtlWYH6PrZ1pRla6i3BBBt2dGJ_QlNz47IZ-JoXdGKCm8_8UdifovKMNqiy2mSyWVOyKRFlNS2SqkBkYZE_Wf2qJ8EryRY48cTcBaV_5kK7PYIqDnGhgwNZHg6VHYRvGdP-mux_CrXzkKtjmyy1sYWsnVTBykQRDJCuV8oGZDipiy3ihwxNBXBqe5jbtUPFcxKWsiz6ILU9G-fWYWjeQxt8zLdGNnw1iPvf-I7HG8Cz55wB89BEZ1Htyi6owLpcOZ_DURAFRCZ9hOVd8J02spI07i2SwXHDjElWO0nx8-AAQosteoqJU5Gk3rioPf7yfkhq379ye9Nd14yf5CE9DuZAH_McamIp4E8JJG6OJKNiBUBaVhssbE-qkvKJCNV0ikEL8zWIRB1Dpqb8TKM-EOZtRUlY1ql_vf1Y0Jkn3jshfFdb9jP2p-_8i4856QtBtkd43fMZ7BJrkxd_S-5A9kj9YvrMoLHbwTySAIMmnrdZZyUORGGvH7xm0f12dWTFnHf7j9HktcJ2h7AyiShinv0WP1-R-aaJQZkIDNxf99yVLdenu7vz--HnUZ-FclhceuteXjoDCtjgiBc-753etf-d4DDuQcd7WhKvbcrLOBa8EGxbedu_NxNgDzWZLZ81UBdwQJsb5GU6LlrhoZ-XlsNY9lDtnqw2Anu_9w_KgYjLMvvzU8EwDa4QMn9ImhaH29A2ehzsA5tD2KjsSje8rtVNZCxggmQCaydX4NpLmKT7gj8nPtGDg2LzsMaQ2D36iJu9QZl33zbiAfMs4nXikFA_35Tuxy5EWewosy3ePKQ6qztxNZh4of0JvVbgIEoVazA24HC7yeUbCVLdrszJTjjZ2RofIBUqKH98f8T94BralMMwEPekN96U4om9GNvT-jzkXHWgqTVk1qcbIrcEm9_3hciKVgmFhYv0JYhySSMgLUTtOD9HuSR2UIFbLr3w8k96ibMDNGS_UAr2CPsEQmsMjsscaOmGNDFNbvCOwrBbYPeGyf_AMQ9ACFFBAz52pmmXpYFdAfTMGHEiLLYm6DyS150uV0PiVUwsgNrHNDbMIKBJ4A4xpCJLcw4GJyX5cPdghT1p_LRLvBud4CEBsNIefNtR035aOeQdJlsMeaamX_ax9y_qs4RRZvQQgAFY53wsaL5r3I1-xYwDRF0ZXCc_B75dKoBmFrUabqa3jJ92NmFe4UD8IOr2KXRt7-7slvaWRKdWgx0BhzQADSNsQ54oKZhyq8c4zrfFARQ4eI_k4PUb4cmHjTz5s-CfybodfXWq38f3nE8YogNvgcq3jj-S74LtEGqovCqJ64k-GZdgTlhatNsXNQiG3BpQLCJCwRyUoBC9CleYOHJiWik3YiUuTabvhWPtMHqOIAaLljGUbb65J8T3VZUNbce21Ai600fFr2Ih1-E9TblJhH0SOQeayHtLnrrnWPq4HdctXTJeuiy52nyFN7ihYjJ-n4o-M6Ay6DZ0GA9nJPHhtWgohNu8Zz9xqazlVTawXoYIshgVpPqWWlswvCvZTnRLDTI3DSF0y8yBRre9scAm2P7yNs4idKw4jEz1lcefqx5TkA50PEEowlsmNpF0PeZ8ZLmcA_NW7FJq2Otl1umaEBSXB5ODWbkvllFQcpHOHxLinzQNm_5LPFJe_FzqtGiwV-wMHjnqXF8aQBfIXFsoel2sVF_aMwO1YwXbyDsHjDQvVN3rG0QYWs76s4zk6pCZGU3c2N_w7I4AgXIxTnZwgtNqGJSrYpGCB2rHVi5pDng2EZ5oblMSL2VbBatR62dEQO3SohiLfnjQElicZ6OZgZG30Pg1C3q4Qn7YxWjO14Ko-E6vef2DUF_JCiPVz_o6iiFI5psbajlNS4BdQoZSVArWq1kE5DsDOzuVUAwXlgN8gaRwDeXWX2Of5_11m8HqVRlw064apcprJoAVTwPP2tQ-sRejfaqLHgGKbqBwhXZPLi6INEU-C-kuwidghvKk3_wDsMcDfY0kjG_IdK70BL61MO2EKzLFldJdVO7y7_-L1PqfynJolgjhkEIFbOfeJU7OUIVDS2J5_qVp81b8qKcYrIW9VvuNxAMBxKEzHACw21PuO_KQZxbbG-mIMOMxC2dZFKxUG9LgKCnLUQzB0hggTpLZMHaB6O1BHvjJRuPMl2--kvtQkvi-BsptBTxBGAklvrCQek-8OiNUYszRZAtqzLq19EiUFGcaxa8s90hDeViEIUSqc9Kf1ICsWAnJpw8ifl33Bld-pNAFwo0su3fFH0_ujC0MpWdkGBdmnFnW-4oNFYBX0fmc1CIQNWd9j-5LFh_Zi21Ux2LsY6DAJ8TcVcjHx8JgXX76qNSafb1mAoEGIsrZ72Wl04VcfxUogk2YJqW51xQNmOZ2yypfk4q2fYZ0j47sWJgF8sX0A47lktGVoEUIvqpD-6vR8dnNRZ_T8BFBkp38M5FIsDkxU7AprZeVWtdYXU57JFLXlgpcWnHR8oPkPtBrsk-tSIjH6QR0RFQ_ey6smH8QxV8idmMpfQTKbm-kCB_MCnzXmeV15L-1K_3JUPuE-0aZ2oyZr7CLlzB8_lA5sxmkrTaj6OmqB_Q964J00PNlJvQlg22g91PQcDndynMVMeYJlFRkde45csFHzB0NTTcrXBSwfMyLugCAQznmo1xkUVzebdyUdwKoxC-F4mM4OyOwUTe8BNWmWJqSKI2Giy9EqLNEWVZrWTo4uYTx82-koSVNzCEypBs2YL0Y-xy5ZhXKRKHFFadSgPUVg7cvS49VBFwyRfgW1P-W_OqiR4iMpyr6efOjZ7ucDFk-nyZ9A9HuAuwD72oxWlLtfJyoIjHlOaKR-M2UquS6E7a_w1Ghn0jxvZzYUmIUMamaSU5gNE12lUmou7blP_VFfwOvsVGHySx3rgetcPD0x0WphcGsJxGZaRa6AH56PvIMZLtUHTS3FIReYFLCRZ0Aiv9Dcu-0unxaMdtwy-rSZSrvsIfsUQt-gpYqpqlZJOtG198-a9oIrZiwvJCc1FriuiXCAC9UkI0F1FS7AJZu0sx7iKTF2KPySuWrL6pla4oS9nfJ67uRnKsr52eZoj3z78YJlrHvurec8mE7tb-_4JXIx4hHQOp5CQ&cid=CAQSOwDq26N9EpHyJ0KfqzFgzCWOw7PBy-Do8uxuYM_TTNJEP88Hc0bYkQ8lsl82OElXcwWZPMNf-bmlIRsUGAEgEw&rfl=1%2Chttps%253A%252F%252Fmedan.tribunnews.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ebd2e1b961bbef77f1bf08b08af4dad8e349dfdf2bfcf7272d314c49cf23276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 14:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
44001
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11393
x-xss-protection
0
server
cafe
etag
8974296396314687744
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 14:34:42 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6AFC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:48:03 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6AFC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:48:03 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6AFC 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 04 Nov 2023 02:48:03 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6AFC 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 04 Nov 2023 02:48:03 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 6AFC 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=hz7a5Nz1ZI7H4G9UlhQIkphg1x82Corczs9s49Rjyb9bu6F4sJD5LJ3GP-MhsquyugMLw_7tj9kOm9FeKb_Co-IydYMQFf6U_syP5hlruKz3Vr-WdcqQwQ3ZNNc41cir35Ul2GFQMAUutPZZUp7fxFLwlfneLey3CawPr9vYY0HrVfqiz5R41A_qQtFWfp35EtE5J6147erGfaEu8-vhtktDtvGBUvPdLKPGUSaxb0Hb7CVR4T9IQZ_xsDAhnWvwGnLuvgcIcIzfssUTpOKEOYnNgg1eCCgWjhmdIbCJoDSQ1vCvFDrerKZOVQ9OAg7Lswm_Jz20Jw6kd5j64dESFax9AD3K0QL5jaCGMp4DyB0Zh86WereaJL23tJzQ0LLBYeP1Q2OGU3zVxHhC18tU4TKTKwusNAXFrVIpGQjo-ef6jdoUUUSuQHHsbjBNbWdy_N12tw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3718269
expires
Mon, 26 Jul 1997 05:00:00 GMT
b142b50d-6455-47b6-9689-b53e6559c454
https://medan.tribunnews.com/ Frame 5F30 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://medan.tribunnews.com/b142b50d-6455-47b6-9689-b53e6559c454
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
8e6dbd81-e677-49e3-999b-4e508bf3a75c
https://medan.tribunnews.com/ Frame 5F30 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://medan.tribunnews.com/8e6dbd81-e677-49e3-999b-4e508bf3a75c
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
ipromNS.js
cdn.ipromcloud.com/ Frame 0294 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipromcloud.com/ipromNS.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd234b334fc7d6fba124700207cda93e9e043174d08bc85cd17d7fd07cca523b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn2
age
1927
cf-polished
origSize=59327
referrer-policy
no-referrer
cf-bgj
minify
last-modified
Tue, 25 Oct 2022 11:32:22 GMT
server
cloudflare
etag
W/"6357c946-e7bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
76733a300d0d9235-FRA
showad.js
ads.pubmatic.com/AdServer/js/ Frame 97A3 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50398
content-encoding
gzip
content-length
13946
content-type
text/html
date
Wed, 09 Nov 2022 02:48:04 GMT
expires
Wed, 09 Nov 2022 16:48:02 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame F0F6 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156479&siteId=961895&adId=4462245&adType=10&adServerId=243&kefact=0.046076&kaxefact=0.046076&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1667962082&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.041299&dcId=3&tldId=0&passback=0&svr=BID22633U&adsver=_58432382&adsabzcid=0&cls=BID&i0=0x3100000000000000&ekefact=4hRrY-DHBADFncAu-IUl56SU-bbSNuen8xZ2GrnJGTuMUdDi&ekaxefact=4hRrY_XHBAA6eXnvDAj9bmiuk9zqqUaeyh_3Mlq_fUOqliTh&ekpbmtpfact=4hRrYwfIBADWiKgepNu0o9y6-A3knAUPoj6lhHWsymCyZAiU&enpp=4hRrYxjIBAAzv--IkXqChQSXmoiflv2yDPyCqPEwHSgM_C-y&pfi=1&domId=7137948530833482826&dc=AMS&crID=1002293&lpu=www.portoroz.si&ucrid=9967652842780484261&campaignId=23357&creativeId=0&pctr=0.000000&wDSPByrId=518&wDspId=1277&wbId=0&wrId=0&wAdvID=1283542&wDspCampId=176006&isRTB=1&rtbId=6C27811F-9C23-4B0A-9CC4-ABA50E48F13B&cksum=BDE554FD871E1070&ver=2&dateHr=2022110902&imprId=DA8571D8-047B-4509-BD66-A6404C1178B3&oid=DA8571D8-047B-4509-BD66-A6404C1178B3&cntryId=58&sec=1&pAuSt=3&wops=0&sURL=medan.tribunnews.com&BrID=5
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 09 Nov 2022 02:48:03 GMT
expires
0
pragma
no-cache
80c498f8-1fdb-4426-9035-45677ca1f047
https://medan.tribunnews.com/ Frame 7F9D 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://medan.tribunnews.com/80c498f8-1fdb-4426-9035-45677ca1f047
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
45852aae-9bc6-4616-8815-58ae00b16474
https://medan.tribunnews.com/ Frame 7F9D 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://medan.tribunnews.com/45852aae-9bc6-4616-8815-58ae00b16474
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6AFC 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
507282
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0T62iNxwRICo%2FaP9MsmMna3cQXo5n9dPUiDJ8M%2FXqjje%2FfDEN%2BTATGMW9XRjKYGh02BhStL%2BnBKiVFt1Q2pHbMOOZ2zAz8pbwSkPX%2FtW1WcR8Pywy4V1f1yu2w0JWUhnWiX6EKXBhYci45DJiquSw%2Be"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76733a307a159268-FRA
expires
Mon, 30 Oct 2023 02:48:03 GMT
animejs.js
static.criteo.net/animejs/ Frame 6AFC 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:48:03 GMT
bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame 6AFC 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-de74"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:48:03 GMT
9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame 6AFC 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-e7e4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:48:03 GMT
img
pix.eu.criteo.net/img/ Frame 6AFC 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fcfcfee59-548c-4bcc-b128-a655a3d7b001_a1fb1950-2c0f-4717-8da2-a331dccb7f00.jpg&v=3&w=400&s=Sb884htkLrvuV-TcShjQDqhM&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
2d943dff9157aa052782c6f28f77fac0b3e81f3a42048cd26e073de9909b56c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1060371
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
45262
expires
Mon, 21 Nov 2022 09:20:55 GMT
img
pix.eu.criteo.net/img/ Frame 6AFC 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fd7988bd9-ad75-4dff-a946-5dc0ad36c5ba_790fa574-18f8-411b-9a2f-9bd188367371.jpg&v=3&w=400&s=yxuyF0iU-gmXHT0xMuCJgwp0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a8aa09d577615e444eaace7291ce0414602596a1f68ce907deb4d6b7d848e9a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=670462
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
46260
expires
Wed, 16 Nov 2022 21:02:26 GMT
img
pix.eu.criteo.net/img/ Frame 6AFC 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fc09c8df8-93c2-48f2-9c97-af23e6c13213_f2a59ef5-a20d-4634-ac9a-6ea0737564fc.jpg&v=3&w=400&s=7Czn6NBV7tu3z-CggcN9EKKe&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
268f0e998ee64950986d2fd6dd9ac2de8f2f0096f58386e2833845f90b3a8c87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=571442
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
62802
expires
Tue, 15 Nov 2022 17:32:06 GMT
img
pix.eu.criteo.net/img/ Frame 6AFC 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F6bf48214-4ac7-4a4a-becf-7d333f9845bd_10572b23-ce5d-4127-acf8-93491667d4f1.jpg&v=3&w=400&s=fv5-1sT96ZoRjRl7_lXyNNAK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
2de221ab0a7e4eadcdae03e1a114edc3ee8978bf37c74945fdf2abf12c24337e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1000104
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21788
expires
Sun, 20 Nov 2022 16:36:28 GMT
all
csm.eu.criteo.net/ Frame 6AFC 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=2IYMIOdDmiuBhOL69QgfHhpuM6UQKkKQyBRkYdaOj3BIuRWyU7EIH2p1g6UcLD8iLpCfkaas33JNdClxu8koUrhdocBBJPAG-dSH-O7ePeiU40O6FbYgOw2j3w9uuq3RHab57M6xQC_Ave2t7J7Sx3h5vM49MVVlIJFYcyp5q_jdtoE_rmPMQnOR4_zRZsXPqgpVTJAyHL7KQ4Purc6FFvOw_1aKnhzAS2eKq6f_1MOG0jd0pWe233zBJ2nMy3hiU8KeAg&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6AFC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:48:03 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6AFC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:48:03 GMT
728x90_R42_alemania.html
s0.2mdn.net/sadbundle/14262351684860381711/728x90_R42_Alemania/ Frame 370B 		74 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14262351684860381711/728x90_R42_Alemania/728x90_R42_alemania.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79707050706511d99642da0eb61cc0a5804e62306e7f87801194faaa87c51955
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
392592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
14523
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 04 Nov 2022 13:44:51 GMT
expires
Sat, 04 Nov 2023 13:44:51 GMT
last-modified
Wed, 12 Oct 2022 12:47:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BD91 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuPbf9BDZMPAyKeQG6GAQ0hl4diuFbgFSPyAaSGzXstt5hyJG6HnGDNgk471kp05uQHMdGJVc5FyDAKx6hY_KgNfnnY2JrJ-guqV2Sren6pTwoIbHewF5CQ3YYKA7bePyhqg1uuTk-E2Er2u8DfQEnPkWZ8b1eMCOsHk-e4cTVDIMEdwMKxwpJLHOqmn6W3mBlcowwOdgKF66fZMTN-eyyvHnqJgvWrUS2zrgjxo5jEbP69hle4PwYX0XmaToqyIUpiiysAPM9qC9ZEheIq8DRAdSNuUa9NYKHgTAqjQaSMRrP6-d6c6UtlZ1kF4YwM80MBRpV4-lzrkwwQDpCz0h2p1qw9StaMtu-tmIc4kq5v5KshJ0v3GcrzVnDQ7wvZTjXdJ2E4CI9SrtPy4wYvPBboj68gB58oh7g3jAa2-KW0mwvAh6FH9i0cR4sCtHTpz2S0R7sBRfufkOsxVO0Zk41bnQKFhKQ58DC56Q6YVaBdXwyetM5yBvVuT5uxg1-v-5cgpqf-7Q0sjJXKwbPKNItp4LOj-MvqwC2SVf3HGj1QIJhGOhL6W62JT_FhMjoQLKnHVrrblLSp-G9_cxYq-y4ktqWJVJ1Nq-9rP0gCNTU4GJWvSjweoc518rSgL1ylgBFmbl4Bmn9gBhJqWEOpzxHlQV0Us8c25UQd4VgjzuizVEQ5yrbDGVOIIvHRxDxhwSv13E61m6HhTTRMJO6Jq-tr47DMCiF-Q6ssRR_M8zBT1Kve3IUDHEQbTI7jhoHIH1kiAggWzL_o38c-KbfmQcJjZxuvMpbrZTdycfGocA2fI0QdFHeuVq9Yd-SUIUR_4rarbKMkRipa8mXUbEnTx7dV3pMbhAuT5wNb-qs4Eoj62nNWb5psII_nS2E9KGyfT7o0hiIQ7XXg9WT2xsLbIK3atWzSdb3NWAJ00iI0oHeirnnW332t8YiqgJM3Ayk4oP9qYcF_z4ErYWQQRDa9Wdps1mHtKCqI7FIN58WhW-2OCyVqUKiwDyK5uDnYbE2Kqw-MY_uQBSLWQl-yfFVdSHm0HDXbP_JK091j3pSzget23ixnS1llPkKAci3J7NZMcfcTUpOycLLFKsT-myCcX_zOajfkh6R0bGLhFbI7Bdn8zj6yCeUn6q16lX7OJEeaxVFjCARsG5Mexer1ZhcQjqg-xRJUNon3M3OtTiFqAS8IiENbOoa7e56LbsKRGVpCJQ3IrnSdWzA7gXoYCAnqda-pXr0znUFTCw&sai=AMfl-YQP-cBzmGpPI6qUdL6XDMQNgPyuymBSTOXpYBZh9vCaHr9lHz66U4yGLGr5wCd3cDnfvKdh_wb3vA5dGbmr3Ebj1vL_laF4NFfaJ0azwcdn9AkY4fMANvbZqzgRfoAhIWF6EIgdHBb8ntTMn-wM-2XDDrNyAo_2BbQhT9N8AKMYk0DQUcXoH5uuZpsRnhGfUp9bcFZBT4A3ZLAYjflEWM9384790OVHhmEA366E1HthZFNUPOHA0cfULEN15H8bhclCs7_CPlI&sig=Cg0ArKJSzH5SnzSJuv6DEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=187&cbvp=1&cstd=184&cisv=r20221101.60731&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 09 Nov 2022 02:48:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 09 Nov 2022 02:48:04 GMT
f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4
static.criteo.net/design/dt/2000/220429/ Frame 6AFC 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2000/220429/f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4?ibv=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 29 Apr 2022 11:40:29 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626bcead-23ac33"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2337842/2337843
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
2337843
expires
Sat, 04 Nov 2023 02:48:03 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BD91 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 11:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
401040
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 11:24:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 410C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
48916
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 13:12:47 GMT
etag
48472445140208031
expires
Wed, 09 Nov 2022 13:12:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BD91 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8d4812c92feb4b36b6c79c4b3b05af6634eb09461c30e317ded49bc96bacd25

