medan.tribunnews.com Open in urlscan Pro
52.222.214.87 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://medan.tribunnews.com/2023/07
Submission: On July 16 via api (July 16th 2023, 1:26:34 pm UTC) from FI — Scanned from FI

Summary HTTP 260 Redirects Links 88 Behaviour Indicators

Summary

This website contacted 73 IPs in 13 countries across 61 domains to perform 260 HTTP transactions. The main IP is 52.222.214.87, located in United States and belongs to AMAZON-02, US. The main domain is medan.tribunnews.com. The Cisco Umbrella rank of the primary domain is 139667.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 12th 2023. Valid for: a year.

This is the only time medan.tribunnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.222.214.87 52.222.214.87	16509 (AMAZON-02) (AMAZON-02)
11	143.204.215.124 143.204.215.124	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.189.35 13.224.189.35	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.80 18.66.97.80	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:9400:3:445f:1a00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 3	108.138.7.10 108.138.7.10	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:249... 2600:9000:2490:5000:18:8a85:cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::200d	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:1200:a:e047:753:be1	() ()
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
1	18.193.228.139 18.193.228.139	16509 (AMAZON-02) (AMAZON-02)
14	63.33.165.48 63.33.165.48	16509 (AMAZON-02) (AMAZON-02)
7	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
6	185.86.139.58 185.86.139.58	201081 (SMARTADSE...) (SMARTADSERVER)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
9	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	23.52.123.144 23.52.123.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	43.129.34.148 43.129.34.148	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	36.66.3.170 36.66.3.170	7713 (TELKOMNET...) (TELKOMNET-AS-AP PT Telekomunikasi Indonesia)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	185.64.191.208 185.64.191.208	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	185.89.211.83 185.89.211.83	29990 (ASN-APPNEX) (ASN-APPNEX)
5	5.135.209.96 5.135.209.96	16276 (OVH) (OVH)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
26	2606:4700:1::... 2606:4700:1::6813:874e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:d2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.213.164.238 23.213.164.238	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	185.59.208.177 185.59.208.177	43541 (VSHOSTING) (VSHOSTING)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1	43.129.34.52 43.129.34.52	() ()
1	198.47.127.19 198.47.127.19	() ()
3	15.197.193.217 15.197.193.217	() ()
1	193.108.153.22 193.108.153.22	() ()
1	82.145.213.8 82.145.213.8	() ()
1	63.251.232.170 63.251.232.170	() ()
1	35.186.193.173 35.186.193.173	() ()
1	195.5.165.20 195.5.165.20	() ()
1 1	142.250.185.194 142.250.185.194	() ()
1	46.51.194.233 46.51.194.233	() ()
1 2	34.111.129.221 34.111.129.221	() ()
1	34.91.62.186 34.91.62.186	() ()
1	2a05:d018:d29... 2a05:d018:d29:3601:ec8d:4a3a:2499:c89d	() ()
1	3.126.56.137 3.126.56.137	() ()
260	73

1 52.222.214.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-87.fra56.r.cloudfront.net

medan.tribunnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 143.204.215.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-124.fra53.r.cloudfront.net

asset-1.tstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-35.fra2.r.cloudfront.net

asset-3.tstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

delivery.r2b2.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-80.fra56.r.cloudfront.net

t-1.tstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:9400:3:445f:1a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

asset.kompas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.7.10 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-10.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2490:5000:18:8a85:cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

apis.kompas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:1200:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.228.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-228-139.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 63.33.165.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)

prg8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

bs.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.123.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-144.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.129.34.148 (Jakarta, Indonesia)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

hb.jixie.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 36.66.3.170 (Mataram, Indonesia)

ASN7713 (TELKOMNET-AS-AP PT Telekomunikasi Indonesia, ID)

scripts.jixie.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.191.208 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

openbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.211.83 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

r2b2-emea.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 5.135.209.96 (Oignies, France)

ASN16276 (OVH, FR)
PTR: ip96.ip-5-135-209.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d2d (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.208.177 (Czech Republic)

ASN43541 (VSHOSTING, CZ)
PTR: webgarden-track-lb-ha.vshosting.cz

log.r2b2.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

kompascybermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.129.34.52 (None, )

ASN- ()

traid.jixie.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.22 (None, )

ASN- ()

accounts.tokopedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, )

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.170 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (None, )

ASN- ()

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (None, )

ASN- ()

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.194.233 (None, )

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (None, ) 1 redirects

ASN- ()

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:ec8d:4a3a:2499:c89d (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (None, )

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7412 c.mgid.com — Cisco Umbrella Rank: 6000 cdn.mgid.com — Cisco Umbrella Rank: 10218 servicer.mgid.com — Cisco Umbrella Rank: 7293 s-img.mgid.com — Cisco Umbrella Rank: 7126 cm.mgid.com — Cisco Umbrella Rank: 1358	266 KB
17	googlesyndication.com fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 135	87 KB
15	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net	226 KB
14	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1920	11 KB
13	google.com 1 redirects cse.google.com — Cisco Umbrella Rank: 3820 accounts.google.com — Cisco Umbrella Rank: 67 www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 2556 ampcid.google.com — Cisco Umbrella Rank: 2261	227 KB
13	tstatic.net asset-1.tstatic.net — Cisco Umbrella Rank: 102909 asset-3.tstatic.net — Cisco Umbrella Rank: 130736 t-1.tstatic.net — Cisco Umbrella Rank: 102455	190 KB
11	pubmatic.com openbid.pubmatic.com — Cisco Umbrella Rank: 24837 ads.pubmatic.com — Cisco Umbrella Rank: 553 image6.pubmatic.com simage2.pubmatic.com Failed image2.pubmatic.com Failed	156 KB
11	smartadserver.com prg8.smartadserver.com — Cisco Umbrella Rank: 17208 prg.smartadserver.com — Cisco Umbrella Rank: 1494	4 KB
10	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 719 gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102	9 KB
9	yandex.ru bs.yandex.ru — Cisco Umbrella Rank: 18293	624 B
8	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 552	6 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	116 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	6 KB
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	52 KB
5	adnxs.com r2b2-emea.adnxs.com — Cisco Umbrella Rank: 75643	4 KB
5	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	92 KB
4	google.fi www.google.fi — Cisco Umbrella Rank: 27599 ampcid.google.fi	993 B
4	kompas.com asset.kompas.com — Cisco Umbrella Rank: 36204 apis.kompas.com — Cisco Umbrella Rank: 45151	3 KB
3	adsrvr.org match.adsrvr.org	659 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	169 KB
3	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 642 dsum.casalemedia.com — Cisco Umbrella Rank: 1666	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 162	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	251 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1032	68 KB
2	yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	553 B
2	weborama.fr 1 redirects cr.frontend.weborama.fr	500 B
2	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 756	374 B
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1098	814 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
2	jixie.io hb.jixie.io — Cisco Umbrella Rank: 34379 traid.jixie.io	936 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 982 kompascybermedia-d.openx.net — Cisco Umbrella Rank: 49332	565 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 646 eb2.3lift.com — Cisco Umbrella Rank: 422	766 B
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 842	168 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	89 KB
2	r2b2.io delivery.r2b2.io — Cisco Umbrella Rank: 41228 log.r2b2.io — Cisco Umbrella Rank: 45091	111 KB
1	simpli.fi um.simpli.fi	613 B
1	crwdcntrl.net sync.crwdcntrl.net	267 B
1	iprom.net core.iprom.net	279 B
1	ctnsnet.com ipac.ctnsnet.com	361 B
1	adgrx.com cm.adgrx.com	283 B
1	opera.com t.adx.opera.com	413 B
1	tokopedia.com accounts.tokopedia.com	2 KB
1	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 10878	53 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	185 B
1	jixie.media scripts.jixie.media — Cisco Umbrella Rank: 35973	14 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1500	384 B
1	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18260	183 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	tribunnews.com medan.tribunnews.com — Cisco Umbrella Rank: 139667	16 KB
0	bidtheatre.com Failed match.adsby.bidtheatre.com Failed
0	turn.com Failed ad.turn.com Failed
0	dotomi.com Failed pubmatic-match.dotomi.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
0	audrte.com Failed a.audrte.com Failed
0	onaudience.com Failed pixel-eu.onaudience.com Failed
0	tribalfusion.com Failed s.tribalfusion.com Failed
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	amazon-adsystem.com Failed aax-eu.amazon-adsystem.com Failed
260	61

	Domain	Requested by
14	g2.gumgum.com	asset-3.tstatic.net
11	asset-1.tstatic.net	medan.tribunnews.com
9	bs.yandex.ru	asset-3.tstatic.net
9	securepubads.g.doubleclick.net	medan.tribunnews.com securepubads.g.doubleclick.net www.googletagservices.com
8	cdn.mgid.com	medan.tribunnews.com jsc.mgid.com
8	tpc.googlesyndication.com	medan.tribunnews.com fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
8	fastlane.rubiconproject.com	asset-3.tstatic.net
7	pagead2.googlesyndication.com	medan.tribunnews.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	bidder.criteo.com	asset-3.tstatic.net delivery.r2b2.io
6	prg8.smartadserver.com	asset-3.tstatic.net
6	www.google.com	1 redirects cse.google.com medan.tribunnews.com tpc.googlesyndication.com
6	fonts.googleapis.com	medan.tribunnews.com fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com client
5	ads.pubmatic.com	jsc.mgid.com delivery.r2b2.io ads.pubmatic.com
5	prg.smartadserver.com	delivery.r2b2.io
5	r2b2-emea.adnxs.com	delivery.r2b2.io
5	openbid.pubmatic.com	delivery.r2b2.io
5	static.criteo.net	delivery.r2b2.io medan.tribunnews.com asset-3.tstatic.net static.criteo.net
5	www.gstatic.com	medan.tribunnews.com fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com
4	cm.mgid.com	jsc.mgid.com
4	s-img.mgid.com	medan.tribunnews.com
4	c.mgid.com	medan.tribunnews.com
4	jsc.mgid.com	securepubads.g.doubleclick.net jsc.mgid.com
3	match.adsrvr.org	scripts.jixie.media ads.pubmatic.com
3	id5-sync.com	cdn.id5-sync.com
3	www.googletagservices.com	medan.tribunnews.com securepubads.g.doubleclick.net
3	www.google.fi	medan.tribunnews.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	accounts.google.com	asset-1.tstatic.net accounts.google.com
3	apis.kompas.com	asset-1.tstatic.net
3	sb.scorecardresearch.com	1 redirects medan.tribunnews.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	medan.tribunnews.com www.googletagmanager.com
3	maxcdn.bootstrapcdn.com	medan.tribunnews.com maxcdn.bootstrapcdn.com
2	cr.frontend.weborama.fr	1 redirects ads.pubmatic.com
2	pixel-sync.sitescout.com	ads.pubmatic.com
2	dsum.casalemedia.com	2 redirects
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com
2	gum.criteo.com	1 redirects medan.tribunnews.com
2	cdn.id5-sync.com	jsc.mgid.com
2	servicer.mgid.com	jsc.mgid.com
2	googleads.g.doubleclick.net	medan.tribunnews.com fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	targeting.unrulymedia.com	asset-3.tstatic.net
2	fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	connect.facebook.net	medan.tribunnews.com connect.facebook.net
1	ups.analytics.yahoo.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	cm.g.doubleclick.net	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	ipac.ctnsnet.com	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	t.adx.opera.com	ads.pubmatic.com
1	accounts.tokopedia.com	scripts.jixie.media
1	image6.pubmatic.com	ads.pubmatic.com
1	traid.jixie.io	scripts.jixie.media
1	eb2.3lift.com
1	kompascybermedia-d.openx.net
1	mug.criteo.com
1	log.r2b2.io	delivery.r2b2.io
1	cl.imghosts.com	medan.tribunnews.com
1	ampcid.google.fi	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	www.facebook.com	medan.tribunnews.com
1	scripts.jixie.media	www.googletagmanager.com
1	hb.jixie.io	asset-3.tstatic.net
1	a.teads.tv	asset-3.tstatic.net
1	rtb.openx.net	asset-3.tstatic.net
1	htlb.casalemedia.com	asset-3.tstatic.net
1	prebid-asia.creativecdn.com	asset-3.tstatic.net
1	tlx.3lift.com	asset-3.tstatic.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	asset.kompas.com	medan.tribunnews.com
1	cse.google.com	medan.tribunnews.com
1	t-1.tstatic.net	medan.tribunnews.com
1	delivery.r2b2.io	medan.tribunnews.com
1	asset-3.tstatic.net	medan.tribunnews.com
1	medan.tribunnews.com
0	match.adsby.bidtheatre.com Failed	ads.pubmatic.com
0	ad.turn.com Failed	ads.pubmatic.com
0	pubmatic-match.dotomi.com Failed	ads.pubmatic.com
0	x.bidswitch.net Failed	ads.pubmatic.com
0	a.audrte.com Failed	ads.pubmatic.com
0	pixel-eu.onaudience.com Failed	ads.pubmatic.com
0	s.tribalfusion.com Failed	ads.pubmatic.com
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
0	sync-tm.everesttech.net Failed	ads.pubmatic.com
0	match.prod.bidr.io Failed	ads.pubmatic.com
0	sync.srv.stackadapt.com Failed	ads.pubmatic.com
0	aax-eu.amazon-adsystem.com Failed	ads.pubmatic.com
0	image2.pubmatic.com Failed	ads.pubmatic.com
0	simage2.pubmatic.com Failed	ads.pubmatic.com
260	94

This site contains links to these domains. Also see Links.

Domain
www.tribunnews.com
aceh.tribunnews.com
prohaba.tribunnews.com
gayo.tribunnews.com
padang.tribunnews.com
pekanbaru.tribunnews.com
batam.tribunnews.com
jambi.tribunnews.com
palembang.tribunnews.com
bangka.tribunnews.com
belitung.tribunnews.com
babel.tribunnews.com
bengkulu.tribunnews.com
lampung.tribunnews.com
sumsel.tribunnews.com
jakarta.tribunnews.com
wartakota.tribunnews.com
banten.tribunnews.com
tangerang.tribunnews.com
jabar.tribunnews.com
depok.tribunnews.com
bekasi.tribunnews.com
bogor.tribunnews.com
priangan.tribunnews.com
cirebon.tribunnews.com
jateng.tribunnews.com
solo.tribunnews.com
banyumas.tribunnews.com
muria.tribunnews.com
pantura.tribunnews.com
mataraman.tribunnews.com
jatim.tribunnews.com
surabaya.tribunnews.com
suryamalang.tribunnews.com
madura.tribunnews.com
jatim-timur.tribunnews.com
jogja.tribunnews.com
bali.tribunnews.com
pontianak.tribunnews.com
kalteng.tribunnews.com
kaltim.tribunnews.com
kaltara.tribunnews.com
banjarmasin.tribunnews.com
sulbar.tribunnews.com
makassar.tribunnews.com
toraja.tribunnews.com
sultra.tribunnews.com
palu.tribunnews.com
manado.tribunnews.com
gorontalo.tribunnews.com
lombok.tribunnews.com
mataram.tribunnews.com
flores.tribunnews.com
kupang.tribunnews.com
ternate.tribunnews.com
ambon.tribunnews.com
papua.tribunnews.com
papuabarat.tribunnews.com
sorong.tribunnews.com
www.tribunnewswiki.com
style.tribunnews.com
travel.tribunnews.com
wow.tribunnews.com
newsmaker.tribunnews.com
trends.tribunnews.com
health.tribunnews.com
shopping.tribunnews.com
video.tribunnews.com
www.tribunjualbeli.com
career.tribunnetwork.com
www.gramedia.com
ebooks.gramedia.com
www.youtube.com
www.facebook.com
instagram.com
twitter.com
news.google.com
www.tiktok.com
account.tribunnews.com
tribunmedanwiki.tribunnews.com
tribunmedantravel.tribunnews.com

Subject Issuer	Validity	Valid
tribunnews.com Amazon RSA 2048 M02	`2023-06-12` - `2024-07-10`	a year	crt.sh
tstatic.net Amazon RSA 2048 M02	`2023-06-12` - `2024-07-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
1838731126.rsc.cdn77.org R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-24` - `2023-07-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
kompas.com Amazon RSA 2048 M01	`2023-05-26` - `2024-06-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
gumgum.com Amazon RSA 2048 M01	`2023-02-14` - `2023-10-05`	8 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-04-08` - `2023-10-07`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.jixie.io Sectigo RSA Organization Validation Secure Server CA	`2023-05-14` - `2024-06-13`	a year	crt.sh
*.jixie.media Sectigo RSA Organization Validation Secure Server CA	`2022-08-28` - `2023-09-28`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.google.fi GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.r2b2.io AlpiroSSL ECC DV CA	`2022-11-15` - `2023-12-15`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.tokopedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-08` - `2023-09-02`	a year	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
*.iprom.net R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://medan.tribunnews.com/2023/07
Frame ID: C778023AE80E3053ED97CED1A1A706F5
Requests: 144 HTTP requests in this frame

Frame: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A1AF5BB9AECA476D3F0EE45F3EAE4D66
Requests: 1 HTTP requests in this frame

Frame: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 35D9AE179C39AE286F677E35DB2A2A95
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 8B5E7E2146C9767CF0C9993FC0E79F38
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7DD4A0076ADB56B970FE558236DA3AD7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: E610F5AAC0536F67585E6ACFE26CDEAC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMRvGivuphwIvpcFoAs9gDWTFnubTGFq9ugwNOrpeMrcEild2-Yam8DEI5TUY9EbFNLpTL2IblH7mIEs5jBTU7fIpuHl183Gy2fCdsffA4i_jhqh7sd9ZG5ZL16i-P4ufpD8HFqE4QPHxUSRPVyFJuV-yeqsw_Ad5pZRrF_8nFvxp_e19IoU9TkSfhq9DCVEtkIFRtR-Nh8hjKpahlFTRQvwwuVTJdbdKMnGjQ0VtXjdOL3ZOMdHo_zr0qEyRiTlcDFLNE8hTMi7nWVT1JCIZGJKTO_8dtRqYM_kkBjP9HdRN35QSdANwSKTvy3o146eOKKxYDbPbMg6xK0muMreuNMQ&sai=AMfl-YSukV3rQT6pxmCBDBELZPMrFPbsJHF9pFuM2kdXrgM9pc2gN2hgC1QyteP4-zI3fa0yfgRU0xjbOnFgKLIOJcSvhWcDiE6qSPMz3HY7Hjp6l5HT-4DcnXN-sFpQdg&sig=Cg0ArKJSzHb3doZxtaeNEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7E32101053A3CD1EDD8E9854ECA56B83
Requests: 25 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjp1xfTzq_uCH56sGxozKeQlVlkFkG8CW98T3PTd_wDVDPnc9YpABRTk9bWbWBpVgANLy7HZRUIP0x9J0qBfZjwjaMLQCJgFxOPIfAePjCWJOd1Y04uDLGa0dAghTdJT28jNdrVC4hkv7Hl5OBhuQNmAAVXTQrbnVwNFNn2wC3Ql8BqG1ZiKJa-B828Wb0ypXZu518NivICZLaR3LdZ4Eicg-WxqqMk_mCGc8C2y0z4MznCIUCsrak1OEhVpmuZP30mHWzRSdd5VFYtx7ZMVl9kma60tLdJR3Mduj_Q1fpV66K6U0KB7aMc4nh33R7hG9wwz21t5rx6ctS7nQYnv0gpQ&sai=AMfl-YT9a_vvwJhiOwfK98Es3z5ZWQrwWn6l_p2LYIvX2Lcg6Feq83ofIPTRq8xTLf2DFHdnzL1_8CU5xNQDj0cXYpkAx3Kcb4N3xM8vUT8cJNw_UQQCMMhdadm4OR5ywA&sig=Cg0ArKJSzCvaIPprYSU4EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C2919758FEB46D7D78FB73192F7BDE14
Requests: 28 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1689513988958700647909
Frame ID: 04A219997507CFD8DCEEB1C7B7A7D30A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=medan.tribunnews.com
Frame ID: 57FB60F0397271EA56E53FF6C4190AC4
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1689513989135868876237
Frame ID: 1C24F6E1B12E137DA44436BB6AF31203
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EEAE23FBC10C1E2463ACBA4958A09824
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E71A41C261D69722D9069FA2E52CA5B2
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: A382340693C7F5224DBD49EAB7307C30
Requests: 18 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 4A534D8BF6DB4AD121F2F906CB7687D8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588525749850987
Frame ID: 684F227039F4E494AC1F8229C9112006
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8763838319184165482
Frame ID: E0B7B7C461A77769E8B48A9639DB7AC0
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EB7B6BEF-F989-498F-8CE9-FF0A2E295EFB&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 362BFF698B9333BF483C51A57656C367
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AaHHN1GllWUapJw0U6CIMAeikWEarcMxD6PsSVUb
Frame ID: 3C4948C9E99F4E0CD85AD74CE87A1B52
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6505542326944562583&gdpr=0&gdpr_consent=
Frame ID: A8966542804884B8921C86A995FCDAD0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256407350369122444&gdpr=0&gdpr_consent=
Frame ID: CD5C3A8A3F98A5339424165B0046EEAD
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: A6353F10CC400ED4CCD310E67E36A4B2
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 09DF29844FAC7DDBAF7C25D685C0115C
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
Frame ID: 80537ECFBCB0A1921A4583DDC847D222
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLPwCgABSHsoLABY
Frame ID: D271869CAB815C6E52DD0EBC068163B9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 391BC16EB5B79EAE4338582B11F262F6
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 8070418B982D549BAB54ADC93176ED16
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: F50161BE01E562A645B54B66EFAF422A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 3EE2A29368089DB3FBAE7F8753128116
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: ACCE50DA22C350CF9FC08D26F6AF6434
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 31DEFB8AC795DEFFFFABBC2FF0A6200D
Requests: 1 HTTP requests in this frame

Frame: https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent
Frame ID: BDFA2AAF4A5046ACC178DD7804EB85BE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Arsip Juli 2023 - Tribun-medan.com

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

260
Requests

87 %
HTTPS

47 %
IPv6

61
Domains

94
Subdomains

73
IPs

13
Countries

2261 kB
Transfer

6354 kB
Size

34
Cookies

88 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tribunnews.com/
Title: Network

Search URL Search Domain Scan URL

URL: https://aceh.tribunnews.com/
Title: SerambiNews.com

Search URL Search Domain Scan URL

URL: https://prohaba.tribunnews.com/
Title: Prohaba.co

Search URL Search Domain Scan URL

URL: https://gayo.tribunnews.com/
Title: TribunGayo.com

Search URL Search Domain Scan URL

URL: https://padang.tribunnews.com/
Title: TribunPadang.com

Search URL Search Domain Scan URL

URL: https://pekanbaru.tribunnews.com/
Title: TribunPekanbaru.com

Search URL Search Domain Scan URL

URL: https://batam.tribunnews.com/
Title: TribunBatam.id

Search URL Search Domain Scan URL

URL: https://jambi.tribunnews.com/
Title: TribunJambi.com

Search URL Search Domain Scan URL

URL: https://palembang.tribunnews.com/
Title: Sripoku.com

Search URL Search Domain Scan URL

URL: https://bangka.tribunnews.com/
Title: BangkaPos.com

Search URL Search Domain Scan URL

URL: https://belitung.tribunnews.com/
Title: PosBelitung.co

Search URL Search Domain Scan URL

URL: https://babel.tribunnews.com/
Title: BabelNews.id

Search URL Search Domain Scan URL

URL: https://bengkulu.tribunnews.com/
Title: TribunBengkulu.com

Search URL Search Domain Scan URL

URL: https://lampung.tribunnews.com/
Title: TribunLampung.co.id

Search URL Search Domain Scan URL

URL: https://sumsel.tribunnews.com/
Title: TribunSumsel.com

Search URL Search Domain Scan URL

URL: https://jakarta.tribunnews.com/
Title: TribunJakarta.com

Search URL Search Domain Scan URL

URL: https://wartakota.tribunnews.com/
Title: WartaKotalive.com

Search URL Search Domain Scan URL

URL: https://banten.tribunnews.com/
Title: TribunBanten.com

Search URL Search Domain Scan URL

URL: https://tangerang.tribunnews.com/?_ga=2.1140657.1445431914.1667802798-1800914648.1667802797
Title: TribunTangerang.com