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
Utils.js
cdn.ipromcloud.com/script/ Frame 0294 		96 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipromcloud.com/script/Utils.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55511a5882ecdf9328bd21234e78719d9e55b1802b024526e2178572a7419d83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn2
age
4287
cf-polished
origSize=98983
referrer-policy
no-referrer
cf-bgj
minify
last-modified
Fri, 28 Oct 2022 13:13:48 GMT
server
cloudflare
etag
W/"635bd58c-182a7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cf-ray
76733a30fe0c9235-FRA
createjs.min.js
code.createjs.com/1.0.0/ Frame 370B 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14262351684860381711/728x90_R42_Alemania/728x90_R42_alemania.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:f::213:7ed6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Wed, 09 Nov 2022 03:03:04 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E08F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
401041
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 04 Nov 2022 11:24:03 GMT
expires
Sat, 04 Nov 2023 11:24:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 410C 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFMKT6eRsxjSHqLc0jQeGzE&google_cver=1&google_push=ASkJ3FYmHUeTHsLNu3M2m7aX0Rnr9EJIRtvZ-XvGcX01PEUkhLehdlMa1hVkkU7jUFD7qpO_Uh7gFgKAlw4qisfn-h7h2wpON8k
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 410C 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBsWSNFdhmgdvvUcWuPCWtI&google_cver=1&google_push=ASkJ3FYPGdOs2T3R4I9kKxwiLwEpimXGB2VUiKkLxiuAPw4_LiWDAUoNpYp4oUvnW8SIaGuzGdkT7oWBJg8APFg9pCTq2pKAeO4
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 410C 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAX55TEN1zIHRJVXjzfM090&google_cver=1&google_push=ASkJ3FYM_wTWesJH9Wxe_xJA6BeSawH-JAaHouUOqu0nv3CoJqMAECsBwqQteXd27Gf9S4rQDkChD1Sdx11KgpxMApPmm-Ehywc
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 410C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELN5AlE4dzW3p0OQ1a0nSvI&google_cver=1&google_push=ASkJ3Fa9_Rn7z1c7wF9NoHd1CEZ81NOKgHQbvyVuHkQSdbRBEx-KYiee7BH8K7FPs3TqZhK92uFt_JC2l7pfA0TGOjhy...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELN5AlE4dzW3p0OQ1a0nSvI&google_cver=1&google_push=ASkJ3Fa9_Rn7z1c7wF9NoHd1CEZ81NOKgHQbvyVuHkQSdbRBEx-KYiee7BH8K7FPs3TqZhK92uFt_JC2l7pfA0...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=727f9ad9-7e01-480e-bb0b-9f6f6f81ee7a&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fa9_Rn7z1c7wF9NoHd1CEZ81NOKgHQbvyVuHkQSdbRBEx-KYiee7BH8K7FPs3TqZhK92uFt_JC2l7pfA0TGOjhyJ2utOSM&google_hm=Q-OQFf_fQImU6t9PknUXgw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fa9_Rn7z1c7wF9NoHd1CEZ81NOKgHQbvyVuHkQSdbRBEx-KYiee7BH8K7FPs3TqZhK92uFt_JC2l7pfA0TGOjhyJ2utOSM&google_hm=Q-OQFf_fQImU6t9PknUXgw==
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fa9_Rn7z1c7wF9NoHd1CEZ81NOKgHQbvyVuHkQSdbRBEx-KYiee7BH8K7FPs3TqZhK92uFt_JC2l7pfA0TGOjhyJ2utOSM&google_hm=Q-OQFf_fQImU6t9PknUXgw==
Date
Wed, 09 Nov 2022 02:48:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 410C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEA47ghyfwqdKHm2Ffnx2FGc&google_cver=1&google_push=ASkJ3FbUmpHalie-blqnGYyvRQvvp8WbeGk8SeSa2O1R93a2Gy8fm--6JrQB2BTQKi9z1-iAYmQZ2T76DimRZAV0yYbG2fM...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FbUmpHalie-blqnGYyvRQvvp8WbeGk8SeSa2O1R93a2Gy8fm--6JrQB2BTQKi9z1-iAYmQZ2T76DimRZAV0yYbG2fMh49k&google_hm=ODgzNzQ2NzY5OTM2NDgwNDI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FbUmpHalie-blqnGYyvRQvvp8WbeGk8SeSa2O1R93a2Gy8fm--6JrQB2BTQKi9z1-iAYmQZ2T76DimRZAV0yYbG2fMh49k&google_hm=ODgzNzQ2NzY5OTM2NDgwNDIxNA%3D%3D
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 09 Nov 2022 02:48:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FbUmpHalie-blqnGYyvRQvvp8WbeGk8SeSa2O1R93a2Gy8fm--6JrQB2BTQKi9z1-iAYmQZ2T76DimRZAV0yYbG2fMh49k&google_hm=ODgzNzQ2NzY5OTM2NDgwNDIxNA%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 410C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENBm-uwEM_MYC3eHO5lM-QA&google_cver=1&google_push=ASkJ3FZnLaQkxzoypXArJgLhbm4TWO_vOUprO0qinYyZfaAV35pIGv8FakSDfi9e4OyPThgw7A...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HYWFVdlpkRTJ1RU0uX284Ukxxcmpnblh3RHBjcmlNQX5B&google_push=ASkJ3FZnLaQkxzoypXArJgLhbm4TWO_vOUprO0qinYyZfaAV35pIGv8Fa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HYWFVdlpkRTJ1RU0uX284Ukxxcmpnblh3RHBjcmlNQX5B&google_push=ASkJ3FZnLaQkxzoypXArJgLhbm4TWO_vOUprO0qinYyZfaAV35pIGv8FakSDfi9e4OyPThgw7AhbNQE1HeMLQ7yPQ0PJ80IXPMgr
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HYWFVdlpkRTJ1RU0uX284Ukxxcmpnblh3RHBjcmlNQX5B&google_push=ASkJ3FZnLaQkxzoypXArJgLhbm4TWO_vOUprO0qinYyZfaAV35pIGv8FakSDfi9e4OyPThgw7AhbNQE1HeMLQ7yPQ0PJ80IXPMgr
date
Wed, 09 Nov 2022 02:48:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 410C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHZOYV6Ra_WtEubviBqbU_w&google_cver=1&google_push=ASkJ3FbZ6I3rQR7f0Czwp_9qicqHASrRV--rCn9qtCaqqPerjwN3735LaJS1YyoOwrv8tCGVgracKloY3Rv...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FbZ6I3rQR7f0Czwp_9qicqHASrRV--rCn9qtCaqqPerjwN3735LaJS1YyoOwrv8tCGVgracKloY3RvYN_XTQwYtP2xTck76
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 410C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0OCDztzQe_SWOSFd2dlK8bg1fVPx9-qhhd5aeYer1FuNequMVTynpuBQR_VwhgdLuadHVIxY
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4
static.criteo.net/design/dt/2000/220429/ Frame 6AFC 		43 KB
43 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2000/220429/f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4?ibv=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
434617e06c4d3176788c95bdff63a22e66bbd49ea472374b3a55e30e44f2b70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range
bytes=2293760-