Search URL Search Domain Scan URL

URL: https://jabar.tribunnews.com/
Title: TribunJabar.id

Search URL Search Domain Scan URL

URL: https://depok.tribunnews.com/
Title: TribunnewsDepok.com

Search URL Search Domain Scan URL

URL: https://bekasi.tribunnews.com/
Title: TribunBekasi.com

Search URL Search Domain Scan URL

URL: https://bogor.tribunnews.com/
Title: TribunnewsBogor.com

Search URL Search Domain Scan URL

URL: https://priangan.tribunnews.com/
Title: TribunPriangan.com

Search URL Search Domain Scan URL

URL: https://cirebon.tribunnews.com/
Title: TribunCirebon.com

Search URL Search Domain Scan URL

URL: https://jateng.tribunnews.com/
Title: TribunJateng.com

Search URL Search Domain Scan URL

URL: https://solo.tribunnews.com/
Title: TribunSolo.com

Search URL Search Domain Scan URL

URL: https://banyumas.tribunnews.com/
Title: TribunBanyumas.com

Search URL Search Domain Scan URL

URL: https://muria.tribunnews.com/
Title: TribunMuria.com

Search URL Search Domain Scan URL

URL: https://pantura.tribunnews.com/
Title: Tribun-Pantura.com

Search URL Search Domain Scan URL

URL: https://mataraman.tribunnews.com/
Title: TribunMataraman.com

Search URL Search Domain Scan URL

URL: https://jatim.tribunnews.com/
Title: TribunJatim.com

Search URL Search Domain Scan URL

URL: https://surabaya.tribunnews.com/
Title: Surya.co.id

Search URL Search Domain Scan URL

URL: https://suryamalang.tribunnews.com/
Title: SuryaMalang.com

Search URL Search Domain Scan URL

URL: https://madura.tribunnews.com/
Title: TribunMadura.com

Search URL Search Domain Scan URL

URL: https://jatim-timur.tribunnews.com/
Title: TribunJatim-Timur.com

Search URL Search Domain Scan URL

URL: https://jogja.tribunnews.com/
Title: TribunJogja.com

Search URL Search Domain Scan URL

URL: https://bali.tribunnews.com/
Title: Tribun-Bali.com

Search URL Search Domain Scan URL

URL: https://pontianak.tribunnews.com/
Title: TribunPontianak.co.id

Search URL Search Domain Scan URL

URL: https://kalteng.tribunnews.com/
Title: TribunKalteng.com

Search URL Search Domain Scan URL

URL: https://kaltim.tribunnews.com/
Title: TribunKaltim.co

Search URL Search Domain Scan URL

URL: https://kaltara.tribunnews.com/
Title: TribunKaltara.com

Search URL Search Domain Scan URL

URL: https://banjarmasin.tribunnews.com/
Title: BanjarmasinPost.co.id

Search URL Search Domain Scan URL

URL: https://sulbar.tribunnews.com/
Title: Tribun-Sulbar.com

Search URL Search Domain Scan URL

URL: https://makassar.tribunnews.com/
Title: Tribun-Timur.com

Search URL Search Domain Scan URL

URL: https://toraja.tribunnews.com/
Title: TribunToraja.com

Search URL Search Domain Scan URL

URL: https://sultra.tribunnews.com/
Title: TribunnewsSultra.com

Search URL Search Domain Scan URL

URL: https://palu.tribunnews.com/
Title: TribunPalu.com

Search URL Search Domain Scan URL

URL: https://manado.tribunnews.com/
Title: TribunManado.co.id

Search URL Search Domain Scan URL

URL: https://gorontalo.tribunnews.com/
Title: TribunGorontalo.com

Search URL Search Domain Scan URL

URL: https://lombok.tribunnews.com/
Title: TribunLombok.com

Search URL Search Domain Scan URL

URL: https://mataram.tribunnews.com/
Title: TribunMataram.com

Search URL Search Domain Scan URL

URL: https://flores.tribunnews.com/
Title: TribunFlores.com

Search URL Search Domain Scan URL

URL: https://kupang.tribunnews.com/
Title: Pos-Kupang.com

Search URL Search Domain Scan URL

URL: https://ternate.tribunnews.com/
Title: TribunTernate.com

Search URL Search Domain Scan URL

URL: https://ambon.tribunnews.com/
Title: TribunAmbon.com

Search URL Search Domain Scan URL

URL: https://papua.tribunnews.com/
Title: Tribun-Papua.com

Search URL Search Domain Scan URL

URL: https://papuabarat.tribunnews.com/
Title: TribunPapuaBarat.com

Search URL Search Domain Scan URL

URL: https://sorong.tribunnews.com/
Title: TribunSorong.com

Search URL Search Domain Scan URL

URL: https://www.tribunnewswiki.com/
Title: TribunnewsWiki.com

Search URL Search Domain Scan URL

URL: https://style.tribunnews.com/
Title: TribunStyle.com

Search URL Search Domain Scan URL

URL: https://travel.tribunnews.com/
Title: TribunTravel.com

Search URL Search Domain Scan URL

URL: https://wow.tribunnews.com/
Title: TribunWow.com

Search URL Search Domain Scan URL

URL: https://newsmaker.tribunnews.com/
Title: TribunNewsmaker.com

Search URL Search Domain Scan URL

URL: https://trends.tribunnews.com/
Title: TribunTrends.com

Search URL Search Domain Scan URL

URL: https://health.tribunnews.com/
Title: TribunHealth.com

Search URL Search Domain Scan URL

URL: https://shopping.tribunnews.com/
Title: TribunShopping.com

Search URL Search Domain Scan URL

URL: https://video.tribunnews.com/
Title: Tribun-Video.com

Search URL Search Domain Scan URL

URL: https://www.tribunjualbeli.com/
Title: TribunJualBeli.com

Search URL Search Domain Scan URL

URL: https://career.tribunnetwork.com/
Title: Karir

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/epaper
Title: Tribun Epaper

Search URL Search Domain Scan URL

URL: https://www.gramedia.com/
Title: Gramedia.com

Search URL Search Domain Scan URL

URL: https://ebooks.gramedia.com/
Title: Gramedia Digital

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/TribunMedanTV?sub_confirmation=1
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/tribun-medancom/101746656537875
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/tribunmedandaily/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/tribunmedan
Title: Twitter

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKGNjgswmu-gAw?hl=id&gl=ID&ceid=ID%3Aid
Title: Google News

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@tribunmedandaily
Title: Tiktok

Search URL Search Domain Scan URL

URL: https://account.tribunnews.com/home?navsource=aHR0cHM6Ly9tZWRhbi50cmlidW5uZXdzLmNvbS8yMDIzLzA3
Title: Profile

Search URL Search Domain Scan URL

URL: https://account.tribunnews.com/login/dHJpYnVubmV3cw==/aHR0cHM6Ly9tZWRhbi50cmlidW5uZXdzLmNvbS8yMDIzLzA3
Title: Login

Search URL Search Domain Scan URL

URL: https://account.tribunnews.com/register/dHJpYnVubmV3cw==/aHR0cHM6Ly9tZWRhbi50cmlidW5uZXdzLmNvbS8yMDIzLzA3
Title: Mendaftar

Search URL Search Domain Scan URL

URL: https://tribunmedanwiki.tribunnews.com/
Title: TribunMedanWiki.com

Search URL Search Domain Scan URL

URL: https://tribunmedantravel.tribunnews.com/
Title: TribunMedanTravel.com

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/about
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/pedoman
Title: Pedoman Media Siber

Search URL Search Domain Scan URL

URL: https://www.tribunnews.com/terms
Title: Terms of Use

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://sb.scorecardresearch.com/b?c1=2&c2=8077308&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1689513986934&ns_c=UTF-8&c7=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&c8=Arsip%20Juli%202023%20-%20Tribun-medan.com&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1689513986934&ns_c=UTF-8&c7=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&c8=Arsip%20Juli%202023%20-%20Tribun-medan.com&c9=

Request Chain 138

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 200

https://gum.criteo.com/sid/json?origin=publishertag&domain=tribunnews.com&sn=ChromeSyncframe&so=0&topUrl=medan.tribunnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=brz9HnwzNmRvQy9lSnVKOVc3Y3VOamR6ZGUvT24yc3BpbzdRZjAzWDJqYTg1YVFoNloxVFgwQThWV3loSU9iQURYeGJiQXFrM3N0SmViYlRHenJZMjBHanlxaEVlY2wwTUVGSDNIU3pMSCtKOWZxTlNxSXA2TnpLVkhPN0E2Q0xKc0JEQmtMeHQ0TWpMMXJzVFdqWk9aRDBOL1VrbS91OGI2YUpVMUR5bEtJUjhpQ0dXYUl0cDE1VGdkazN6UHVObC9XbHhDWDNxQlh0aWJVd29vZ1lBajB6dkc0ZmFwWUg1RWdRMHlmZUFscVBiUzNqRGRxOUhpQ1BndW9BdzVkaWRpQUsvdXU1OXMydlhZdGZtNVVtNTBxSEhHdz09fA&cppv=2

Request Chain 218

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=450352&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=450352&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=0

Request Chain 226

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 227

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588525749850987

Request Chain 228

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8763838319184165482

Request Chain 229

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EB7B6BEF-F989-498F-8CE9-FF0A2E295EFB&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EB7B6BEF-F989-498F-8CE9-FF0A2E295EFB&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 230

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AaHHN1GllWUapJw0U6CIMAeikWEarcMxD6PsSVUb

Request Chain 231

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6505542326944562583&gdpr=0&gdpr_consent=

Request Chain 232

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256407350369122444&gdpr=0&gdpr_consent=

Request Chain 235

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1

Request Chain 236

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLPwCgABSHsoLABY

Request Chain 237

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 242

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 243

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent

Request Chain 244

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=63tr7_mJSY-M6f8KLile-w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 246

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=742583820

Request Chain 248

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUI3QjZCRUYtRjk4OS00OThGLThDRTktRkYwQTJFMjk1RUZC&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 249

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBuxw2s3aHUzydRyTCuNJJU&google_cver=1

Request Chain 251

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3321407727652259915

260 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 07 Show response
medan.tribunnews.com/2023/ 86 KB
16 KB 379ms
249ms Document
text/html 52.222.214.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-87.fra56.r.cloudfront.net

Software

TribunOS /

Resource Hash

93a730dae39fdf15f8d7c0e3844566d949b5c0cbc429a92d1276bebdae350372

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstatic.net fonts.google.com .tribunjualbeli.com .tribunnews.com .bolasport.com .grid.id .gridoto.com .motorplus-online.com .kompas.com .kompasgramedia.com www.kompasiana.com www.kontan.co.id .ampproject.org .dailymotion.com .youtube.com .ytimg.com .tawk.io
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate no-transform
content-encoding: br
content-security-policy: frame-ancestors 'self' *.tstatic.net fonts.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io
content-type: text/html; charset=UTF-8
date: Sun, 16 Jul 2023 13:26:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy: geolocation=();notifications=();push=();sync-xhr=();fullscreen=(self);
pragma: public
referrer-policy: strict-origin-when-cross-origin
server: TribunOS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
x-amz-cf-id: b4Zeu6OrUzmmhRA1lLrk6Jvz4OeTTW6OUtVZPLsLciNgOgQ7EfZhew==
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1

GET
H2 200 daerahgit_230320.css
asset-1.tstatic.net/css/theme23/daerahgit/web/ 53 KB
13 KB 190ms
64ms Stylesheet
text/css 143.204.215.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset-1.tstatic.net/css/theme23/daerahgit/web/daerahgit_230320.css
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-124.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 486a9f6975cf4d1724c7c6f915dda1eeaf5d0d376df442f243530728f5c45261

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:42:39 GMT
x-amz-version-id: qovvwrxhQpxfmPd2Rzo_lVgcpIK.5FSF
content-encoding: br
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2202228
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 486a9f6975cf4d1724c7c6f915dda1eeaf5d0d376df442f243530728f5c45261
x-cache: Hit from cloudfront
last-modified: Mon, 20 Mar 2023 06:51:58 GMT
server: AmazonS3
etag: W/"d0ad92d680464d5ccc69d4578d4301a3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
x-amz-cf-id: 4Oy9IpzvzVAB5w6DaZ3mJkYRyoXZjuC1BafJL9-zk76BT5fHNOB4zQ==
x-amz-meta-s3b-last-modified: 20230320T065022Z

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
6 KB 120ms
45ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 565, 617, 617
age: 4478995
cdn-cachedat: 2021-06-08 19:04:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7e7a93afbfe73769-HEL
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.6.3.min.js Show response
asset-1.tstatic.net/js/jquery/ 88 KB
30 KB 194ms
68ms Script
application/javascript 143.204.215.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset-1.tstatic.net/js/jquery/jquery-3.6.3.min.js
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-124.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c43e0e050891f2c148041a5d4fa51f628c5eae5c67eb6bbbad6525bb83892686

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:42:39 GMT
x-amz-version-id: xZ2xxrh8aLCC1SkedbmeTOYG324WhLXS
content-encoding: br
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2202228
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: c43e0e050891f2c148041a5d4fa51f628c5eae5c67eb6bbbad6525bb83892686
x-cache: Hit from cloudfront
last-modified: Fri, 17 Feb 2023 07:17:19 GMT
server: AmazonS3
etag: W/"a509c54b5330e1e3386a99004732dd64"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=31536000, public
x-amz-cf-id: FFbFzGFYMYmxIOaZnB-brJm_RsKyzoA3DneYLcDUrP7H72XkTeQJTQ==
x-amz-meta-s3b-last-modified: 20230217T071604Z

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 295ms
136ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51281721c4d4112dd09a878a8ce74dac8b7c478f6da1cf31f5cfd7c8160d30d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27721
x-xss-protection: 0
server: cafe
etag: 673 / 19554 / m202307100101 / config-hash: 3977741291496309648
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 13:26:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 199ms
69ms Font
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac19762d688273f891a1beb22bd7524e961627d476adf3546a2a622ecb59b860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://medan.tribunnews.com/
Origin: https://medan.tribunnews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 13:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 12:29:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 13:26:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 200ms
70ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac19762d688273f891a1beb22bd7524e961627d476adf3546a2a622ecb59b860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 13:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 11:36:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 13:26:26 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 117ms
44ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 1373435
cdn-cachedat: 2021-06-08 21:08:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7e7a93afbfee3769-HEL
cdn-requestpullsuccess: True

GET
H2 200 tribun_desktop_2023.min.js Show response
asset-1.tstatic.net/js/tribun/ 6 KB
2 KB 63ms
60ms Script
application/javascript 143.204.215.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset-1.tstatic.net/js/tribun/tribun_desktop_2023.min.js
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-124.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6926c02dda32aa50c00e106bb29ccf2ce44fc07370cfe2d1192af7f9953de99a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:42:39 GMT
x-amz-version-id: hSDJjKX5_OZhJf7FO2Ph5jrZrJSsDG03
content-encoding: br
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2202228
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 6926c02dda32aa50c00e106bb29ccf2ce44fc07370cfe2d1192af7f9953de99a
x-cache: Hit from cloudfront
last-modified: Tue, 07 Mar 2023 04:43:21 GMT
server: AmazonS3
etag: W/"dd4ee2493a0fbadcadc3b7e11cc6c612"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=31536000, public
x-amz-cf-id: GnLzaPsWkJGgSCrBQ4P7FlfBgJ7ed50clu38qS4Fk1ZonuEFV24Pig==
x-amz-meta-s3b-last-modified: 20230307T044151Z

GET
H2 200 jquery_3_bxslider_2023.min.js Show response
asset-1.tstatic.net/js/bxslider/ 18 KB
5 KB 63ms
60ms Script
application/javascript 143.204.215.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset-1.tstatic.net/js/bxslider/jquery_3_bxslider_2023.min.js
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-124.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1358946bc2945f07fe1d75017d431fc6de7248cf1b2fd73380bc21a6c2241408

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:42:39 GMT
x-amz-version-id: WDAEOBpbedJN0WCCxrPm44gTvtBXsN07
content-encoding: br
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2202228
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 1358946bc2945f07fe1d75017d431fc6de7248cf1b2fd73380bc21a6c2241408
x-cache: Hit from cloudfront
last-modified: Tue, 07 Mar 2023 04:39:20 GMT
server: AmazonS3
etag: W/"53e5951718b8981876916bafe8646f89"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=31536000, public
x-amz-cf-id: FgeL4qY0_2m4REjjFJNXo9YK8scZLW28QBzlk2q78WgjsFjbZScx_w==
x-amz-meta-s3b-last-modified: 20230307T043415Z

GET
H2 200 prebid8.3.0-07072023.js Show response
asset-3.tstatic.net/ads/prebid/ 390 KB
112 KB 189ms
64ms Script
application/x-javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b3d2865b495fa461bd186b1b0f51035baa5afd7a80b7cf6c72c0ffba2e9992a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 10:10:49 GMT
content-encoding: br
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Fri, 07 Jul 2023 05:12:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 530138
etag: W/"16a16c4d2a7873f4c097bb25933c76be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-amz-meta-cb-modifiedtime: Fri, 07 Jul 2023 05:11:18 GMT
content-type: application/x-javascript
x-cache: Hit from cloudfront
cache-control: max-age=2592000, public
x-amz-cf-id: s8GmPzhbGeAOIhkjW28JksQ-Cpts2sWWwpUSwVPkhTnOz6uVGHDJQg==

GET
H2 200 tribunnews.com_desktop Show response
delivery.r2b2.io/hb/kompasGramedia/ 399 KB
110 KB 249ms
72ms Script
text/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 605947eb2ef516a6d8f38c977b7596e5b674bb6c704e3a19f5aa10f8b58ac8a7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 16 Jul 2023 13:26:26 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 1768
x-accel-date: 1689512218
content-length: 112447
x-77-nzt: AcO1rw4fmaH/6AYAAA
x-accel-expires: @1689514018
adt-powered-by: slim
server: CDN77-Turbo
etag: bc53813fcabe1affe24778bdd29b8f09
x-77-nzt-ray: 9083393037035f5702f0b364b0766f37
content-type: text/javascript; charset=utf-8
cache-control: s-maxage=1800
accept-ranges: bytes

GET
H2 200 glightbox.min.css
asset-1.tstatic.net/css/glightbox/ 13 KB
3 KB 190ms
65ms Stylesheet
text/css 143.204.215.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset-1.tstatic.net/css/glightbox/glightbox.min.css
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-124.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:42:39 GMT
x-amz-meta-cache-control: max-age=2592000, public
content-encoding: br
x-amz-version-id: null
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2202228
x-amz-meta-sha256: 17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
x-cache: Hit from cloudfront
last-modified: Fri, 08 May 2020 08:14:16 GMT
server: AmazonS3
etag: W/"7443f26fb8ef9bb0368d931f2b1f1cb5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
x-amz-cf-id: 8iigBRBsCNEdvEdLeRmJMMBYJii0zk2k3O0M-xYNrpKNcFNbYM-ugg==
x-amz-meta-s3b-last-modified: 20200331T194635Z

GET
H2 200 glightbox.min.js Show response
asset-1.tstatic.net/css/glightbox/ 40 KB
12 KB 192ms
67ms Script
application/javascript 143.204.215.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset-1.tstatic.net/css/glightbox/glightbox.min.js
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-124.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:42:39 GMT
x-amz-meta-cache-control: max-age=2592000, public
content-encoding: br
x-amz-version-id: null
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2202227
x-amz-meta-sha256: 3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
x-cache: Hit from cloudfront
last-modified: Fri, 08 May 2020 08:14:31 GMT
server: AmazonS3
etag: W/"c8e60c852f16b93503708e1b27423274"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=31536000, public
x-amz-cf-id: HSuEfybhS7ObwnmhPUiHGbeo-Nev73APU-p3gm7AvWmZDMA9dZ1SQw==
x-amz-meta-s3b-last-modified: 20200331T184655Z

GET
H2 200 sdk.js Show response
connect.facebook.net/id_ID/ 3 KB
2 KB 180ms
58ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/id_ID/sdk.js

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83751973f832d1a0de623b03322c4d973c391d9e1a916f4f2fa8f996d988c7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://medan.tribunnews.com/
Origin: https://medan.tribunnews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Jul 2023 13:26:26 GMT
content-md5: 7Ewm/DWcqcRy22K4QW6n1w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: 3hXBWJ++2rOsJy2VUuIkwJz1rAOtAGfz0s/AZ3SNOJ7sRzfY1xthrbcr6qITP8GbcRyY5dhEa3p/R6JNM8jwFA==
x-fb-content-md5: 207fbfc9373b5ab642e40dd273624fa5
cross-origin-opener-policy: same-origin-allow-popups
etag: "932913017d700f84b6888c91d383ecb4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 16 Jul 2023 13:33:09 GMT

GET
H2 200 tribunmedan.svg
t-1.tstatic.net/img/logo/daerah/svg3/ 7 KB
3 KB 182ms
56ms Image
image/svg+xml 18.66.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-1.tstatic.net/img/logo/daerah/svg3/tribunmedan.svg
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a8cdf7c03a39d4aa2f2830f3f05f3a54bb441b6991f91afd2aaa9f7165f26c8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 12:19:04 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 22 Feb 2018 09:01:50 GMT
server: AmazonS3
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"19dc44a6afc974f446d568155d12d5c5"
x-amz-meta-cb-modifiedtime: Thu, 22 Feb 2018 08:54:16 GMT
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000, public
age: 1645643
x-amz-cf-id: 57gPrOj93VjChtQyQIDl3X8q59bxzFIV6BG9t1PN1ZStWlZE779lmw==

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
4 KB 249ms
106ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=05d7b8ef00c5d4a0b

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

f4683e02f8f4ad18f7a7dbcbbc0cd5946b90e0ff80dafdf62c2111949f654196

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-0zKaW8J49XmM-YFZImG0Rg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-0zKaW8J49XmM-YFZImG0Rg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Sun, 16 Jul 2023 13:26:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2503
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Sun, 16 Jul 2023 13:26:26 GMT

GET
H2 200 Logo_T_blue.svg
asset-1.tstatic.net/img/logo/tribun/svg/ 2 KB
2 KB 63ms
61ms Image
image/svg+xml 143.204.215.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset-1.tstatic.net/img/logo/tribun/svg/Logo_T_blue.svg
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-124.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:42:41 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Sat, 15 Aug 2015 14:25:23 GMT
server: AmazonS3
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"2881375fb0f9e7fc4d0a2f42434696e5"
x-amz-meta-cb-modifiedtime: Fri, 24 Jul 2015 09:49:00 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000, public
age: 2202226
x-amz-cf-id: M4QItjSdFUY2qRMbOxFLbjAMXTS3z1cqPtgIxpzMOy1mYUG6FNOPqw==

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.5.6/ 34 KB
13 KB 190ms
61ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.6/firebase-app.js

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 05:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12419
x-xss-protection: 0
last-modified: Thu, 25 Oct 2018 20:51:40 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Jul 2024 05:30:17 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.5.6/ 35 KB
10 KB 165ms
73ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.6/firebase-messaging.js

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 18:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10096
x-xss-protection: 0
last-modified: Thu, 25 Oct 2018 20:51:40 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Jul 2024 18:43:56 GMT

GET
H2 200 kgnotif_tribun.js Show response
asset-1.tstatic.net/js/ 2 KB
2 KB 60ms
56ms Script
application/javascript 143.204.215.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset-1.tstatic.net/js/kgnotif_tribun.js
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-124.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df4f9c3d7d11a4ba21b585bfdaff006aa925b32c3ec626969a38a5036a5aa03e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:42:40 GMT
x-amz-version-id: o90oKk95.kQcQjo2jl5g8uZJQM55rPPc
content-encoding: br
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2202227
x-amz-meta-sha256: df4f9c3d7d11a4ba21b585bfdaff006aa925b32c3ec626969a38a5036a5aa03e
x-cache: Hit from cloudfront
last-modified: Tue, 09 Nov 2021 09:46:35 GMT
server: AmazonS3
etag: W/"923baa9abb9b96a2804d3114a8ba3016"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=31536000, public
x-amz-cf-id: lob0i-ifiBkONBputl8EoDF5nyDkz7kGGy4fZIMPCMKDdtr95hc5jg==
x-amz-meta-s3b-last-modified: 20211108T081414Z

GET
H2 200 sso_g_signin.min-1.3.js Show response
asset-1.tstatic.net/js/kgmedia/tribunnews/ 6 KB
3 KB 61ms
58ms Script
application/javascript 143.204.215.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.3.js
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-124.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9342167631dcaafd48061d206f0c76be4025253ce9659e41422d91184582a9b9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:42:40 GMT
x-amz-version-id: WEEOnDZaZGkx2WMXCNJdtzXRATBwfbqs
content-encoding: br
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2202227
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 9342167631dcaafd48061d206f0c76be4025253ce9659e41422d91184582a9b9
x-cache: Hit from cloudfront
last-modified: Mon, 29 May 2023 07:38:59 GMT
server: AmazonS3
etag: W/"9e9de41eed929da0a2fe915e0d8c96a8"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=31536000, public
x-amz-cf-id: S0GlBVkadMcBWqRYalSiBc7qohwqpJR32rWnvoDPh_03vN8-EB3yLA==
x-amz-meta-s3b-last-modified: 20230529T073706Z

GET
H2 200 extender.min.js Show response
asset.kompas.com/data/2021/sso/js/ 1000 B
1 KB 213ms
59ms Script
application/javascript 2600:9000:21f3:9400:3:445f:1a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.kompas.com/data/2021/sso/js/extender.min.js
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9400:3:445f:1a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 67a09458aa2b97d54491755dcf3d3d00298de54799b49fded2de6db24e103a94

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Tue, 25 Jun 2024 14:10:06 GMT
date: Mon, 26 Jun 2023 14:10:06 GMT
x-amz-version-id: MOZ46XzJdcFn1e02WvQVITzvQ0X1BXOD
content-encoding: gzip
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 1725380
x-amz-meta-sha256: 67a09458aa2b97d54491755dcf3d3d00298de54799b49fded2de6db24e103a94
x-cache: Hit from cloudfront
last-modified: Wed, 21 Sep 2022 22:43:02 GMT
server: nginx
etag: W/"826a4aaed58c0b038c78fad576e7b0d4"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: DOgSJCCa37JdBqnsXipiG0oxfc1goYY6RYYHnmWSHF_XbK5VzpZodQ==
x-amz-meta-s3b-last-modified: 20220921T224110Z

GET
H2 200 ssouser.min-1.0.js Show response
asset-1.tstatic.net/js/kgmedia/tribunnews/ 827 B
1 KB 62ms
59ms Script
application/javascript 143.204.215.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset-1.tstatic.net/js/kgmedia/tribunnews/ssouser.min-1.0.js
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-124.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 79aa57c367c93a86fbf20383e55c0d23134f8b2184d78fcd0661296c3550cce9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 13:24:19 GMT
x-amz-version-id: wa3d33yDjakIiwa0gH3t3kxmqgs5QhxR
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2160128
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 79aa57c367c93a86fbf20383e55c0d23134f8b2184d78fcd0661296c3550cce9
x-cache: Hit from cloudfront
content-length: 827
last-modified: Tue, 18 Oct 2022 03:41:04 GMT
server: AmazonS3
etag: "e5941d7143a2c0798f2801a0b57bce01"
vary: Origin
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: _N2mbcdUfPyLEIXV53ReUPsriU6PiALZrZJVSxBvR12qDWmfzXZFhA==
x-amz-meta-s3b-last-modified: 20221018T033928Z