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 29 Apr 2022 11:40:29 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626bcead-23ac33"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 2293760-2337842/2337843
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
44083
expires
Sat, 04 Nov 2023 02:48:04 GMT
Classic.js
cdn.ipromcloud.com/script/format/ Frame 0294 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipromcloud.com/script/format/Classic.js?cb=20221109
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b839340ff9cba10d1c57c359d96a0f7364dd5f14452f341ec25b7586261575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn2
age
1059
cf-polished
origSize=4282
referrer-policy
no-referrer
cf-bgj
minify
last-modified
Mon, 08 Aug 2022 10:55:21 GMT
server
cloudflare
etag
W/"62f0eb99-10ba"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
76733a318ea89235-FRA
events.php
log.r2b2.io/ 		9 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.r2b2.io/events.php?u=https%3A%2F%2Fmedan.tribunnews.com%2F&hbDomain=tribunnews.com
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
webgarden-track-lb-ha.vshosting.cz
Software
nginx /
Resource Hash
6b723ee9ed05292161c3bcec441a4ccada7f8ccd29b221b7941830f24409218e

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:47:55 GMT
content-encoding
gzip
last-modified
Wed, 09 Nov 2022 02:48:04 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
expires
Tue, 01 Jan 2000 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 97A3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89607551&p=156479&s=961895&a=0&ptask=DSP&np=0&fp=1&rp=0&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d83fb16dd04f64506a6f9abb8bafe780c4e737ff33890a1b09df8c30abbcb13a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 09 Nov 2022 02:48:02 GMT
content-length
2009
content-type
text/html; charset=UTF-8
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Nov 2022 02:48:04 GMT
lemon.png
s0.2mdn.net/sadbundle/14262351684860381711/728x90_R42_Alemania/ Frame 370B 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14262351684860381711/728x90_R42_Alemania/lemon.png?1646227002995
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16971205410c03fa80c5adfd3699db96fb75d6952b03ca4e7687fda84f6f5a48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14262351684860381711/728x90_R42_Alemania/728x90_R42_alemania.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 12:08:44 GMT
x-content-type-options
nosniff
age
484760
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33274
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 12:47:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 12:08:44 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BD91 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuPbf9BDZMPAyKeQG6GAQ0hl4diuFbgFSPyAaSGzXstt5hyJG6HnGDNgk471kp05uQHMdGJVc5FyDAKx6hY_KgNfnnY2JrJ-guqV2Sren6pTwoIbHewF5CQ3YYKA7bePyhqg1uuTk-E2Er2u8DfQEnPkWZ8b1eMCOsHk-e4cTVDIMEdwMKxwpJLHOqmn6W3mBlcowwOdgKF66fZMTN-eyyvHnqJgvWrUS2zrgjxo5jEbP69hle4PwYX0XmaToqyIUpiiysAPM9qC9ZEheIq8DRAdSNuUa9NYKHgTAqjQaSMRrP6-d6c6UtlZ1kF4YwM80MBRpV4-lzrkwwQDpCz0h2p1qw9StaMtu-tmIc4kq5v5KshJ0v3GcrzVnDQ7wvZTjXdJ2E4CI9SrtPy4wYvPBboj68gB58oh7g3jAa2-KW0mwvAh6FH9i0cR4sCtHTpz2S0R7sBRfufkOsxVO0Zk41bnQKFhKQ58DC56Q6YVaBdXwyetM5yBvVuT5uxg1-v-5cgpqf-7Q0sjJXKwbPKNItp4LOj-MvqwC2SVf3HGj1QIJhGOhL6W62JT_FhMjoQLKnHVrrblLSp-G9_cxYq-y4ktqWJVJ1Nq-9rP0gCNTU4GJWvSjweoc518rSgL1ylgBFmbl4Bmn9gBhJqWEOpzxHlQV0Us8c25UQd4VgjzuizVEQ5yrbDGVOIIvHRxDxhwSv13E61m6HhTTRMJO6Jq-tr47DMCiF-Q6ssRR_M8zBT1Kve3IUDHEQbTI7jhoHIH1kiAggWzL_o38c-KbfmQcJjZxuvMpbrZTdycfGocA2fI0QdFHeuVq9Yd-SUIUR_4rarbKMkRipa8mXUbEnTx7dV3pMbhAuT5wNb-qs4Eoj62nNWb5psII_nS2E9KGyfT7o0hiIQ7XXg9WT2xsLbIK3atWzSdb3NWAJ00iI0oHeirnnW332t8YiqgJM3Ayk4oP9qYcF_z4ErYWQQRDa9Wdps1mHtKCqI7FIN58WhW-2OCyVqUKiwDyK5uDnYbE2Kqw-MY_uQBSLWQl-yfFVdSHm0HDXbP_JK091j3pSzget23ixnS1llPkKAci3J7NZMcfcTUpOycLLFKsT-myCcX_zOajfkh6R0bGLhFbI7Bdn8zj6yCeUn6q16lX7OJEeaxVFjCARsG5Mexer1ZhcQjqg-xRJUNon3M3OtTiFqAS8IiENbOoa7e56LbsKRGVpCJQ3IrnSdWzA7gXoYCAnqda-pXr0znUFTCw&sai=AMfl-YQP-cBzmGpPI6qUdL6XDMQNgPyuymBSTOXpYBZh9vCaHr9lHz66U4yGLGr5wCd3cDnfvKdh_wb3vA5dGbmr3Ebj1vL_laF4NFfaJ0azwcdn9AkY4fMANvbZqzgRfoAhIWF6EIgdHBb8ntTMn-wM-2XDDrNyAo_2BbQhT9N8AKMYk0DQUcXoH5uuZpsRnhGfUp9bcFZBT4A3ZLAYjflEWM9384790OVHhmEA366E1HthZFNUPOHA0cfULEN15H8bhclCs7_CPlI&sig=Cg0ArKJSzH5SnzSJuv6DEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=391&vt=11&dtpt=204&dett=3&cstd=184&cisv=r20221101.60731&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 09 Nov 2022 02:48:04 GMT
2881558891e1bd80089e69e64c9f3f8a_300.png
a.ipromcloud.com/2022/176006/ Frame EEB9 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2022/176006/2881558891e1bd80089e69e64c9f3f8a_300.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6263b27d0957bde641d24aa9880e911551ce94b5e6e99d3c14d500cef72c0933

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
cf-cache-status
HIT
x-cdn
cdn2
age
6480
cf-polished
origFmt=png, origSize=41895
content-disposition
inline; filename="2881558891e1bd80089e69e64c9f3f8a_300.webp"
content-length
35654
referrer-policy
no-referrer
cf-bgj
imgq:100,h2pri
last-modified
Thu, 03 Nov 2022 13:34:31 GMT
server
cloudflare
etag
"6363c367-a3a7"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76733a31ff3a9235-FRA
truncated
/ Frame EEB9 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
b9392fdb-6575-44a6-b718-a0c987c6fa51
de-core.iprom.net/h/log/ Frame 0294 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de-core.iprom.net/h/log/b9392fdb-6575-44a6-b718-a0c987c6fa51?hts=202211090348&type=i&ppp=0.041000&referer=https%3A%2F%2F55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html
Requested by
Host: 55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.63.45.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.45.45.63.178.clients.your-server.de
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
x-core-time
35ms
vary
Accept-Encoding
content-type
image/gif
x-server-arch
v2
connection
close
content-length
43
x-adserver-worker
de-komodo-3f4f4b2ea117@version_1.530v2
PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
pagead2.googlesyndication.com/bg/ Frame E08F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16184
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 19:30:53 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Nov 2022 02:48:04 GMT
strawberry.png
s0.2mdn.net/sadbundle/14262351684860381711/728x90_R42_Alemania/ Frame 370B 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14262351684860381711/728x90_R42_Alemania/strawberry.png?1646227002995
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
521c1113b5d07fd116632aa107fb1ad7878425a1b97cc182e5befd3827ca3f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14262351684860381711/728x90_R42_Alemania/728x90_R42_alemania.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 22:03:54 GMT
x-content-type-options
nosniff
age
449050
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33628
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 12:47:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 22:03:54 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FA9B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6255431256272086534
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6255431256272086534
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Nov 2022 02:48:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6255431256272086534
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 5164
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c1f5636b-14e4-4400-a145-cf6c006fd218&gdpr=0&gdpr_consent=
42 B
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c1f5636b-14e4-4400-a145-cf6c006fd218&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Nov 2022 02:48:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 09 Nov 2022 02:48:05 GMT
Expires
Wed, 09 Nov 2022 02:48:04 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4629 97bee97 master nrt-pixel-x17 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c1f5636b-14e4-4400-a145-cf6c006fd218&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 389B 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:48:03 GMT
expires
Wed, 09 Nov 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
328260
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0B3A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F33F0C0E-D372-4006-9D31-A0EE0DCD713B&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F33F0C0E-D372-4006-9D31-A0EE0DCD713B&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F33F0C0E-D372-4006-9D31-A0EE0DCD713B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 09 Nov 2022 02:48:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZDBQJ05NZP08DZMS92D4

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 09 Nov 2022 02:48:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F33F0C0E-D372-4006-9D31-A0EE0DCD713B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XZG6BE2B8CVV7QZ5WPAH
Pug
image2.pubmatic.com/AdServer/ Frame CCDD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2455387110921716327&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2455387110921716327&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Nov 2022 02:48:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
4084eec8-6ffa-45cd-8ed4-855d5620cee3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 09 Nov 2022 02:48:04 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2455387110921716327&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
37.58.58.245; 37.58.58.245; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 97A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjMzRjBDMEUtRDM3Mi00MDA2LTlEMzEtQTBFRTBEQ0Q3MTNC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 09 Nov 2022 02:48:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 97A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBrBZEUmM1ArmbidNSoCqm4&google_cver=1
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBrBZEUmM1ArmbidNSoCqm4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 09 Nov 2022 02:48:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBrBZEUmM1ArmbidNSoCqm4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 97A3 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 08 Nov 2022 02:48:04 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 97A3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8974553998113243072
42 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8974553998113243072
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 09 Nov 2022 02:48:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8974553998113243072
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 97A3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
css
fonts.googleapis.com/ Frame 5F30 		3 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Nov 2022 02:48:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 00:52:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Nov 2022 02:48:04 GMT
css
fonts.googleapis.com/ Frame 7F9D 		3 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Nov 2022 02:48:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 01:01:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Nov 2022 02:48:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E08F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFbqO4xRrY_fSJbeJ9u8P6pq_wAcAAAAAOAHgBAI&bg=!5uWl5aHNAAZPh4lnb4c7ACkAdvg8WjDCx1uH_T_gm3MFoVnP2c19PfHHN8xl288Cvix7X3xgqkSWiAIAAACMUgAAAAJoAQeZAu14Kh0jPhYio13b09LcVzkJvZ8XxAtXgwOes6TIcIML0xpmiPkjap7VHafpYwbE3LLfC0Ti6I16qYCiNRFycjBzVuyaqMNCqVo2JU0-n2pgmuJaeBqjLhD8btE0n4tb6nLQMfgjmIx3ysq6UpbFaqqJ-QUhM-LB5Tqb_lcbcqMfIUzFlgHbw1G_yzy4b6jKXpumRiUYP9L8Ojz7v3w9j7zIvEQYYwwxTXl2XV0gIhokIFpKgRu687K-bjjwRvaXPLQ8VjaJa8yqgJqbaGuBdhtaXRdlBgRxr-nsQyyPRIURGZCIcksqgyWUMZQdsnRz5DRh9MtdMX0bGjDcRlruSOWhwYU_rQW6JdTJcC1ORrds8K4M4XRTL5h0n59eTyRJ0rfYTK_rYUFczZPztogvnxIxuaqiCUudais7AILXGQGe2LPYf9fdXVtQbpup_nHe8ug-gnSV2N9Kmy9svC3T7T1rE4SArzK3_1xYxWl7BisWib6VVjgix6Yw_7a0Jurdrw9-Mx5lzti_TXW77Ts4qK5HB-B5FUBIV52xR5oQdXuJ10iBsz3ve5pdcS7Q-R1NUtkAkz6m5wgc18oL5IGh8766AQzLOYS4YiuQZcPgYLytHHNM9ZiRQs6eOujSdBVQ_aArb56-iLc3s7JLWuM1NvxR8jkEdKjT7yMLCLH59P1nTOtryaiR-BNLx1x07MD3qd67b5ch4rQU6PPXHTkAax-QpuLntXyX67EmXLWFoQl_ZqEjiqFI8KsrOLeFwIZhxOtqKly2ehIKoEQ_O3Gn42zVnCwuVy_2UrpYY5K7HKghb-BiirqllJ1QScVXpZJ1lMt4l3wzLUYZA7cnCGwy_vtLTyXqgR86lVIX7dTzV-g1h7lPPwYq2pFtPAFRnCsTReN1bUePbW8H3UHiaceFsODafnygFnK123f7xUj-nkQoSpFqQczxcAJ7dCP3kY1G_-q-N6GVWL3ndCfNOJIfEn96XhM-pBe5buCedlSbJQ
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.mgid.com/pv/ Frame 5F30 		0
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1667962084336543279080&uniqId=181de&lct=1667433600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fmedan.tribunnews.com%2F&lu=https%3A%2F%2Fmedan.tribunnews.com%2F&sessionId=636b14e4-0afd2&pageView=1&pvid=1845a499bf08e33bae9&site=535833&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76733a332a459066-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
5caa361c-000f-4d77-9f71-2fa070dec34a
https://medan.tribunnews.com/ Frame 5F30 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://medan.tribunnews.com/5caa361c-000f-4d77-9f71-2fa070dec34a
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
bab1556b-4cd6-4e37-acc3-666d69c6c9cf
https://medan.tribunnews.com/ Frame 7F9D 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://medan.tribunnews.com/bab1556b-4cd6-4e37-acc3-666d69c6c9cf
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 5F30 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
1SAKNE8T99VM7FFV
age
2156
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
76733a335a8b9066-FRA
expires
Thu, 10 Nov 2022 02:48:04 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 5F30 		836 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQP2P0ZGAY0CMXJ
age
2125
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
76733a335a8a9066-FRA
expires
Thu, 10 Nov 2022 02:48:04 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 5F30 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 18:52:55 GMT
x-content-type-options
nosniff
age
114909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 18:52:55 GMT
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 7F9D 		2 KB
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
1SAKNE8T99VM7FFV
age
2156
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
76733a335a869066-FRA
expires
Thu, 10 Nov 2022 02:48:04 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 7F9D 		836 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQP2P0ZGAY0CMXJ
age
2125
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
76733a335a889066-FRA
expires
Thu, 10 Nov 2022 02:48:04 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 7F9D 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 18:52:55 GMT
x-content-type-options
nosniff
age
114909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 18:52:55 GMT
rid
match.adsrvr.org/track/ 		63 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
33e7f560f60b7c79a83ffb2ca21a1ab747f35c084ca71a9b717707952664b73c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 09 Dec 2022 02:48:04 GMT
1
servicer.mgid.com/1181811/ Frame 5F30 		1 KB
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1181811/1?pv=5&cbuster=1667962084416941032963&uniqId=181de&lct=1667433600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=300&h=92&maxw_1=300&maxh_1=72&cols=1&ref=&cxurl=https%3A%2F%2Fmedan.tribunnews.com%2F&lu=https%3A%2F%2Fmedan.tribunnews.com%2F&sessionId=636b14e4-0afd2&pageView=1&pvid=1845a499bf08e33bae9&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256cabeda4a8a6e7a0798a8f812f734f62ea6bc4bf78ac0a1ce1b730e1186b68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
76733a33aaf89066-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1210784/ Frame 7F9D 		1 KB
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1210784/1?mp4=1&ap=1&w=300&h=92&maxw_1=300&maxh_1=72&cols=1&pv=5&cbuster=1667962084421626845809&uniqId=0c892&lct=1667433600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fmedan.tribunnews.com%2F&lu=https%3A%2F%2Fmedan.tribunnews.com%2F&sessionId=636b14e4-0afd2&pageView=0&pvid=1845a499bf08e33bae9&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b8a0c210c7983e72a0ac0d3b33a04f7ae70d2955e18000707f36641b125fe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
76733a33aafa9066-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
newidgen
traid.jixie.io/api/ 		115 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/api/newidgen
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
f49203d89327943a5db3d5bc4d2fb2a3faa535b68cf47573c9576804b7005947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Wed, 09 Nov 2022 02:48:04 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
W/"73-JOuLo2UqUfOZgJdBVdVJuEw2+mQ"
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 5F30 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQZ016TJQM3CQAQ
age
3870
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
76733a33eadcbb53-FRA
expires
Thu, 10 Nov 2022 02:48:04 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 5F30 		836 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQP2P0ZGAY0CMXJ
age
4970
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
76733a33eadfbb53-FRA
expires
Thu, 10 Nov 2022 02:48:04 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEyNTMwOC8zYTI4Y2ZkZTI3N2M4N2UxY...
s-img.mgid.com/g/12350568/492x328/-/ Frame 5F30 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12350568/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEyNTMwOC8zYTI4Y2ZkZTI3N2M4N2UxYjgzYTEwZTFhYmFmZjY2Zi5wbmc.webp?v=1667962084-ybR5fTToyPQE03VZAHxHCsZcrXkduEHqqT8YLx5Axpo
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd12cec30eae0522b933497982b5c6bd19a3943226f95cc052bc789c142717d0

Request headers

Referer
https://medan.tribunnews.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
cf-cache-status
HIT
last-modified
Wed, 09 Mar 2022 14:59:28 GMT
x-mg-request-uuid
d4365ab1-2af7-4a3c-a0ee-b5b51e947567
server
cloudflare
age
447963
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
76733a342c9dbbb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17828
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 7F9D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQZ016TJQM3CQAQ
age
3870
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
76733a33faefbb53-FRA
expires
Thu, 10 Nov 2022 02:48:04 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 7F9D 		836 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQP2P0ZGAY0CMXJ
age
4970
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
76733a33faf1bb53-FRA
expires
Thu, 10 Nov 2022 02:48:04 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEyNTMwOC8zYTI4Y2ZkZTI3N2M4N2UxY...
s-img.mgid.com/g/12350568/492x328/-/ Frame 7F9D 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12350568/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEyNTMwOC8zYTI4Y2ZkZTI3N2M4N2UxYjgzYTEwZTFhYmFmZjY2Zi5wbmc.webp?v=1667962084-ybR5fTToyPQE03VZAHxHCsZcrXkduEHqqT8YLx5Axpo
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd12cec30eae0522b933497982b5c6bd19a3943226f95cc052bc789c142717d0

Request headers

Referer
https://medan.tribunnews.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
cf-cache-status
HIT
last-modified
Wed, 09 Mar 2022 14:59:28 GMT
x-mg-request-uuid
d4365ab1-2af7-4a3c-a0ee-b5b51e947567
server
cloudflare
age
447963
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
76733a342ca0bbb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17828
i.js
cm.mgid.com/ Frame 5F30 		0
101 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1667962084480406893252
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
76733a341b649066-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame 3885 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1667962084496514332983
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
76733a341b749066-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i.js
cm.mgid.com/ Frame 7F9D 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1667962084498602698200
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
76733a342b819066-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame 6ACF 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1667962084511270676457
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
76733a343ba29066-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
id5-api.js
eu-1-id5-sync.com/api/1.0/ Frame 5F30 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu-1-id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e229684c6d477c13045d7ba26038f1b53dd5df183368aa385c669d9c7e863739
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
873
x-amz-request-id
KV5DN5WRPRBCKGJ4
x-amz-server-side-encryption
AES256
x-amz-id-2
LABXru1MTwEiKKFSxsHUSLKRnijIA3ozgfebf3IZxhrWtem90qO0c0tMW6cSwJ1QGUj4Yxy/GM8=
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
etag
W/"68154020ef14b5881614607902c7c21b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3YXTAf6G9bxFg4CQYRlnVgtuNlFVHbrWyeI%2B6a%2B4oTjepQ2DKVIU6psVrtJlgJsiZ1wY4NCXZtZen2bDNwJxmSTFYhtBXjOewqHbRO1HsLZBuMhZ4JnhO%2BmkLp3aXTVhnTl1eMYm5k2SXBYIXkY"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=14400
cf-ray
76733a346e8ebb8f-FRA
id5-api.js
eu-1-id5-sync.com/api/1.0/ Frame 7F9D 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu-1-id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb9f93b8d90d798effb99e4e0ae7ca44faad8d3e1ca9bfc08dbdb45cac082926
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
873
x-amz-request-id
KV5DN5WRPRBCKGJ4
x-amz-server-side-encryption
AES256
x-amz-id-2
LABXru1MTwEiKKFSxsHUSLKRnijIA3ozgfebf3IZxhrWtem90qO0c0tMW6cSwJ1QGUj4Yxy/GM8=
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
etag
W/"68154020ef14b5881614607902c7c21b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2siA0%2BF5%2B85AVJ1CWjt4u4CuZ8ZZg29RTNEfqFFlxRajA7BM10kM1omrsJM0cilPKt0ja6uhzi2hDq1dh55zfasnkm3axWNcGOB1jjtzMC7lSuBxE1YNwVIO9Hld%2FPbMF6pFUEVJ3hDn4IzdDg4h"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=14400
cf-ray
76733a346e92bb8f-FRA
v1
lb.eu-1-id5-sync.com/lb/ Frame 5F30 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
3d110efc1cffac3c4fee8827be5ec2c8c6a96ccb82df391f9b9103cfb9c7f8a0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ Frame 5F30 		54 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
62a5f8248a613e724a38a5a8b647b2e59dd29ae1f856ce27b50dad9cc469f0b8