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
81 KB 216ms
86ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26290b59fd9788df4df43d2a918005898361b231b2eb0b16020267f5fdfccfd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82498
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Jul 2023 13:26:26 GMT

GET
H2 200 matlok_memilih.png
asset-1.tstatic.net/img/ 1 KB
2 KB 56ms
56ms Image
image/png 143.204.215.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset-1.tstatic.net/img/matlok_memilih.png
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-124.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e169cf4f2fde53ff50ff2ecb38b0df2cbc613aaf3b93b2e52202cad8ce93a8bd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 12:27:19 GMT
x-amz-version-id: T0clr0qUHmWxhANs7kCSWhmPkvyvy8UK
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1817948
x-amz-meta-sha256: e169cf4f2fde53ff50ff2ecb38b0df2cbc613aaf3b93b2e52202cad8ce93a8bd
x-cache: Hit from cloudfront
content-length: 1055
last-modified: Mon, 12 Sep 2022 03:56:24 GMT
server: AmazonS3
etag: "7c3cd375a8dc8d79a2afc6e5395fe8e8"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
x-amz-cf-id: tXgwwReE4pTZe0k15rkkd11MqCfZGGu35z4no2ILotiGe6dMy-FvlQ==
x-amz-meta-s3b-last-modified: 20220909T085209Z

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 190ms
60ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://medan.tribunnews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 114058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 05:45:28 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 55 KB
56 KB 107ms
72ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin: https://medan.tribunnews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617, 617, 617
cdn-cachedat: 2021-06-08 21:22:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56780
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c77fece8de88b583637a288214bfb709
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7e7a93b16dc1d95b-HEL
cdn-requestpullsuccess: True

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 182ms
56ms Script
application/javascript 108.138.7.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 05:49:26 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 27421
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: CLeEW8cG3who0LrvOSyHt7Xfuo_NUFhQ6kU8HCpAu6yjUfdQkGA5bA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/ 391 KB
125 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6191ac7651d440b704eac8b29a7d30a0d47d7ada32012fdec33c35e6e4f7a2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 12:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4556
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127471
x-xss-protection: 0
server: cafe
etag: 16392902606907886609
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 15 Jul 2024 12:10:30 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/id_ID/ 307 KB
87 KB 60ms
60ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/id_ID/sdk.js?hash=5ab94f7566b8d85c00c1be76b1f8af2d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/id_ID/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00662afbf044eba1a0c8cf3a47e5bd33327f17d190fd56e1f1542bad392ef49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://medan.tribunnews.com/
Origin: https://medan.tribunnews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Jul 2023 13:26:26 GMT
content-md5: WSh/8boOiEK+DEMh1F6fwQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88773
x-fb-debug: fas3ADeSJ+2xGcBzWKPAeuIhX90/6mbTvSwJR0zpgj/In6LtmRawmKkU7btEiKcPmSzUcrCCb995MGw/qCdrbg==
x-fb-content-md5: 3422a1b15b93dd57988a804bc9a0fee6
cross-origin-opener-policy: same-origin-allow-popups
etag: "b00e27a11ec7d82b35b9ef49da292cd2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 15 Jul 2024 10:57:42 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8077308&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1689513986934&ns_c=UTF-8&c7=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&c8=Arsip%20Juli%202023%20-%20Tribu...
https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1689513986934&ns_c=UTF-8&c7=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&c8=Arsip%20Juli%202023%20-%20Trib...

0
225 B

57ms
57ms

Image
text/plain

108.138.7.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1689513986934&ns_c=UTF-8&c7=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&c8=Arsip%20Juli%202023%20-%20Tribun-medan.com&c9=
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Server: 108.138.7.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-10.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:27 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: v-PXhSyUMgynESWl0guqpznKTrA4HZXzaKYlvHmYeT21wtheOT6kiA==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 16 Jul 2023 13:26:26 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=8077308&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1689513986934&ns_c=UTF-8&c7=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&c8=Arsip%20Juli%202023%20-%20Tribun-medan.com&c9=
content-length: 0
x-amz-cf-id: Wj_wro-0SspGKkFbBn6jo2voD6gtV0C4PvNp4MI-VLY2ia4yUragaQ==

GET
H2 200 user Show response
apis.kompas.com/api/activity/ 88 B
1 KB 393ms
229ms XHR
application/json 2600:9000:2490:5000:18:8a85:cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.kompas.com/api/activity/user

Requested by

Host: asset-1.tstatic.net
URL: https://asset-1.tstatic.net/js/jquery/jquery-3.6.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5000:18:8a85:cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.3.28

Resource Hash

9bb78682554710d28abe4c5ff14f22b403a0e38739603f95f648df27adab6089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:27 GMT
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
x-powered-by: PHP/7.3.28
x-cache: Miss from cloudfront
mail-subject: Join_via_header
we-hiring: jobs@kompas.com
content-length: 88
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, X-Requested-With
x-amz-cf-id: 5cKr6NSVbbDeoZcfzU5OkyekTpSjz-Cj_gxJpDLmH4gKO2oXPr8Yeg==
expires: -1

GET
H2 200 client Show response
accounts.google.com/gsi/ 193 KB
76 KB 263ms
127ms Script
application/javascript 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: asset-1.tstatic.net
URL: https://asset-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fda4e07a7eb6eac62326be60b01116f96f4ba7670a07b8c3e339d5c2081c5219

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-fJqs2Tb5CNft37k8qqz-lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-fJqs2Tb5CNft37k8qqz-lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 16 Jul 2023 13:26:27 GMT

GET
H2 200 cse_element__fi.js Show response
www.google.com/cse/static/element/827890a761694e44/ 308 KB
103 KB 280ms
149ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/827890a761694e44/cse_element__fi.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=05d7b8ef00c5d4a0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

198d0077a21e2e861e594ca9474d9d61de05b890f3ba90b7958dbb8472e0694b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 20:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104907
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 16:35:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 12 Jul 2024 20:02:28 GMT

GET
H2 200 default+fi.css
www.google.com/cse/static/element/827890a761694e44/ 41 KB
41 KB 191ms
61ms Stylesheet
text/css 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/827890a761694e44/default+fi.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=05d7b8ef00c5d4a0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 05:43:39 GMT
x-content-type-options: nosniff
age: 286968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41811
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 16:35:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 12 Jul 2024 05:43:39 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 274ms
144ms Stylesheet
text/css 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=05d7b8ef00c5d4a0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 16 Jul 2023 13:51:47 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 238ms
63ms Script
text/javascript 2600:9000:2250:1200:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1200:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sun, 16 Jul 2023 02:48:38 GMT
Via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 38270
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: Wryo-oRB1yoLZxzoD0XbxaQ3Ou2LN3nHktMrSZbnw7EZ4Hy9d39bSQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 165 KB
47 KB 448ms
448ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1601223832471963&correlator=3908510888863968&eid=21065725&output=ldjh&gdfp_req=1&vrg=202307100101&ptt=17&impl=fifs&iu_parts=31800665%2CTribunMedan%2CSection%2Cvignette&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=2516396190&sfv=1-0-40&ists=1&fas=8&prev_scp=pos%3Dvignette%26page%3Dsection%26kg_pos%3Dvignette&eri=1&cust_params=kg_inv_type%3Ddesktop%26kg_group_sites%3Dtribunnews&sc=1&cookie_enabled=1&abxe=1&dt=1689513987020&lmt=1689513987&dlt=1689513986432&idt=555&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=892932126.1689513987&ga_sid=1689513987&ga_hid=96161962&ga_fc=false&a3p=EhkKCnVpZGFwaS5jb20Yx5eG95UxSABSAghk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f5bdc7147073aebf74df67e07d7eb5fed02916f1463210e16d5f1b7799d1484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48164
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A1AF 6 KB
3 KB 246ms
68ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medan.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 13:26:27 GMT
expires: Mon, 15 Jul 2024 13:26:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/ 37 KB
13 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b552f129439dc64d2ee9510fcc28df5ec4a98b1c22e2069e629234f2c732b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:09:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1020
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13154
x-xss-protection: 0
server: cafe
etag: 4812782103980723768
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 15 Jul 2024 13:09:27 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 207ms
60ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://medan.tribunnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://medan.tribunnews.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sun, 16 Jul 2023 13:26:27 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
626 B 182ms
57ms XHR
application/json 18.193.228.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.3.0&referrer=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tmax=2000

Requested by

Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.228.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-228-139.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
accept-ch: sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status: 12, 12, 12, 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
810 B 302ms
141ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987095&to=0&aun=div-Top-Leaderboard&tdid=&gpid=%2F31800665%2FTribunMedan%2FSection&t=aoxjexrk&pi=3&maxw=970&maxh=250&si=986408&bf=728x90%2C970x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 27792bf67f3d505e5e2d589328d36292cd8dd0a69f3b22e8fcd0ff9a2ba5b2d8

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
809 B 250ms
90ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987095&to=0&aun=div-Top-Leaderboard&tdid=&gpid=%2F31800665%2FTribunMedan%2FSection&t=aoxjexrk&pi=3&maxw=970&maxh=250&si=986409&bf=728x90%2C970x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 10d5ccb96ad35f641c998359b4eed991d100fa1e6c031ecfe310eb280184efae

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
810 B 245ms
86ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987095&to=0&aun=div-Left-WideSkyscraper&tdid=&gpid=div-Left-WideSkyscraper&t=aoxjexrk&pi=3&maxw=160&maxh=600&si=986410&bf=160x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 00e3d1585cd653455dcad1c9e8bdbd366806ec543dcbe3bdda7e376afc2b6494

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
809 B 300ms
140ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987096&to=0&aun=div-Right-MediumRectangle-1&tdid=&gpid=%2F31800665%2FTribunMedan%2FSection&t=aoxjexrk&pi=3&maxw=300&maxh=600&si=986411&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fc526cd56a48c4cb45355a716b333867ab483146d9e65eafb11222be1ac37b08

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
808 B 248ms
88ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987096&to=0&aun=div-Right-MediumRectangle-1&tdid=&gpid=%2F31800665%2FTribunMedan%2FSection&t=aoxjexrk&pi=3&maxw=300&maxh=600&si=986412&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0073fe03f364fdb6278704d48cbf0c34ecf67e19bcf2c8ec36c68f9e0fcc9938

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
810 B 299ms
140ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987096&to=0&aun=div-Right-MediumRectangle-2&tdid=&gpid=div-Right-MediumRectangle-2&t=aoxjexrk&pi=3&maxw=300&maxh=250&si=986413&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b67e1434089d076d3e5e72f6a8297118d6803d3b73b9a60bfc06b6fe602ad244

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
810 B 249ms
90ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987096&to=0&aun=div-Right-MediumRectangle-3&tdid=&gpid=div-Right-MediumRectangle-3&t=aoxjexrk&pi=3&maxw=300&maxh=600&si=986414&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cac53234245ba6b4af5f63f343fa990854ac6077b795f17d24fcf30925a8b0e0

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
809 B 317ms
158ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987096&to=0&aun=div-Right-MediumRectangle-3&tdid=&gpid=div-Right-MediumRectangle-3&t=aoxjexrk&pi=3&maxw=300&maxh=600&si=986415&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d283c95d807756ad28c37cc9cc1bf3f49d0952c0a1b2cc4c2d4e9b93386b7eb5

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
810 B 316ms
158ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987096&to=0&aun=div-Inside-MediumRectangle&tdid=&gpid=div-Inside-MediumRectangle&t=aoxjexrk&pi=3&maxw=336&maxh=280&si=986416&bf=300x250%2C300x100%2C336x280%2C1x1&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6dd0503e9ae8f064106b8f5aafe0d8f4c708b9261f18996c307b04887e3bbbd8

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
810 B 315ms
157ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987096&to=0&aun=div-Inside-MediumRectangle&tdid=&gpid=div-Inside-MediumRectangle&t=aoxjexrk&pi=3&maxw=336&maxh=280&si=986417&bf=300x250%2C300x100%2C336x280%2C1x1&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5b98d1c147a5671bb21287c8a509628ea00f452e0db48058af76bfde225fc1d0

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
810 B 306ms
149ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987096&to=0&aun=div-BelowArticles&tdid=&gpid=div-BelowArticles&t=aoxjexrk&pi=3&maxw=320&maxh=100&si=986418&bf=320x100%2C320x50%2C1x1&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 626af780674f76bbf3f30e2dec7256a57732ad2f23ed05a7f881e9b0b81471a0

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
809 B 307ms
149ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987097&to=0&aun=div-BelowArticles&tdid=&gpid=div-BelowArticles&t=aoxjexrk&pi=3&maxw=320&maxh=100&si=986419&bf=320x100%2C320x50%2C1x1&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 95341767d471be9e6f571ba631d978533c423c141d21989e4108c22e22688bf9

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
809 B 305ms
148ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987097&to=0&aun=div-BelowImages&tdid=&gpid=div-BelowImages&t=aoxjexrk&pi=3&maxw=640&maxh=100&si=986420&bf=640x100%2C468x60%2C320x100%2C1x1&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 295448840ddf6aff7e4d87844520d49a01c0fa8ddb4fbed54906cdcb6ef896e0