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 9 Nov 2022 02:48:04 GMT
content-length
54
vary
Origin
content-type
application/json
v1
lb.eu-1-id5-sync.com/lb/ Frame 7F9D 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
b4858746760a58a41ea45a93706a25bec1647b88bfe68d538d5856991b552823
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ Frame 7F9D 		54 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4f3479563e67e2fa321bd9c1b142313b27e2726957168ba9c025c1a2b83b6494

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 9 Nov 2022 02:48:04 GMT
content-length
54
vary
Origin
content-type
application/json
231.json
id5-sync.com/g/v2/ Frame 5F30 		216 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
1978eacf9c76dbb3cbfe2831af2fc1ce275b2c8d458636d80c3430b7136cc7e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
231.json
id5-sync.com/g/v2/ Frame 7F9D 		216 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f21afb7a4aef45ed34b6b308b7900d462b08aaab8119b2ac78ab6574b95bd80e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 09 Nov 2022 02:48:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 2377 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWONbGpxuxRdWedqIw_2IrgrKkuIuFDveKGtMiYjA7aGyLdGUUUyzIM2HI2j5UOICA57KGJG2dJJxMmbv2Wx5YjrM&sig=Cg0ArKJSzFN6soQgaLbsEAE&cid=CAASF-RoERLadHX7nfOo0CiX9ci3BrPAqPpf&id=lidar2&mcvt=1000&p=537,1075,1137,1375&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221107&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=645028135&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667962083486&rpt=279&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CDD6 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLMZS5JcZ1uy4MULls1WLTxNYskZwQHkvbSWRPOBA-73-c3Ry0TX1_mDB2IvgZXaB-pOnStCEWxz9K1o3mhU83QYSkHhv3WYtZB79LiHj1vxmPSF4I_FPnJbPlWygOEKzg4-mvpQ&sai=AMfl-YTURDv3y05a3dbKVVa20xwFnVkGxQZyx6oyUN5UiCseZSBjjcAZMeBvLV3ye5AQlDi4fTh7zYjFxL1EJai-nQ6hiwP7P4ac7JccO1FMKbTdv2y1FyoNRlinp8TiTw&sig=Cg0ArKJSzENRKFtuwCB7EAE&cid=CAQSOwDq26N9EpHyJ0KfqzFgzCWOw7PBy-Do8uxuYM_TTNJEP88Hc0bYkQ8lsl82OElXcwWZPMNf-bmlIRsUGAEgEw&id=ampim&o=225,537&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=363&tls=1363&g=100&h=100&tt=1363&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prod
traid.jixie.io/sync/ 		180 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
376cf68f2e64ee5d99e42f5a534ef8a4e8a788c369e2ce44421501cf01234d21

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Wed, 09 Nov 2022 02:48:05 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
edce5350-5fd8-11ed-9c17-e32a36d7d501
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
prod
traid.jixie.io/sync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://medan.tribunnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://medan.tribunnews.com
Connection
keep-alive
Content-Length
0
Date
Wed, 09 Nov 2022 02:48:05 GMT
Server
elb
Vary
Origin, Access-Control-Request-Headers
X-Powered-By
Express
activeview
pagead2.googlesyndication.com/pcs/ Frame BD91 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4YCdCUe2eQmFSwwrKUGv4VHl46EnU8Qow6oHzG3xlqGtNF91lHVMaaByQpVEumbFeru4CqaNnFYv4OgieHPMYMSUML4_oxt_LxbB9VBDAI-aEQdSWAIZVvui2GMM2SJ7AWpc_Pg&sai=AMfl-YSg3JIsrn3C8AWx-r8GNQ73xcdl-gfI0WzK1Bu8kVkGdrbstETcZkoskBmETzuX4UTm16jDF2jR_NjmcSot9pSwYsyJSceiJPtg7EdYKKMoHOCz8_E7VFXQ8XUijw&sig=Cg0ArKJSzJnai5A01ueQEAE&cid=CAQSOwDq26N9EpHyJ0KfqzFgzCWOw7PBy-Do8uxuYM_TTNJEP88Hc0bYkQ8lsl82OElXcwWZPMNf-bmlIRsUGAEgEw&id=lidar2&mcvt=1000&p=180,436,270,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221107&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1151295369&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667962083483&rpt=492&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 6AFC 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=2IYMIOdDmiuBhOL69QgfHhpuM6UQKkKQyBRkYdaOj3BIuRWyU7EIH2p1g6UcLD8iLpCfkaas33JNdClxu8koUrhdocBBJPAG-dSH-O7ePeiU40O6FbYgOw2j3w9uuq3RHab57M6xQC_Ave2t7J7Sx3h5vM49MVVlIJFYcyp5q_jdtoE_rmPMQnOR4_zRZsXPqgpVTJAyHL7KQ4Purc6FFvOw_1aKnhzAS2eKq6f_1MOG0jd0pWe233zBJ2nMy3hiU8KeAg&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2sU4gAPNJkH_YlyAAI_ED7aIb1I56Otyd-akg&u=%7C9XFdU7mZtBJa0AK3RbnjeyHkK9FW5E0nvDt3sN8SMi4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCHUNrTrBjjRkzLel2cV0UIN50vESl8bAPvyYv0zKov61hwadX3tDRilmsZK_ei-IHghb9el17KH6LNxhjNAScyKo5evJm4lYKjax7xfM9Xqe3KvKC11CLjnU2GlDeK4VmeFnFLhW1GnvKS3FLqcj4Z9JCAqkKOkzPK7wPB70s0WVZPXsjo9Kryf1ZxY73DgG7-PykpHJ0aJwCyt49d84W4bdMjTbROdxHbhMfMGmS-cvXna0yvIQD_itbuGF6bQtS9XNnGCBSvGF2626AuorS_fUL_1vLetUXm2ba3I4T3FCh6oNxyoUdqieVCW_6PtbPBhvoJrsouwgU6XyVITqst7hMkT7UgZ5cgFzrFzoKx5_RHIoneYOYTEpG2cig3rdGdT1XwmpoasyNcZaMV0r8Uh53z509DaKT1_90oU0ETSb8ZAhS92mA65NXErR695DMFrRs2cRZnwLTan_gzpghRj-V0Q9O3csCLNRHu6SBZ23Gw4xu1MTvk7fT1Y_om9pLBDXc0CPFrg9GP6arXXcYUMtEuoicAphOJoFkJCXnm1vvSM5e_v-TeAK12b8El1_Kt_3dKxp47veQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUtov4hRrY5npPPKS9u8PkP6IWMme0rFc1Z2R93DAjbcBEAEgAGCVgqKCsAeCARdjYS1wdWItNzc4NDAzNDA2MTI1MzAyMMgBCakCe4Op-63lsD7gAgCoAwGqBO0BT9DKdmNoE0tQlLbyORjvtgRglE9eq-RAafvJwZl16JMFYT1IzxV8b8JKL6t_EONmJVdO5VCxtm5R50yJAPN3LBwhe-fn7DqpsfxhehTNbAqsguzYarUMXxcYdJmpBYkNaWxpHCqBxZ475aoNZexbUhF5GVjmeFZsmJAAaVHPp0V9oNtf6rugs45gN75PPllstMLdVoBZiivQ29wyVukhZVI5aCo3uFf2LTPIGI530DPo5qb-AfeYKGhZR59V8rGA6rJVOgDZ5Twupkf3lJxi3p-lvTZDLgs6hUAwOWd0cT-vAX15leNcK7onqDKQ4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0l8oNkRBciyeQ-fb_NqypBM71PPw%26client%3Dca-pub-7784034061253020%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 09 Nov 2022 02:48:04 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
b9392fdb-6575-44a6-b718-a0c987c6fa51
de-core.iprom.net/h/log/ Frame EEB9 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de-core.iprom.net/h/log/b9392fdb-6575-44a6-b718-a0c987c6fa51?hts=202211090348&type=v&referer=https%3A%2F%2F55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.63.45.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.45.45.63.178.clients.your-server.de
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:05 GMT
x-core-time
1ms
vary
Accept-Encoding
content-type
image/gif
x-server-arch
v2
connection
close
content-length
43
x-adserver-worker
de-erebus-77188325db0d@version_1.530v2
isdeleted
apis.kompas.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/isdeleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-30.ams1.r.cloudfront.net
Software
nginx / PHP/7.3.28
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://medan.tribunnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
access-control-allow-methods
POST
access-control-allow-origin
https://medan.tribunnews.com
access-control-max-age
0
cache-control
no-cache, private
date
Wed, 09 Nov 2022 02:48:05 GMT
mail-subject
Join_via_header
server
nginx
vary
Origin
via
1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
we-hiring
jobs@kompas.com
x-amz-cf-id
oi76fM5BfZN5PEVMoK7Vs3OTE70jXrnYp977O08-EeJBfmhM1Qvgkw==
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-powered-by
PHP/7.3.28
x-xss-protection
1; mode=block
isdeleted
apis.kompas.com/api/ 		183 B
985 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/isdeleted
Requested by
Host: t-1.tstatic.net
URL: https://t-1.tstatic.net/js/kgmedia/tribunnews/ssouser.min-1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-30.ams1.r.cloudfront.net
Software
nginx / PHP/7.3.28
Resource Hash
e9f38a034a7e5f0ebf6fa2c3b0ba3160034db7045d540d792e84808406e863cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medan.tribunnews.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Nov 2022 02:48:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
x-powered-by
PHP/7.3.28
x-cache
Miss from cloudfront
mail-subject
Join_via_header
we-hiring
jobs@kompas.com
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
cache-control
private, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
8otL8_QfF7N2aIZAKQp4JDpYfaz_HYttI7o4Kz6QRNiAOGrXNETaKw==
expires
-1
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e55917d5416a650876baa9bdbe652e0ca548bc0b6b720f48d572e4eba64196a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11226
x-xss-protection
0
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=657538641912-e5c2itnmne4v4ple558a79fi6kkb3iau.apps.googleusercontent.com&as=VsWqJPYh66RGTkPcUOvDeQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbc2f9ebe7aa5936ee6a09b22181f69899d89e6e8696648aec6bbbe0b9ab4d76
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-fN-GVHWI22xQw-7ChFb5IA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-fN-GVHWI22xQw-7ChFb5IA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 7B8B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=medan.tribunnews.com
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:48:04 GMT
server
Kestrel
server-processing-duration-in-ticks
335400
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 02:48:05 GMT
sid
mug.criteo.com/ Frame 7B8B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=tribunnews.com&sn=ChromeSyncframe&so=0&topUrl=medan.tribunnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=2tEqJnw5blVzdWs5aHkvZGxMaWFOOWduN2FnbXJIWGNaUDRaTGlZSkdMeXZGeWZMY1FnOVo4VVdyY1pMZS92VG9NODBPeXd6NjNsSTRTdFExUmNuV3dtZ1NrQXJKYlYyaXNQOWVjN1JXd2JrUThYZkJ1ZEFqSDBOZndMZ1...
436 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=2tEqJnw5blVzdWs5aHkvZGxMaWFOOWduN2FnbXJIWGNaUDRaTGlZSkdMeXZGeWZMY1FnOVo4VVdyY1pMZS92VG9NODBPeXd6NjNsSTRTdFExUmNuV3dtZ1NrQXJKYlYyaXNQOWVjN1JXd2JrUThYZkJ1ZEFqSDBOZndMZ1RqSDJUSGF3Mkk5MmRNS2cwb0w2d2lxaTJXUGtIMzhRQTd6NUh3REhKbTQvSVl6cHUrSTN3OE5ncVVUT1lVYWxzZ0wySXlWb3RYaGNYWXpQV3EyaG5GMTU3WmFEYkJuR2t6VE1FVXZvWVZaYU5qYThRbnkyYVJoUStmOWx5cTBKckRIK2hMaXB5ODhTZzR6TW5wb0VpRys3WkxoSXB4VjdtdmVxdTdBSFJSRWZCbjM0eW1jcz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d3ffa17f3dc26586adc21eee5a2b07e32f8213cb314f56a680d11a353c9217a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2219961
expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=2tEqJnw5blVzdWs5aHkvZGxMaWFOOWduN2FnbXJIWGNaUDRaTGlZSkdMeXZGeWZMY1FnOVo4VVdyY1pMZS92VG9NODBPeXd6NjNsSTRTdFExUmNuV3dtZ1NrQXJKYlYyaXNQOWVjN1JXd2JrUThYZkJ1ZEFqSDBOZndMZ1RqSDJUSGF3Mkk5MmRNS2cwb0w2d2lxaTJXUGtIMzhRQTd6NUh3REhKbTQvSVl6cHUrSTN3OE5ncVVUT1lVYWxzZ0wySXlWb3RYaGNYWXpQV3EyaG5GMTU3WmFEYkJuR2t6VE1FVXZvWVZaYU5qYThRbnkyYVJoUStmOWx5cTBKckRIK2hMaXB5ODhTZzR6TW5wb0VpRys3WkxoSXB4VjdtdmVxdTdBSFJSRWZCbjM0eW1jcz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
306946
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D50E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
26057
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 19:33:48 GMT
expires
Wed, 08 Nov 2023 19:33:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 60CE 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
86053277b7695697f73dfbf1cff945552bcfc7a0e9ec4f1b7c873af3a91a886a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9tOpDKCP44T-3ets5SyfMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-9tOpDKCP44T-3ets5SyfMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:48:05 GMT
expires
Wed, 09 Nov 2022 02:48:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
pagead2.googlesyndication.com/bg/ Frame D50E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16184
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 19:30:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 60CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110301&jk=3596572478205433&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D50E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tSu6Zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4
static.criteo.net/design/dt/2000/220429/ Frame 6AFC 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2000/220429/f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4?ibv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range
bytes=851968-