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 363 B
810 B 248ms
91ms XHR
application/json 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689513987097&to=0&aun=div-BelowImages&tdid=&gpid=div-BelowImages&t=aoxjexrk&pi=3&maxw=640&maxh=100&si=986421&bf=640x100%2C468x60%2C320x100%2C1x1&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.3.0%22%7D&ogu=null&ns=9318
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ff65958ce67b6ade63d89402a31ed3f9fca25d5d9c97e422e57deaa6a09ce6b4

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
199 B 221ms
69ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.3.0&cb=32628141632&lsavail=1

Requested by

Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://medan.tribunnews.com
date: Sun, 16 Jul 2023 13:26:26 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
183 B 638ms
207ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://medan.tribunnews.com
date: Sun, 16 Jul 2023 13:26:27 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
198 B 225ms
78ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.3.0&cb=62133524211&lsavail=1

Requested by

Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://medan.tribunnews.com
date: Sun, 16 Jul 2023 13:26:27 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
168 B 203ms
82ms XHR
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://medan.tribunnews.com
pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
342 B 272ms
77ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:26 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
342 B 270ms
75ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
342 B 271ms
76ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
342 B 268ms
73ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:26 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
342 B 269ms
74ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
342 B 270ms
75ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:26 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
552 B 177ms
86ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=450352
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c290613b06153be3b956621dbe81e454e3793034ad86608429c66186447d245a

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqSWfWubC6YbyjSc4gSgiwr%2BnuLWps%2FD6Xupc9SxajP%2BqeZ11QXdfEZ%2FAqHnJAlNiaqYoU9zLd6Q8yDsaCWq%2BkjSxrSTZaFtUAErcNPanHn0cjIW7zL1Kc4RPNAMbXJ9xeNAg0wG"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7e7a93b42a1b9924-ARN
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 393 B
742 B 255ms
67ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484472&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.domain=medan.tribunnews.com&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.pbadslot=%2F31800665%2FTribunMedan%2FSection&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=10723d1dba5342f1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F31800665%2FTribunMedan%2FSection&slots=1&rand=0.6442583093421839
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 546684e949b6d63855d2780c680eb3deed8853f2483da724175146fd855d06e5

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 393
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 358 B
708 B 253ms
65ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484474&size_id=9&rf=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.domain=medan.tribunnews.com&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.pbadslot=div-Left-WideSkyscraper&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=10896ad37ca73e59&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4677447436257296
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e93fb97457d90225908d0dd88076c28af9aa69a361a8ed0334746032dd391270

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 358
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 391 B
920 B 250ms
63ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484476&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.domain=medan.tribunnews.com&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.pbadslot=%2F31800665%2FTribunMedan%2FSection&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=10984c78863767d2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F31800665%2FTribunMedan%2FSection&slots=1&rand=0.02472875500999061
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c7010b31c87c6f79e14f35c75598991914a963b7e8f4f227bdaf63f1179b3cfc

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 391
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 363 B
712 B 252ms
64ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484478&size_id=15&rf=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.domain=medan.tribunnews.com&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.pbadslot=div-Right-MediumRectangle-2&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=11167ab7d503cec9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5503370748053429
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ff492a5eaef9760d8ffc3658d0e7fd5873c2a1f304742ea59b2967fca3419981

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 363
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 383 B
731 B 251ms
63ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484480&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.domain=medan.tribunnews.com&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.pbadslot=div-Right-MediumRectangle-3&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=112f55f21b30d5c4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.07520301358948767
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2730276b338c4545d703ba87a1d21f85af5895947d672ba04b745a643154196b

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 383
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 386 B
733 B 253ms
66ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484482&size_id=15&alt_size_ids=16%2C19%2C221&rf=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.domain=medan.tribunnews.com&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.pbadslot=div-Inside-MediumRectangle&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=113e0e040e428aa8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5867247626041847
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 02f4b61d59a43632e1d926ee3f794f7986c03ea4eb847699b82aaf87a2bdbc16

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 386
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 378 B
727 B 265ms
78ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=478096&zone_id=2838726&size_id=43&alt_size_ids=117%2C221&rf=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.domain=medan.tribunnews.com&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.pbadslot=div-BelowArticles&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=114649a34e24abea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8035666089377937
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 87d29de080565bb951001d9eb230973bd9523e120cf84392dff43fa9b8b6f33d

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 378
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 373 B
723 B 252ms
65ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=478098&zone_id=2838728&size_id=1&alt_size_ids=117%2C221&rf=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.domain=medan.tribunnews.com&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&tg_i.pbadslot=div-BelowImages&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=11599d3323b52083&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19270079341715718
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6419d6c273ac4926f3dcfedf031ca0a3f36e2b259a899d77cda4e8e9925d2721

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 373
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 2392254 Show response
bs.yandex.ru/prebid/ 0
25 B 353ms
169ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/prebid/2392254?imp-id=1&target-ref=medan.tribunnews.com&ssp-id=10500

Requested by

Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 16 Jul 2023 13:26:27 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://medan.tribunnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Sun, 16 Jul 2023 13:26:27 GMT

POST
H2 204 2392254 Show response
bs.yandex.ru/prebid/ 0
25 B 345ms
161ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/prebid/2392254?imp-id=1&target-ref=medan.tribunnews.com&ssp-id=10500

Requested by

Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 16 Jul 2023 13:26:27 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://medan.tribunnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Sun, 16 Jul 2023 13:26:27 GMT

POST
H2 204 2392254 Show response
bs.yandex.ru/prebid/ 0
25 B 351ms
168ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/prebid/2392254?imp-id=1&target-ref=medan.tribunnews.com&ssp-id=10500

Requested by

Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 16 Jul 2023 13:26:27 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://medan.tribunnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Sun, 16 Jul 2023 13:26:27 GMT

POST
H2 204 2392254 Show response
bs.yandex.ru/prebid/ 0
25 B 346ms
162ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/prebid/2392254?imp-id=1&target-ref=medan.tribunnews.com&ssp-id=10500

Requested by

Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 16 Jul 2023 13:26:27 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://medan.tribunnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Sun, 16 Jul 2023 13:26:27 GMT

POST
H2 204 2392254 Show response
bs.yandex.ru/prebid/ 0
424 B 343ms
160ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/prebid/2392254?imp-id=1&target-ref=medan.tribunnews.com&ssp-id=10500

Requested by

Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 16 Jul 2023 13:26:27 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://medan.tribunnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Sun, 16 Jul 2023 13:26:27 GMT

POST
H2 204 2392254 Show response
bs.yandex.ru/prebid/ 0
25 B 359ms
176ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/prebid/2392254?imp-id=1&target-ref=medan.tribunnews.com&ssp-id=10500

Requested by

Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 16 Jul 2023 13:26:27 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://medan.tribunnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Sun, 16 Jul 2023 13:26:27 GMT

POST
H2 204 2392254 Show response
bs.yandex.ru/prebid/ 0
25 B 356ms
174ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/prebid/2392254?imp-id=1&target-ref=medan.tribunnews.com&ssp-id=10500

Requested by

Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 16 Jul 2023 13:26:27 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://medan.tribunnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Sun, 16 Jul 2023 13:26:27 GMT

POST
H2 204 2392254 Show response
bs.yandex.ru/prebid/ 0
25 B 357ms
175ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/prebid/2392254?imp-id=1&target-ref=medan.tribunnews.com&ssp-id=10500

Requested by

Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 16 Jul 2023 13:26:27 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://medan.tribunnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Sun, 16 Jul 2023 13:26:27 GMT

POST
H2 204 2392254 Show response
bs.yandex.ru/prebid/ 0
25 B 352ms
170ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/prebid/2392254?imp-id=1&target-ref=medan.tribunnews.com&ssp-id=10500

Requested by

Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 16 Jul 2023 13:26:27 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://medan.tribunnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Sun, 16 Jul 2023 13:26:27 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
261 B 143ms
65ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: af0d951af682be735d65329a908abc3d2d8b79ecc883a493ea858b9a7b916be1

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://medan.tribunnews.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
384 B 304ms
111ms XHR
application/json 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://medan.tribunnews.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 16 Jul 2023 13:26:27 GMT

POST
H2 200 hbpost Show response
hb.jixie.io/v2/ 28 B
613 B 733ms
277ms XHR
application/json 43.129.34.148
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.jixie.io/v2/hbpost
Requested by: Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.129.34.148 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: / Express
Resource Hash: 061480cb294eab57d81c747217ff8d01168a9622b4cfdff2653ec2d55d6718f6

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"1c-FDUmyBFxVTulIu8V9sRItIcEjBc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 195ms
61ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Jul 2023 13:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1310
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 16 Jul 2023 15:04:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
86 KB 101ms
100ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f6189b0c07126020d0a4324454c6e34746e70271db0f2de7829a1858af2b19a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87844
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jul 2023 13:26:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
84 KB 76ms
75ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

347fd20704d194b013d31c2a64a245c40fea063a85027036abc6bf470cab150f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85672
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jul 2023 13:26:27 GMT

GET
H2 200 jxpublisher_3_1.min.js Show response
scripts.jixie.media/ 32 KB
14 KB 1833ms
278ms Script
application/javascript 36.66.3.170
TELKOMNET-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 36.66.3.170 Mataram, Indonesia, ASN7713 (TELKOMNET-AS-AP PT Telekomunikasi Indonesia, ID),
Reverse DNS
Software: openresty /
Resource Hash: 15548cf9a8e6e2dd991752e763b2af8279d9285df95110b70fcb92f324c3cd2a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

nginx-hit: 1
date: Sun, 16 Jul 2023 13:26:28 GMT
x-amz-version-id: yHgxn_rd0szh31nwr.WQyZORJpasTx84
via: EA-IDN-jakarta-AREA1-CACHE3[3],EA-IDN-jakarta-AREA1-CACHE23[0,TCP_HIT,0],EA-SGP-GLOBAL1-CACHE18[13],EA-SGP-GLOBAL1-CACHE29[0,TCP_HIT,12]
x-ccdn-cachettl: 2592000
content-encoding: gzip
x-amz-request-id: AATHTFGJYHS1V8RG
age: 2202816
x-amz-server-side-encryption: AES256
x-amz-id-2: Q7putAALjtQ8GhBdMLmRQjrPcvh3TfRuf5hQx697/tjBVlaCTa+7l0tRURzg9U4c4OXISEDrxy8=
last-modified: Wed, 21 Jun 2023 01:32:49 GMT
server: openresty
etag: W/"eb6e5157a9c72456988880b645c7c3fb"
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-expires: 1359673
x-hcs-proxy-type: 1

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 236ms
63ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=114488588566911&ev=fb_page_view&dl=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&rl=&if=false&ts=1689513987211&sw=1600&sh=1200&at=

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 16 Jul 2023 13:26:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 204 publishertag.standalone.js
static.criteo.net/js/ld/ Frame 0
0 235ms
75ms Preflight 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://medan.tribunnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=86400
date: Sun, 16 Jul 2023 13:26:27 GMT
expires: Mon, 17 Jul 2023 13:26:27 GMT
server: nginx
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.standalone.js Show response
static.criteo.net/js/ld/ 97 KB
32 KB 114ms
100ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.standalone.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f386b6267d04bd09b26cfcb538b15a3563962bf7c47b34c33d6248b25bd24b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/javascript

Response headers

date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-184b5"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jul 2023 13:26:27 GMT

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
215 B 217ms
65ms XHR
text/plain 185.64.191.208
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://medan.tribunnews.com
Date: Sun, 16 Jul 2023 13:26:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true

POST
H2 200 prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 156 B
722 B 189ms
51ms XHR
application/json 185.89.211.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.83 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9bf840ae7df9b4848ede2417e6b7c544a60df790dbdca3b29eef5b702c27c19d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
an-x-request-uuid: 2c19d4d4-d69d-4b88-a71c-491b9a902196
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.184; 185.204.1.184; 928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 156
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
342 B 321ms
83ms XHR
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
198 B 124ms
111ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=1034700112

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://medan.tribunnews.com
date: Sun, 16 Jul 2023 13:26:27 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
215 B 213ms
66ms XHR
text/plain 185.64.191.208
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://medan.tribunnews.com
Date: Sun, 16 Jul 2023 13:26:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true

POST
H2 200 prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 156 B
720 B 246ms
111ms XHR
application/json 185.89.211.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.83 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ad0560ba945f9511d161d2522a046f6e4dfb0762ae5e81ef53a6ea0da81888d5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
an-x-request-uuid: b55acccb-1aad-4e41-b1ba-3eb2fc40ce2d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.184; 185.204.1.184; 928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 156
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 425ms
187ms XHR
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: 8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:26 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
198 B 123ms
112ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=64976392260

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://medan.tribunnews.com
date: Sun, 16 Jul 2023 13:26:26 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
215 B 214ms
69ms XHR
text/plain 185.64.191.208
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://medan.tribunnews.com
Date: Sun, 16 Jul 2023 13:26:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true

POST
H2 200 prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 156 B
721 B 184ms
52ms XHR
application/json 185.89.211.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.83 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e697f30c7634ef967f70977bc85512b5fd539a927ecd3e5afcca3db33fdd3850

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
an-x-request-uuid: 176c0a3f-c709-4c61-ade8-8194d382d8de
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.184; 185.204.1.184; 928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 156
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
342 B 323ms
88ms XHR
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:26 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
198 B 120ms
112ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=55114650516

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://medan.tribunnews.com
date: Sun, 16 Jul 2023 13:26:26 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
215 B 208ms
67ms XHR
text/plain 185.64.191.208
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://medan.tribunnews.com
Date: Sun, 16 Jul 2023 13:26:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true

POST
H2 200 prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 156 B
721 B 183ms
53ms XHR
application/json 185.89.211.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.83 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d87b62518676faf3edc1e8ea262dabb281c4c88c1c2d9f74a169a953d5aadac8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
an-x-request-uuid: 84fce205-bccb-4de8-9acc-6327ba831d80
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.184; 185.204.1.184; 928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 156
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
342 B 319ms
87ms XHR
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:26 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
198 B 117ms
112ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=39159372518

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://medan.tribunnews.com
date: Sun, 16 Jul 2023 13:26:26 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
215 B 208ms
69ms XHR
text/plain 185.64.191.208
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://medan.tribunnews.com
Date: Sun, 16 Jul 2023 13:26:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true

POST
H2 200 prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 156 B
721 B 239ms
113ms XHR
application/json 185.89.211.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.83 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6cb7cce3685c8e9839c2ed578ad329fb310eccb50dd95f5901ca9b7cb743b4da

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
an-x-request-uuid: 44292b3c-a160-4cc7-b164-d95b0dbd1458
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.184; 185.204.1.184; 928.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 156
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
342 B 316ms
87ms XHR
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
198 B 132ms
129ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=90597745692

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://medan.tribunnews.com
date: Sun, 16 Jul 2023 13:26:27 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
366 B 223ms
72ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 10 Jul 2024 13:26:27 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 158ms
158ms Stylesheet
text/css 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H9JtYgUBeVYoJkyc95QDpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-H9JtYgUBeVYoJkyc95QDpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 16 Jul 2023 13:26:27 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 137ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FYJCTGV1LV&gtm=45je37c0&_p=96161962&_gaz=1&cid=892932126.1689513987&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689513987&sct=1&seg=0&dl=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&dt=Arsip%20Juli%202023%20-%20Tribun-medan.com&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 198ms
65ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FYJCTGV1LV&cid=892932126.1689513987&gtm=45je37c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
107 B 218ms
87ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FYJCTGV1LV&cid=892932126.1689513987&gtm=45je37c0&aip=1&z=1365516210

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 34ms
33ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DFP7BBGFWN&gtm=45je37c0&_p=96161962&_gaz=1&cid=892932126.1689513987&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689513987&sct=1&seg=0&dl=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&dt=Arsip%20Juli%202023%20-%20Tribun-medan.com&en=page_view&_fv=1&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 91ms
69ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DFP7BBGFWN&cid=892932126.1689513987&gtm=45je37c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
408 B 105ms
86ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DFP7BBGFWN&cid=892932126.1689513987&gtm=45je37c0&aip=1&z=1005707169

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 35D9 6 KB
3 KB 62ms
61ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medan.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 13:26:27 GMT
expires: Mon, 15 Jul 2024 13:26:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
442 B 217ms
69ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23973751bbd6f7da54aa8234c74aa89eb77a11d042c9e372504676f7473dedbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 35D9 4 KB
767 B 70ms
70ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com
URL: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 12:28:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 13:26:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8B5E 14 KB
1 KB 70ms
70ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 13:12:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 13:26:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8B5E 2 KB
945 B 235ms
78ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 13:55:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 8B5E 23 KB
9 KB 236ms
80ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 09:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 09:27:45 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7DD4 143 B
383 B 195ms
61ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 881
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 13:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8B5E 3 KB
1 KB 277ms
122ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 17:59:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:59:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8B5E 20 KB
9 KB 214ms
60ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 13:55:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B5E 179 KB
57 KB 230ms
76ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jul 2023 13:26:27 GMT

GET
H3 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 8B5E 33 KB
14 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 35D9 20 KB
9 KB 217ms
68ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com
URL: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 14:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8599
x-xss-protection: 0
server: cafe
etag: 12796843930313450165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 14:53:33 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 35D9 205 B
229 B 61ms
61ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com
URL: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:18:37 GMT
x-content-type-options: nosniff
age: 248870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 12 Jul 2024 16:18:37 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 35D9 604 B
628 B 62ms
62ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com
URL: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 14:54:36 GMT
x-content-type-options: nosniff
age: 81111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 14 Jul 2024 14:54:36 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.fi/v1/ 3 B
371 B 233ms
68ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.fi/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
13 KB 333ms
331ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1601223832471963&correlator=2488528380213057&eid=21065725&output=ldjh&gdfp_req=1&vrg=202307100101&ptt=17&impl=fifs&iu_parts=31800665%2CTribunMedan%2CSection&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%2C300x600%7C300x250&ifi=2&adks=1945105482%2C2018793739&sfv=1-0-40&prev_scp=pos%3DTopLeaderboard%26page%3Dsection%26kg_pos%3Dtop_1%7Cpos%3DRightMediumRectangle-1%26page%3Dsection%26kg_pos%3Dgiant&eri=1&cust_params=kg_inv_type%3Ddesktop%26kg_group_sites%3Dtribunnews&sc=1&cookie=ID%3D6db6e1f30472668a%3AT%3D1689513987%3ART%3D1689513987%3AS%3DALNI_Ma_tTo7pgns27Zq6fds-wmDDPxsAA&gpic=UID%3D00000c6a2fdddeb0%3AT%3D1689513987%3ART%3D1689513987%3AS%3DALNI_MZZL58jEYKLNwTNOaVOk2uiwTSCPQ&abxe=1&dt=1689513987896&lmt=1689513987&dlt=1689513986432&idt=555&adxs=436%2C1075&adys=150%2C507&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&frm=20&vis=1&psz=970x250%7C300x600&msz=728x90%7C300x250&fws=132%2C640&ohw=728%2C0&ga_vid=892932126.1689513987&ga_sid=1689513987&ga_hid=96161962&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Yx5eG95UxSABSAghk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a89ce2608ee128f4c9ecaeda9322a99d4a375374aebac009d36d1c81e9dda59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13017
x-xss-protection: 0
google-lineitem-id: 6146687453,5755601737
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138410457909,138358572878
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7DD4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
307 B

78ms
75ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com
URL: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 13:26:28 GMT
expires: Sun, 16 Jul 2023 13:26:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 13:26:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 67ms
67ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=96161962&t=pageview&_s=1&dl=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&ul=en-us&de=UTF-8&dt=Arsip%20Juli%202023%20-%20Tribun-medan.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAQCACAEK~&jid=1684037182&gjid=1671244244&cid=892932126.1689513987&tid=UA-15224089-38&_gid=1767535066.1689513988&_r=1&_slc=1&gtm=45He37c0n81NNJ5M3B&cd20=892932126.1689513987&z=294170527

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame E610 37 KB
15 KB 209ms
60ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 12:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jul 2024 12:03:06 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 66ms
65ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-15224089-38&cid=892932126.1689513987&jid=1684037182&gjid=1671244244&_gid=1767535066.1689513988&_u=YCDACEAABAQCACAEK~&z=1380703659

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 16 Jul 2023 13:26:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7E32 0
0 100ms
99ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMRvGivuphwIvpcFoAs9gDWTFnubTGFq9ugwNOrpeMrcEild2-Yam8DEI5TUY9EbFNLpTL2IblH7mIEs5jBTU7fIpuHl183Gy2fCdsffA4i_jhqh7sd9ZG5ZL16i-P4ufpD8HFqE4QPHxUSRPVyFJuV-yeqsw_Ad5pZRrF_8nFvxp_e19IoU9TkSfhq9DCVEtkIFRtR-Nh8hjKpahlFTRQvwwuVTJdbdKMnGjQ0VtXjdOL3ZOMdHo_zr0qEyRiTlcDFLNE8hTMi7nWVT1JCIZGJKTO_8dtRqYM_kkBjP9HdRN35QSdANwSKTvy3o146eOKKxYDbPbMg6xK0muMreuNMQ&sai=AMfl-YSukV3rQT6pxmCBDBELZPMrFPbsJHF9pFuM2kdXrgM9pc2gN2hgC1QyteP4-zI3fa0yfgRU0xjbOnFgKLIOJcSvhWcDiE6qSPMz3HY7Hjp6l5HT-4DcnXN-sFpQdg&sig=Cg0ArKJSzHb3doZxtaeNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tribunnews.com.1376186.js Show response
jsc.mgid.com/t/r/ Frame 7E32 3 KB
1 KB 153ms
75ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/r/tribunnews.com.1376186.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2156a70c14cd6f375eab75a5bed768cae157c4aa077e3a869f6f787d8b2a9243

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-amz-version-id: WUrITXWzxbrX4bYy0Uw0mP_t_Mnu_RMP
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: QK2N83JKHTX8FTAV
cf-polished: origSize=2690
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2El9Iuk5RRWDP6alEMxzsItH+bRUDnmIykE6wsQ0430p4e50OsUT8M7RVY2BOFfzmpGPQNjbiM4=
cf-bgj: minify
last-modified: Fri, 07 Jul 2023 20:10:41 GMT
server: cloudflare
etag: W/"91726523d88ef908a5f57732b2b642b1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7e7a93bb6b5b4e13-HEL
expires: Sun, 16 Jul 2023 16:26:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E32 179 KB
56 KB 73ms
71ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jul 2023 13:26:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C291 0
0 101ms
100ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjp1xfTzq_uCH56sGxozKeQlVlkFkG8CW98T3PTd_wDVDPnc9YpABRTk9bWbWBpVgANLy7HZRUIP0x9J0qBfZjwjaMLQCJgFxOPIfAePjCWJOd1Y04uDLGa0dAghTdJT28jNdrVC4hkv7Hl5OBhuQNmAAVXTQrbnVwNFNn2wC3Ql8BqG1ZiKJa-B828Wb0ypXZu518NivICZLaR3LdZ4Eicg-WxqqMk_mCGc8C2y0z4MznCIUCsrak1OEhVpmuZP30mHWzRSdd5VFYtx7ZMVl9kma60tLdJR3Mduj_Q1fpV66K6U0KB7aMc4nh33R7hG9wwz21t5rx6ctS7nQYnv0gpQ&sai=AMfl-YT9a_vvwJhiOwfK98Es3z5ZWQrwWn6l_p2LYIvX2Lcg6Feq83ofIPTRq8xTLf2DFHdnzL1_8CU5xNQDj0cXYpkAx3Kcb4N3xM8vUT8cJNw_UQQCMMhdadm4OR5ywA&sig=Cg0ArKJSzCvaIPprYSU4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tribunnews.com.1178615.js Show response
jsc.mgid.com/t/r/ Frame C291 3 KB
2 KB 92ms
43ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/r/tribunnews.com.1178615.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44ae6b375f05fe3babfa5d72c81381d1f2a97c5e5e60af89f7179eb8567b361f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-amz-version-id: CD3SH0WSLIa4QTmpb2O3Y4DZew0HDfqH
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 4FPKCBG7BJJ9S4Y1
age: 5435
cf-polished: origSize=2690
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mHI97pXLOckWNGCEqcEBTzPP7QKEA7zyiUBtNGOuquxMhpvF+5sEP37VbcLHjhO40xinmtBY34E=
cf-bgj: minify
last-modified: Fri, 07 Jul 2023 20:10:48 GMT
server: cloudflare
etag: W/"47f75f23518b68aab85cb4378f77280a"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7e7a93bb6b5e4e13-HEL
expires: Sun, 16 Jul 2023 16:26:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C291 179 KB
56 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jul 2023 13:26:28 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 86ms
85ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-15224089-38&cid=892932126.1689513987&jid=1684037182&_u=YCDACEAABAQCACAEK~&z=1298465529

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
107 B 86ms
85ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-15224089-38&cid=892932126.1689513987&jid=1684037182&_u=YCDACEAABAQCACAEK~&z=1298465529

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7E32 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58396050b6cc884451b7ee957fa4ae25b64da361cbccf3cd9f61945afa68457d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C291 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 034e9c373d55d93da882e49293e8cca240bc6840d2ef8812c7baf6f2bc55b6f3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tribunnews.com.1178615.es6.js Show response
jsc.mgid.com/t/r/ Frame C291 312 KB
94 KB 52ms
51ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/r/tribunnews.com.1178615.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178615.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26c35aed68c9ae126f82d7c3158aeb12e9e089833e8f477605c87eefa3232b83

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-amz-version-id: eCFj_5.SN09k_rVmZF6wyGK3YNfMEKJp
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 3XJDBSKSG6WJZY5V
age: 5434
cf-polished: origSize=319990
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RwTMxevRt2++ue8gAKqbSIhW+RTbXGZuYb36MJocPb2EVJ12wJ5W9l9UvdtCO7RdqnpluY0R0CJVN+38J354ow==
cf-bgj: minify
last-modified: Fri, 14 Jul 2023 11:34:32 GMT
server: cloudflare
etag: W/"10ee10d31f9b2e2caabccfa68938fdae"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7e7a93bc5cc24e13-HEL
expires: Sun, 16 Jul 2023 16:26:28 GMT