Response headers

date
Wed, 09 Nov 2022 02:48:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 29 Apr 2022 11:40:29 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626bcead-23ac33"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 851968-2337842/2337843
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
1485875
expires
Sat, 04 Nov 2023 02:48:05 GMT
sync
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pd
u.openx.net/w/1.0/ 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
F33F0C0E-D372-4006-9D31-A0EE0DCD713B
pr-bh.ybp.yahoo.com/sync/pubmatic/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084922454641992&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=43e39015-ffdf-4089-94ea-df4f92751783&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/F33F0C0E-D372-4006-9D31-A0EE0DCD713B?gdpr=0&gdpr_consent=
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/F33F0C0E-D372-4006-9D31-A0EE0DCD713B?gdpr=0&gdpr_consent=
Protocol
H2
Server
2a05:d018:d29:3601:d9a0:8a83:a4c7:eb08 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/F33F0C0E-D372-4006-9D31-A0EE0DCD713B?gdpr=0&gdpr_consent=
date
Wed, 09 Nov 2022 02:48:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
126
content-type
text/html; charset=utf-8
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110301&jk=3596572478205433&bg=!Hh2lHVnNAAZPh4lnb4c7ACkAdvg8Wiv_reOl9jX7hXlV5KP1STotyCNM2ousM9eAykG9Bw_fQ8dL0gIAAABFUgAAAAhoAQcKACxKevO0G5cUakc-vvvuNIxqA9va85MltMKKP0V-Ij7BQ6X3ILq6eNcp9qghJZkCrWvvy3zyjSE3nKPhUq5AUXoMAIXczhpyZCG0-6gtp6vfLkwoENpRRDN1XcLdfp8VZCpxTPwv6YqycKXJMQgFVRh04pWppbr-mU47MBCbhMPGd8GeuZGbhyKVCxclFu6hL7wNPjUdEPoY2WBvoj48NMBohdO9izOgWD7j-XD4VT_i9-xwFvGn0Z1fDm3_I0oGw8ejOPa5TWAiG7U0-aVV118JbIy8XhlfYqqZ2K70cpDjhE0HXwaixVl2cMXMJ_bLo62JTTA21Tu05wqvBXpaVsM1tjZa6st0tnqnuizQCbMcRW4YhXWzlYfnhEnR4J1_ji3N56FBDD4Q4SI9Vrr-kSctcLCft8UFjIr2t0KWhi7EoJ-1bLRT6JBAZU-Slr3Drk_ZfJlL2CG4TiFT4UocY65PFOanbpH3MXXcIMHFVDidg3yZ5ImeeUnrj2kvgHIXskNX8PpARfIjqNgaSDp2utdEocCjHHTDz4h3X6YvQUAN55xjdPZ4B06rG0WAEe_H2fLHtBVYRUVe4G8Aw-F0GJGvmsem8M7j6EzmbS4ZZVcXpjerjFmNTHjblcWB-d-I2uZRQvvhr5oEbTXbywSJ__yhbb2mwKmUs8-jhiUnxYKwcwrzYRoImPEIe9_hNHfzvFJqLZ7bRDjVoIvlFcqY5uWE9tr5NV34d7IxD-WVsSvZeravpQJX_vOmIAmT1oj3MnTRlCyDGvH-RczUI4ICtqw6SjNaTKMIMzh12pq-iZS5z8MUVWdfGBW6MMO8IRJ1AtBGkBj4fK_IC7xpgUUIkFf9KXBio6nxND_arCrhiBcmeQ_cm7XeHF54ft9JdnSfk0v8FO_8bFs5QstWBEIPo6E07zGtTZRLoad9OSVQWBIIe8XyigS-iiXcjFw-TbHEq3ZHIVtl1xpcHe3g8js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame 97A3 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156479&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:48:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FYJCTGV1LV&gtm=2oeb70&_p=1822125748&cid=1793639517.1667962082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667962082&sct=1&seg=0&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&dt=Tribun-medan.com%20-%20Berita%20Terkini%20Medan&en=pageview&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DFP7BBGFWN&gtm=2oeb70&_p=1822125748&cid=1793639517.1667962082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667962082&sct=1&seg=0&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&dt=Tribun-medan.com%20-%20Berita%20Terkini%20Medan&en=UA%20pageviews&ep.domain=medan&ep.content_type=homepage&ep.agent=mobile&_et=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:48:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| dataLayer object| AdTrack object| pbjs object| googletag function| myAdDoneFunction function| SpotXPrebidRegular function| getCookieUid string| uuid__ number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits function| sendAdserverRequest function| GLightbox function| getVignette object| d object| ggeac object| google_tag_data object| google_js_reporting_queue function| moveScroller_menu function| moveScroller_sec number| ia number| ibc function| loadmore function| moveScroller_boxright function| moveScroller_menu2 function| lozad object| _comscore object| core object| __core-js_shared__ object| firebase string| site object| uuid_c object| ukid string| id string| jixie_id string| city string| useragent string| uuid function| setCookie function| getCookie object| Base64 object| script string| curr_url string| full_domain string| domain_login string| domain_name string| service string| p_id object| pbjsChunk object| _pbjsGlobals object| _jxbidsq object| __gcse object| FB object| COMSCORE function| udm_ object| ns_p undefined| google_measure_js_timing object| google_reactive_ads_global_state object| din object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| ajaxload function| ajaxload2 function| fbox function| fbox_close function| login function| register object| jQuery183037427236751220705 object| Criteo object| google_tag_manager string| GoogleAnalyticsObject function| ga object| jixie_o object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_36458 object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_standalone_132 object| Criteo_standalone_132 object| __buffer object| gaplugins function| onYouTubeIframeAPIReady object| gaData object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| Criteo_prebid_123 object| jxtrkr number| timeout string| actionjixie object| jixie_p object| _mgPageViewEndPoint535833 object| _mgPageView535833 string| _mgPvid object| ls object| GoogleGcLKhOms object| google_image_requests

67 Cookies

Domain/Path Name / Value
.tribunnews.com/ Name: 3bun_session
Value: sra2p9m04euutbfs7i990gdk3l00o850
.tribunnews.com/ Name: vignette_cookies_tribun
Value: 1
medan.tribunnews.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.tribunnews.com/ Name: _ga_FYJCTGV1LV
Value: GS1.1.1667962082.1.0.1667962082.60.0.0
.adnxs.com/ Name: icu
Value: ChgI59lKEAoYASABKAEw4qmsmwY4AUABSAEQ4qmsmwYYAA..
.adnxs.com/ Name: uuid2
Value: 2455387110921716327
.rubiconproject.com/ Name: khaos
Value: LA91K3GO-H-F9NC
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/Ej5REbsbIdybLJGe4Ni1ThWK2euPP2lVg3CRi4Lg8bJKy+53D7/+e9FVkiLHYMiY0umbGBgRAsmA3KY++jymV4//OcAOQ2chXQTS1P2tDIGrA==
.tribunnews.com/ Name: _ga_DFP7BBGFWN
Value: GS1.1.1667962082.1.0.1667962082.60.0.0
.tribunnews.com/ Name: __gpi
Value: UID=00000b7eb13c7ab0:T=1667962082:RT=1667962082:S=ALNI_MYZgHnJ9DHbuaRWXM3F5n0QAgKvJg
.tribunnews.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.tribunnews.com/ Name: _ga
Value: GA1.2.1793639517.1667962082
.tribunnews.com/ Name: _gid
Value: GA1.2.133919355.1667962082
.tribunnews.com/ Name: _gat_UA-15224089-38
Value: 1
.jixie.io/ Name: _jxx
Value: edce5350-5fd8-11ed-9c17-e32a36d7d501
.jixie.io/ Name: _jxxs
Value: 1667962082-edce5350-5fd8-11ed-9c17-e32a36d7d501
.doubleclick.net/ Name: IDE
Value: AHWqTUmkw_Uc1Y75S82xm8kp6HNb8zvNqkY3UlkVx0JcYtUTBi5KcQYaJc4hO6Zy6Uc
.tribunnews.com/ Name: __gads
Value: ID=46b7434a59539b63:T=1667962082:S=ALNI_MZ1dCTAP1Jt2-dnB2Q8xgj-4dGc6g
.mgid.com/ Name: __cf_bm
Value: o_NsApFqfAB_X5JveeeQqb22m9fTGUuc78xne5v6.QA-1667962083-0-AYlOkBckybJWUYMcLsCmtu+S+2AHwLtzo0yGEGKlG/cvWE5bNvSib7QrN2bVTt/V6pzyFMz8u9zqOD4049Eil8U=
.casalemedia.com/ Name: CMID
Value: Y2sU47IEFbVLuucReTZNMwAA
.casalemedia.com/ Name: CMPS
Value: 2176
.casalemedia.com/ Name: CMPRO
Value: 2176
.doubleclick.net/ Name: DSID
Value: NO_DATA
.3lift.com/ Name: tluid
Value: 1289724569263501757325
.simpli.fi/ Name: suid
Value: 5D7C610D4B95421A95AC369DD908FD52
.de17a.com/ Name: guid
Value: 1.6255431256272086534
.yahoo.com/ Name: A3
Value: d=AQABBOMUa2MCEAoOHWtBsaW8bRHZbxYp9h0FEgEBAQFmbGN0YwAAAAAA_eMAAA&S=AQAAAsQOapFZ8B4vFRRSaVPBxAk
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?isw:OO!]tbPl1M>e)ZlrFUfJ+tGXxoXMdOQzOR^qw?5Qt+CC5oIBG*ef`dYulGQ)sI3If)y3KL9D3I?+[[B@pb
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~286q
.quantserve.com/ Name: d
Value: EHsBCQHEJ4EA
.quantserve.com/ Name: mc
Value: 636b14e4-19dc2-a9aed-ce6ea
.bidswitch.net/ Name: tuuid
Value: 43e39015-ffdf-4089-94ea-df4f92751783
.bidswitch.net/ Name: c
Value: 1667962084
.bidswitch.net/ Name: tuuid_lu
Value: 1667962084
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F33F0C0E-D372-4006-9D31-A0EE0DCD713B
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8974553998113243072
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2455387110921716327&KRTB&23339-2455387110921716327
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBrBZEUmM1ArmbidNSoCqm4&KRTB&16514-CAESEBrBZEUmM1ArmbidNSoCqm4&KRTB&23025-CAESEBrBZEUmM1ArmbidNSoCqm4&KRTB&23386-CAESEBrBZEUmM1ArmbidNSoCqm4
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6255431256272086534
ads.avct.cloud/ Name: uuid
Value: 727f9ad9-7e01-480e-bb0b-9f6f6f81ee7a
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8974553998113243072&KRTB&23263-8974553998113243072
medan.tribunnews.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fmedan.tribunnews.com%2F%22%2C%22svsds%22%3A2%7D%2C%22C1181811%22%3A%7B%22page%22%3A1%2C%22time%22%3A1667962084464%7D%2C%22C1210784%22%3A%7B%22page%22%3A1%2C%22time%22%3A1667962084472%7D%7D
.amazon-adsystem.com/ Name: ad-id
Value: A-T7bN2x8Euqp18ThffPeBk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
medan.tribunnews.com/ Name: _jxx
Value: edce5350-5fd8-11ed-9c17-e32a36d7d501
.tribunnews.com/ Name: _jxx
Value: edce5350-5fd8-11ed-9c17-e32a36d7d501
medan.tribunnews.com/ Name: _jxxs
Value: 1667962082-edce5350-5fd8-11ed-9c17-e32a36d7d501
.tribunnews.com/ Name: _jxxs
Value: 1667962082-edce5350-5fd8-11ed-9c17-e32a36d7d501
medan.tribunnews.com/ Name: _jx
Value: edce5350-5fd8-11ed-9c17-e32a36d7d501
.tribunnews.com/ Name: _jx
Value: edce5350-5fd8-11ed-9c17-e32a36d7d501
medan.tribunnews.com/ Name: _jxs
Value: 1667962082-edce5350-5fd8-11ed-9c17-e32a36d7d501
.tribunnews.com/ Name: _jxs
Value: 1667962082-edce5350-5fd8-11ed-9c17-e32a36d7d501
.mathtag.com/ Name: uuid
Value: c1f5636b-14e4-4400-a145-cf6c006fd218
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:c1f5636b-14e4-4400-a145-cf6c006fd218&KRTB&16736-uid:c1f5636b-14e4-4400-a145-cf6c006fd218&KRTB&23019-uid:c1f5636b-14e4-4400-a145-cf6c006fd218&KRTB&23208-uid:c1f5636b-14e4-4400-a145-cf6c006fd218
.criteo.com/ Name: uid
Value: 1b68b380-4450-4f10-bbe6-ed4f56a061a1
.tribunnews.com/ Name: cto_bundle
Value: DQfrRV9HJTJCMjNrVkQyejRGYlR5YnJ4N1BreXo2Q0tnNW5JNW10JTJCJTJCMVBYeW04M2dPQkJPSU5IVkxJMjJDeWhQd2hNU1hMWmhhdzJibWh6ZWh2V1JNYU9xR0glMkZYU0R5anBUbGlVeFp4b3liQVU5WjFsQXpNN2hFNCUyRktaZmtXeDVDJTJCT3doOFNPQXd4TnUzUUN5WVhUWUZJMFFSbHclM0QlM0Q
.pubmatic.com/ Name: pi
Value: 156479:3
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjIxNTEzMbS0NBLiM9RNKrIIDnMMz0mqLLMAAMvFhhMlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmZuaWZkYGFmZGgBANWIUHIQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjIxNTEzMbS0NBLiM9RNKrIIDnMMz0mqLLMAAMvFhhMlAAAA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-43e39015-ffdf-4089-94ea-df4f92751783
.pubmatic.com/ Name: PugT
Value: 1667962085
.pubmatic.com/ Name: SyncRTB3
Value: 1669161600%3A21_3_7_56_13_54_220_71_161_251%7C1669248000%3A35%7C1668816000%3A63
.pubmatic.com/ Name: ipc
Value: 156479^^1^0
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: SPugT
Value: 1667962085

4 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
other warning URL: https://55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.tstatic.net fonts.google.com adservice.google.co.id adservice.google.com *.gstatic.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google-analytics.com datastudio.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io *.jixie.io *.criteo.com i.connectad.io *.mgid.com *.facebook.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

55f848ea2d9a48de4cab00d0c9c229d0.safeframe.googlesyndication.com
a.ipromcloud.com
a.teads.tv
aax-eu.amazon-adsystem.com
accounts.google.com
ads.avct.cloud
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
apis.kompas.com
asset.kompas.com
bidder.criteo.com
c.mgid.com
c1.adform.net
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.ipromcloud.com
cdn.jsdelivr.net
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
code.createjs.com
connect.facebook.net
cse.google.com
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
de-core.iprom.net
delivery.r2b2.io
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
etarget-emea.adnxs.com
eu-1-id5-sync.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.jixie.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jsc.mgid.com
kompascybermedia-d.openx.net
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
log.r2b2.io
match.adsrvr.org
maxcdn.bootstrapcdn.com
medan.tribunnews.com
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pix.eu.criteo.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prg.smartadserver.com
prg8.smartadserver.com
r2b2-emea.adnxs.com
region1.analytics.google.com
rtb.nl.eu.criteo.com
s-img.mgid.com
s.ad.smaato.net
s0.2mdn.net
sb.scorecardresearch.com
scripts.jixie.media
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
st.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
t-1.tstatic.net
t-2.tstatic.net
t-3.tstatic.net
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
traid.jixie.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
103.132.192.30
103.229.205.242
104.18.19.126
110.238.107.108
114.119.175.30
13.248.245.213
13.32.121.17
142.250.186.130
15.197.193.217
162.19.138.118
162.19.138.83
172.217.16.130
178.250.0.157
178.250.2.148
178.250.2.151
178.63.45.45
18.192.184.0
18.65.39.21
18.65.39.30
18.66.147.107
18.66.97.75
185.59.208.177
185.64.189.110
185.64.189.112
185.64.189.221
185.64.190.79
185.64.190.80
185.80.39.216
185.86.137.17
185.89.210.90
185.89.211.26
185.94.180.123
193.0.160.128
198.47.127.19
198.47.127.20
2001:41d0:701:1000::96f
2001:4860:4802:34::36
213.155.156.183
213.19.147.43
223.119.20.23
2600:9000:224a:b000:1b:5138:8a40:93a1
2602:803:c003:200::51
2606:4700:10::6816:46af
2606:4700:1::6813:874e
2606:4700:1::6813:884e
2606:4700:20::ac43:4b59
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6812:bcf
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200d
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:813::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c02::9a
2a02:2638:1::13
2a02:2638:1::17
2a02:2638:1::1a
2a02:2638:1::2
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::3
2a02:26f0:480:f::213:7ed6
2a02:6ea0:c700::20
2a02:fa8:8806:13::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3601:d9a0:8a83:a4c7:eb08
3.122.172.96
3.126.56.137
34.91.62.186
34.98.64.218
37.157.4.23
37.252.171.52
37.252.173.228
51.89.9.254
52.222.214.49
52.222.214.96
52.222.236.125
52.95.126.160
54.170.158.38
88.221.168.201
88.221.169.49
89.149.192.64
0003fab3382338a09539e86d5e2bdd7a9b1ced520a10b54d28e4c3225415404e
012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4
028c6a8af88f84ef91d1263ec6e88d087ead24462df7f3684e78585e687a6adf
039ddca531ae1290db5225079f203d88bd377bea02f471f9cd8fe208c60696d6
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
044fc3eb59e779c96e8687063bc41697b7e19970fa22ee68f570c20edbbebb7f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
054ce6577c5c6089e14aebc65ac639ddbc66fb9459ab9784ddbd9c51fa123b7b
05b839340ff9cba10d1c57c359d96a0f7364dd5f14452f341ec25b7586261575
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
0728accf6e1f227a9b89845a044afef5dacdf8f451989ed974e9f6639fdcd937
0791bb2da48d7832020a6d44caf2117c04419543c7a6a2ae090df4cd6f548ee7
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0ab88ceba97e0038e73d25ed8cbc7d377a81dca0327a569d61346d1083984b39
0af2d22c11f2ba0844ce3028a5dbb3c37062579527404c2f81d3019a2fa08553
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfa83177776f16b76c20f0f10f48630c410a4802c1aa20d793613e3c54debbc
0d4b6cded9dd956b98828ffc2eac772e3ee61c4bc57dffd5a40bf56177db9642
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
0e6ac74f5509ac65d0d0906338585fc596b3b7b1af009948534babb8338a4396
10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d
120eccb83458748d291aef61dd5ea425addd4408c384eed78f977e5e36d411ad
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130368e1880972a560164d6a42407eb853179a8eb98aa11b3ec7605296dfe775
1580226158aceba2b64f237d9d5a5b122a06c0bf4387b3b67acfe7bba8ef41bb
16971205410c03fa80c5adfd3699db96fb75d6952b03ca4e7687fda84f6f5a48
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1978eacf9c76dbb3cbfe2831af2fc1ce275b2c8d458636d80c3430b7136cc7e3
1b6a43a7f24c942e8f1ed28c87453afdd7f05a75dc8fdc74a98b857e0732866c
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e5b68d7ccd08ea80ad68cce44ecd39fe69c8f3801baf4bc7bf02c2c63984ca5
1f0d86889701e9c0505b7df581b33b35db59057f2fc368cedb5dc71b27c18bef
1f2636910ed5d720a958d71951e547a8879f2cac5bc78148be1995820f3be25d
256cabeda4a8a6e7a0798a8f812f734f62ea6bc4bf78ac0a1ce1b730e1186b68
26611e4f579c7c6d9bd06c96e10d7780c5da29037b9ac1571a4b953f27b5fd31
268f0e998ee64950986d2fd6dd9ac2de8f2f0096f58386e2833845f90b3a8c87
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2cdfb9177dcf4ce604f890ff83c54ec13a77c770cefcb94300049188eab01a48
2d943dff9157aa052782c6f28f77fac0b3e81f3a42048cd26e073de9909b56c2
2de221ab0a7e4eadcdae03e1a114edc3ee8978bf37c74945fdf2abf12c24337e
2f9ecb8e1c41aeeb8983591498e78e82342ca1fd4be35250764c5494f4ccd05a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32db6f7e4924750677b824d2f27932c85e7222fb93710a6e445bf69c37b93fc6
33e7f560f60b7c79a83ffb2ca21a1ab747f35c084ca71a9b717707952664b73c
347ea568fa76cd677b93d8751795bdaa2dea47b046e6f81144315799e01acbcd
349544eac2a5e347ebc6e23a6ca44ab6531e59c40f5d337ddddf1270608ce257
376cf68f2e64ee5d99e42f5a534ef8a4e8a788c369e2ce44421501cf01234d21
378b3aac9f23f23a601eeb907c602a5d021fde41ea7ba208980f68fd52c783ac
395427f376c7c80bf11e9738a4eeb56cb1c845268c9bab441a5ff057081673ca
3af7b0125cb069de003c4dc4c20329007c3bee2208ff134e942d0068cc0a5451
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
3d110efc1cffac3c4fee8827be5ec2c8c6a96ccb82df391f9b9103cfb9c7f8a0
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
3d365251d0034548751123752d1b00b716d2ef730e67f57f689438cf8a2d9e85
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
3e9bcb9fb091ac3fba889e2203f4145c496a2e1a97ed53c92831a29b23e92400
42a6562cb56831b97e3a808dbe75c1aaec8fd338b332b1aa4dd34440342e0a44
434617e06c4d3176788c95bdff63a22e66bbd49ea472374b3a55e30e44f2b70a
44237d6f7b954abc0c4e4ecb391c1166c989132a853dcec3b0bc63bb0b1f8a43
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4730daad5fb2bac2d6868018aa47a1366d69e0c46cd432a98fab2dced26d61ee
476308e731b1308104ce93b26e43f00516f0460fffd4e7bbc448d92d6b88ec33
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a8cdf7c03a39d4aa2f2830f3f05f3a54bb441b6991f91afd2aaa9f7165f26c8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1583da6c38683eb7abba2c9b2cad109040a6cffa4cabc09bf37735f10c5f8b
4f3479563e67e2fa321bd9c1b142313b27e2726957168ba9c025c1a2b83b6494
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b8a0c210c7983e72a0ac0d3b33a04f7ae70d2955e18000707f36641b125fe6
521c1113b5d07fd116632aa107fb1ad7878425a1b97cc182e5befd3827ca3f05
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
55511a5882ecdf9328bd21234e78719d9e55b1802b024526e2178572a7419d83
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
5634f3625861ee92783372b57954fcbc5ceb7bc7cde2c8347025a0f0ec893d1d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dc685ed4935640fc69a56126575082ea8379cf3e588d9f1d7c1c6a1aff762ae
5ebd2e1b961bbef77f1bf08b08af4dad8e349dfdf2bfcf7272d314c49cf23276
5f9790594ea01903178ad509cddbb3d58b5ff680804be1c0fdbb09ff81f72237
6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6263b27d0957bde641d24aa9880e911551ce94b5e6e99d3c14d500cef72c0933
629e1280f96e4cfe40905cc70bf0cfd10ae21b5e8b47434821b6030bba179794
62a5f8248a613e724a38a5a8b647b2e59dd29ae1f856ce27b50dad9cc469f0b8
647dcbc3049856019f815bdcddba2b5561d3f87ac2c5e98ff1f09f38edfd8e5f
67a09458aa2b97d54491755dcf3d3d00298de54799b49fded2de6db24e103a94
6a25d5cd9c69f1a5662ac1bea960ed75fa2d343c708f36ada25bd6a1edc1a6f8
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a7e260959c0dd98e9b2d17fee09954ba0c5faa81bffad13b1c7a8074ff1d57b
6adf8bdbabb55f51df938ee7384454e81471bf5c5857f072853edbe316f2b880
6b723ee9ed05292161c3bcec441a4ccada7f8ccd29b221b7941830f24409218e
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
6e21b7721a9e959aed3bd48d0d9540e6a5474862bd7a4325889356ebbc38a23f
6f061b380e02f436858e76db0520500568d2fd4555863a2bb9b4ea3e617891c0
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
726e0b8a396348134d195d62a53eb3506586bf6058d4ec99c4f3762a46d75478
7659a58de80efb0e8fdde41820da5032f9fbcca5106be0586ae49ede7198f6c9
77bc1df8da4665fe67482c981d7d685fb5851c93c9e12444c3d4a9bccba4a063
79707050706511d99642da0eb61cc0a5804e62306e7f87801194faaa87c51955
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79aa57c367c93a86fbf20383e55c0d23134f8b2184d78fcd0661296c3550cce9
7a73e24517e0d1a39ed5e04f7a21bcfde42cd60be7f8c875d7938973a75a836e
7c07d73b6b22bbd71908f1b756ddfba11635c481188f1a06d868fe4ec1a244e4
7c7049490571fbaf8fbe6ec97ae894142b304cc9b352d3af62a40135ae8ad17f
7e7fffeb913f670ca98a9f0320ed4f14ae3eb9739257754881796cc372913952
7ee392dca9cf6955b327a13a4212fc607bd8b6e01f53237ff2146526d84e0150
7f0229ab7b7b060ff56be2899983c7d6a4b9ba036e992690f40a9a4d875ef984
7f1162f81e7c3118214db4d6b34eaf63427c7dd6693bb977e1d66ef78c63624b
7ff9d4ae2b3407b031e3359007ff4d7ac9e0b342f25ce44c77d3cb7f14f65043
817c3c0e8004e8edb21061dee878f7d8fa85cea76eae2f3db6b9403d6310161b
823e185db968ecdf493e30586db0c1b541e3d729bab4b3dc2b0e1e864cdaf1ac
82d50266429d4d44805d84a951eeae98de6d4a5f7c6883e4fa829bf5eed4a499
83ff9988e815c6492c161c43ca007675ec54d7c7f221093325e5b0271b89aa8c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86053277b7695697f73dfbf1cff945552bcfc7a0e9ec4f1b7c873af3a91a886a
866fd1260c875af69792fac179f107a6168cfbef90860d04518537516af2f183
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88677e3212f08097e57ee9aa5637e19495993ff787018d78d8409f78d226c78d
8b37a91fac51b23f29eafeb913010bf4e41a6bdf0d4703dc9298bcf929165ae3
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e55917d5416a650876baa9bdbe652e0ca548bc0b6b720f48d572e4eba64196a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9053e0044b44e599ddc499c02fe7f71113aa1ed623c68df99633a000ca960467
91969c1090d53c593d7010c2588d2c720982abcbf50eceb9850326dc48aeaf6c
92d6b966c3b2fb58c469e35de5c5cdf8cdaa30ea9bb7a3e15e1b86765f892452
9428a0815b121f5d67fedd4c6f41cd7daf59d6cb101acc96bd3172ce85c3681d
94d3297b59c96da49e4fc2c69a442948eb5274a5416725ad2c0c63b457d6ab77
94e3aa1e0713a67ebddc226229b3492e772e16a128a32b16e784488548216e72
958a9dfac97be53f97adbff36738769aacae18cb0b2a24bdd7d5744ea2b2bd65
95980362f4f7d049ac1e5a561e6691c931da3e1072d424bfe362d3698876f952
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d2a0e8769517fa5e20928f7412d4d00dcd83f462dd346447312823fc7b8d5d
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99dd300f70b33cff7246c8e19268061eefb84cab54398ed804ff215f8db32c77
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
9f03c6e02aa965f94f17f3063279a345c0ffb41648202a229f9bd3702f4c2341
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a687f5c64cf92c75ed9fd3ee703457e19394f886693e4446d1e10783b12136e5
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
a8aa09d577615e444eaace7291ce0414602596a1f68ce907deb4d6b7d848e9a8
a95f9d9d49b752e0a911a68038ce6b765e98426e151666841e246319d8c3eee0
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac55e1bb592dafcd166e05eb2ff3c87dd283e6cdadce14da6b4e2d97a5354224
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a
ad38dc2d166ec7163422df767ecb7b4681aa13145e46a7964e94f93b95dbaad4
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae27903ac0710c9faf2f50a91764597a8e22e8047b4289d71588c118ed776800
ae2b09edcf7adea52bb3eafb3d085fccf11cfc19c5cc94c9464af1877984aa39
b05e6218d62af483d488d439a06d95da34ff26df8854d47be13c2693f37e2d3f
b0929c6e38b78521316107239c8415db5243274f97e678f69001af4ad3dd98f7
b095db73501882c8569a7857c6511c4dfb3be5dbd4d0a60c9969d919cd0b0d98
b0fccf88d0ee7903a0708933b870de0a072ec9cfda9b2b8db5f37c7c8651ef46
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4858746760a58a41ea45a93706a25bec1647b88bfe68d538d5856991b552823
b6497229dd2dc71ae271999fa16fc39b3c7abf8eeae2c8affcedbdffdc5f8a16
b6cfe3ffed0f0e2a8e65926e0371426327dcf6919a6f095216975e914d16cddf
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
ba9f40d1854c8a80885f6911ccd5b407ceaabb6a310bd9e3436ebb29e66e47b5
badec949b73175097cbe5d6bacad2b8bb327c4d0939eace1a2975418940782f6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9f93b8d90d798effb99e4e0ae7ca44faad8d3e1ca9bfc08dbdb45cac082926
bbc0d1e5783c1af2d5459d2c520a75370e5d5365b5c3e6f309aff492763499cc
be893dd9d31367c06e86b5341e239a68373860fb1b526aad37350f840add5bd8
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c32337433e919b42ff2a6cdfe96d5b0f7a82b07461ab51bf982a853384dd8c3f
c4cc3c4828ca3466dd9ae6fc32714aa6dc832c16205e709d78ff886275c39329
c61c9120f5ceaae5b2a05ff1354f51543cbf5aff1491ea216084870920980e86
c800b541c1a3fd24fc4db8606cfbd77e1c4a8d25400961f15ecf2e7f8b218f6d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc453b09b4ab460df1b7c7e88e33b13f12a73f355ff0f3b4b934e929867baa3e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d10a8834df7acc85072b18ff1a35c19265ac91e5e1fff8e954875321a96a9c50
d17a720db0babba37731d05e123ac3c1e63c338f3314990adf9c905a79c7164b
d18c444bd70933a905716388632a8c7326e5c8aaa98130789082e29a338525c9
d2a76a7ff51b1eb5f1ea0e715070bb3a31274b2a7059597dd9effe100a74a926
d354f5284b5e7a3933feb42d0008b99e0fe84cce0a822837167228d955e7a505
d3c22d03091d299d60805c813a2fe62f6283e23a07e812803658a1775aaf4b93
d3ffa17f3dc26586adc21eee5a2b07e32f8213cb314f56a680d11a353c9217a1
d42ef5bc63ca80f16e44fa145a312e6e6572a3f36a405ee7c1b16b53340ec9c4
d82a1066bfe09ee8646ed30bc86c3c8e757d48c921bb115a401b93cea2e0b0d0
d83f151c7f401a8a986e57dc81e6507fc728cdd09f55c65497d81cb88b83cf0e
d83fb16dd04f64506a6f9abb8bafe780c4e737ff33890a1b09df8c30abbcb13a
d8d4812c92feb4b36b6c79c4b3b05af6634eb09461c30e317ded49bc96bacd25
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
da7ab2a16994ad7cc24e95cb002984a2d4297407987103b4a3afc1c7d41f3ddd
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd12cec30eae0522b933497982b5c6bd19a3943226f95cc052bc789c142717d0
dd234b334fc7d6fba124700207cda93e9e043174d08bc85cd17d7fd07cca523b
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df4f9c3d7d11a4ba21b585bfdaff006aa925b32c3ec626969a38a5036a5aa03e
dfb821a412dd39129f52a774d8c9abb96a149f202bbaec1121a2c760b1cd54a1
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e169cf4f2fde53ff50ff2ecb38b0df2cbc613aaf3b93b2e52202cad8ce93a8bd
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e229684c6d477c13045d7ba26038f1b53dd5df183368aa385c669d9c7e863739
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e70a6f2ca4ea41c2c85be28bdf5159698c44dbbe15f21757f4ba9916edf6020e
e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce
e9f38a034a7e5f0ebf6fa2c3b0ba3160034db7045d540d792e84808406e863cf
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f21afb7a4aef45ed34b6b308b7900d462b08aaab8119b2ac78ab6574b95bd80e
f35bb4bcaf2396e85660c9e3d973f2096814c4953cabf71cd308611ed932d8af
f3abf51ce7e0805701c1060adac00965dd08d989a0a90f58f634b41dfc769620
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
f487063d07e520ce44cc9b4ba266fa8df7559d824a2b45ced0cb0a74726e3f8f
f49203d89327943a5db3d5bc4d2fb2a3faa535b68cf47573c9576804b7005947
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f77866ff60225d671556ef89598c6d1e99b81643bedbc95d7f7ec0816cd1659f
f7b087c59e41f61baab97ccc71a85e0ff3647f3ad45fb9f505a942906d819a31
f80661f5616a4b167ed3f80e1af1bb911787ad2edeb6ecaea8f0778af7bd574e
f98455e68cacdf4a309c68b07a5fe4db993695ee437996d4b9b3343f449d9f50
fbc2f9ebe7aa5936ee6a09b22181f69899d89e6e8696648aec6bbbe0b9ab4d76
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76