GET
H2 200 tribunnews.com.1376186.es6.js Show response
jsc.mgid.com/t/r/ Frame 7E32 302 KB
93 KB 93ms
93ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/r/tribunnews.com.1376186.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1376186.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faab2944b009e54a29f7fcb3a8c923b1c2c631bbe3ff258f9b5282a9e54814ae

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-amz-version-id: 3yl3kF51uzD.QXusYkDPjyfH2v3aEp8x
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BTKY3JFBRD3TKAK8
cf-polished: origSize=309004
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: jOQhuYhFz0TLGoBTRrf89tZb9V/WYp+6ZjsdU+P4OMrgm44rUxMVRnlq3e7uw6mP2ywexTb8s00=
cf-bgj: minify
last-modified: Fri, 14 Jul 2023 11:40:26 GMT
server: cloudflare
etag: W/"c935d015100014ccc13e7c7df324ca7f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7e7a93bc5cc74e13-HEL
expires: Sun, 16 Jul 2023 16:26:28 GMT

GET
BLOB 200
OK 0517e973-96f0-4450-a607-4418cc4635a1
https://medan.tribunnews.com/ Frame C291 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://medan.tribunnews.com/0517e973-96f0-4450-a607-4418cc4635a1
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 0d3940be-fde1-4920-8e11-ad9e83547d8a
https://medan.tribunnews.com/ Frame C291 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://medan.tribunnews.com/0d3940be-fde1-4920-8e11-ad9e83547d8a
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C291 0
0 221ms
99ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4csKdiQcs9mqprmtAed29rneXjnvi_qUbKY4X_LOBTxlDk82pHTIqVW0J1mIH52pMDH5ggWU7nhAEG2onQt6xrUV5sm8WGR0Xot00yp_LbJsg4SA_p6OmwBvbLGZXlgTj82w6ffdVWnvH-3KBUB0rd1hc9eJdRj_GgvYWvVP_Ez9VSA2d-RMJMwIUDL3gk_Y_xQ-z8cyzpwmxI2z6icLtO3YeI1j1wTMxD98qjn-Sq3xuwh2dLDjTTsZdMEp0lPf2b37msr0prVtk9eXTDZN9tNvk3TJB8TgAHCP8JFZ1S_Qadm_wU-FFZo2QSFP4L6T2wrxs4MJpzgRpJ3ct90grsfgp&sai=AMfl-YTk5kFZNyAPiAjnv3Yc5Muza7wGbh6K5odor1YrUefKsTGeqZzAC1D-PmXSX7pYICiqsS--KYZLH0-V1hBKKrfxeerFKZzw28zAvi7qC6S_FIPqeb1sI8xweECT8w&sig=Cg0ArKJSzFcskeuAOCOeEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jul 2023 13:26:28 GMT

GET
BLOB 200
OK ee2d4474-07fe-4600-8646-9622f89fb569
https://medan.tribunnews.com/ Frame 7E32 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://medan.tribunnews.com/ee2d4474-07fe-4600-8646-9622f89fb569
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 8d835dcc-1c97-467d-bb82-5041966c94dc
https://medan.tribunnews.com/ Frame 7E32 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://medan.tribunnews.com/8d835dcc-1c97-467d-bb82-5041966c94dc
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7E32 0
0 191ms
99ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_kv6CbN-fatr4C1r5s_fanHSgTiTcZJC-qJUZBMI2d7iQmvWiDCfQSjCd0y4tuvOUvKk2-ADyRz1tFPPFpvUmpJ93LqSKgs8CTr5BlWdJamJ_JWFY-8r_UpX34TSYX91ogv2e4N8W1rSvq3WeBS5KFZN61cUI_upTueT3Y30yv1M4Lw24KefYXlxZmj82KxhYQOTY-6MrOEbFYWaz9jtrZW1aroEoAxx9afbVOjko_lHjvO4GJkzNGxWB7Tl8p0swD3Q8z7BQ6Dsa5s5m6TRX7Auu8jSwoBi74SReEgXVv7_OGF7hkuPOLVYIicNBUeyxtP-80leyMgq9CPkp4vl6_B05&sai=AMfl-YRwOwvWEAFEtwzTdXwP9T2nwnwxz5jehHMRFucB2uat9A-qkrZaFMjlFOQ2HDSyMpj0ZKXr7zsu9jzm-NYbZKwlB3fFWV_qj8IXs14EhdsGnNTn_2dC9iySgZfXWg&sig=Cg0ArKJSzArO52m-O4awEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jul 2023 13:26:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C291 22 KB
1 KB 70ms
70ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

391d7af9603de79e9111b0311bd2f829847f04645e97b9e73ab9dfc54601f725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 13:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 13:15:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 13:26:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C291 3 KB
665 B 69ms
69ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 13:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 13:23:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 13:26:28 GMT

GET
H2 200 /
c.mgid.com/pv/ Frame C291 0
53 B 80ms
72ms Image
text/plain 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1689513988725293615226&uniqId=15fe8&lct=1689292800&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&lu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&pageView=1&pvid=1895ee19275a845d813&site=535833&implVersion=11&dpr=1&tfre=421
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e7a93bdaec34e13-HEL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content f7fbe86a-461e-488f-9fbf-f3edb22f69ca
https://medan.tribunnews.com/ Frame C291 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://medan.tribunnews.com/f7fbe86a-461e-488f-9fbf-f3edb22f69ca
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame C291 2 KB
1 KB 54ms
45ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 31SG1V0WFRNKXC6R
age: 6129
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7e7a93bdcf0d4e13-HEL
expires: Mon, 17 Jul 2023 13:26:28 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame C291 836 B
886 B 52ms
44ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: XZ0F6F1NMNRBE95M
age: 6201
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nfYbs+YuLJxWxkEppmsDbnhW64j8JquqZ1qzCAnTLGmaweE7eAw9cInuu3GQD+kJueAaciG07u0=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7e7a93bdcf034e13-HEL
expires: Mon, 17 Jul 2023 13:26:28 GMT

GET
BLOB 206
Partial Content 62d4e1ae-0771-45c5-82d9-f33e66781756
https://medan.tribunnews.com/ Frame 7E32 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://medan.tribunnews.com/62d4e1ae-0771-45c5-82d9-f33e66781756
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 7E32 2 KB
997 B 40ms
39ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1376186.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 31SG1V0WFRNKXC6R
age: 6129
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7e7a93bdef414e13-HEL
expires: Mon, 17 Jul 2023 13:26:28 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame 7E32 836 B
581 B 41ms
41ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1376186.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: XZ0F6F1NMNRBE95M
age: 6201
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nfYbs+YuLJxWxkEppmsDbnhW64j8JquqZ1qzCAnTLGmaweE7eAw9cInuu3GQD+kJueAaciG07u0=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7e7a93bdef454e13-HEL
expires: Mon, 17 Jul 2023 13:26:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C291 15 KB
16 KB 61ms
60ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://medan.tribunnews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 29219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jul 2024 05:19:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C291 15 KB
15 KB 72ms
72ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://medan.tribunnews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 227421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2024 22:16:07 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1178615/ Frame C291 2 KB
1 KB 238ms
225ms Script
application/x-javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1178615/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1689513988800297287211&uniqId=15fe8&lct=1689292800&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=300&h=603&maxw_2=288&maxh_2=250&sz=288x250&szp=1,2&szl=1;2&cols=1&ref=&cxurl=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&lu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&pageView=1&pvid=1895ee19275a845d813&implVersion=11&dpr=1&tfre=496
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178615.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470f2e330205bc7569224af43e66acdc0364e46ef06a707a49b4a2526def23f8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7e7a93be2fa34e13-HEL
alt-svc: h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/1376186/ Frame 7E32 3 KB
2 KB 99ms
99ms Script
application/x-javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1376186/1?scum=%3F0&scuw=%3F0&mp4=1&ap=1&w=728&h=90&sz=230x95&szp=1,2,3&szl=1,2,3&cols=3&pv=5&cbuster=1689513988829175779056&uniqId=090cd&lct=1689292800&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&lu=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&pageView=0&pvid=1895ee19275a845d813&implVersion=11&dpr=1&tfre=559
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1376186.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec3d53c93d3c5d934321988a2cdd7315f1413f60cad11835dd5bd7b3faf971e1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7e7a93be4fd14e13-HEL
alt-svc: h3=":443"; ma=86400

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 7E32 2 KB
1 KB 43ms
42ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1376186.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 31SG1V0WFRNKXC6R
age: 6129
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7e7a93beec71d933-HEL
expires: Mon, 17 Jul 2023 13:26:28 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame 7E32 836 B
1 KB 41ms
41ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1376186.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:28 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: XZ0F6F1NMNRBE95M
age: 6201
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nfYbs+YuLJxWxkEppmsDbnhW64j8JquqZ1qzCAnTLGmaweE7eAw9cInuu3GQD+kJueAaciG07u0=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7e7a93beec75d933-HEL
expires: Mon, 17 Jul 2023 13:26:28 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzU0MCx5XzYzNy9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi80N...
s-img.mgid.com/g/16587680/328x328/-/ Frame 7E32 9 KB
9 KB 114ms
40ms Image
image/webp 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16587680/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzU0MCx5XzYzNy9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi80NzU4MjEvYmRhMWZhMGJjYzA5YTc2NjgzNjkxYjZkMzI5YTU2YmUuanBn.webp?v=1689513988-4IGnoYYTECQV8T7erzClIhuUXG2zslGEu3GqOyNO1vY
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e231576da7a8ff8063d095d0f472834f83b612440cb2f4b915609b6e5f57499a

Request headers

Referer: https://medan.tribunnews.com/
Origin: https://medan.tribunnews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Jun 2023 09:44:13 GMT
x-mg-request-uuid: 1d68160d-07bb-40e3-802f-aac0c9aa3f35
server: cloudflare
age: 1142556
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7e7a93bf6d66d933-HEL
content-length: 9152
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzM2OTQwMy9iN2MyMTIzMmNhNjg5NmVlOTk0YTRhNWUzM...
s-img.mgid.com/g/12322316/328x328/-/ Frame 7E32 5 KB
6 KB 116ms
42ms Image
image/webp 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12322316/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzM2OTQwMy9iN2MyMTIzMmNhNjg5NmVlOTk0YTRhNWUzMjg1MWIyOC5qcGVn.webp?v=1689513988-b9wkWf5KnDsSi2mbIN38-_9h_-bjZmmQWKoTzCuRBCc
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3af4cae75685ae25b2bb51e8bed3de9df46b03b87e1d5281365727c9af72f4

Request headers

Referer: https://medan.tribunnews.com/
Origin: https://medan.tribunnews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Jun 2023 10:59:49 GMT
x-mg-request-uuid: fe77a0b2-8d52-4c6a-a9cf-82d247c12c92
server: cloudflare
age: 330799
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7e7a93bf6d69d933-HEL
content-length: 5402
alt-svc: h3=":443"; ma=86400

GET
H2 206 http%3A%2F%2Fimghosts.com%2Ft%2F2022-03%2F369403%2F335067850d4ab89860467f66dfc5043d.gif
cl.imghosts.com/imgh/image/fetch/ar_1:1,c_fill,e_sharpen:100,f_mp4,fl_lossy,g_xy_center,w_627,x_393,y_133/ Frame 7E32 52 KB
53 KB 116ms
39ms Media
video/mp4 2606:4700::6812:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/image/fetch/ar_1:1,c_fill,e_sharpen:100,f_mp4,fl_lossy,g_xy_center,w_627,x_393,y_133/http%3A%2F%2Fimghosts.com%2Ft%2F2022-03%2F369403%2F335067850d4ab89860467f66dfc5043d.gif?v=1689513988-gRLdN3TWSyaCYU7Aur3acNNSB5DRE3-kiSeATrKMlcU

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdcb4afa68b205157d58241c022f7322b31a99299ed72eb7ac051de9e8b6e2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medan.tribunnews.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 412095
Content-Range: bytes 0-53536/53537
server-timing: cld-fastly;mitm=cpo;dur=81;cpu=1;start=2023-07-04T18:48:50.567Z;desc=miss,rtt;dur=0,cloudinary;dur=76;start=2023-07-04T18:48:50.565Z
alt-svc: h3=":443"; ma=86400
Content-Length: 53537
last-modified: Thu, 30 Mar 2023 04:24:52 GMT
server: cloudflare
etag: "e325098e9855857747fcdf21967451b1"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 7e7a93bf7da0d95f-HEL

GET
H2 200 i.js Show response
cm.mgid.com/ Frame 7E32 0
124 B 80ms
71ms Script
application/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1689513988955980181339
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1376186.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7e7a93bf19874e13-HEL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 04A2 0
37 B 88ms
88ms Script
application/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1689513988958700647909
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1376186.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7e7a93bf19884e13-HEL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 7E32 101 KB
25 KB 118ms
43ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1376186.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: VVKA3XB2QHEFHDZ5
age: 2884
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e7a93bf9e123769-HEL
x-amz-id-2: MtKN5eO9+yEPhiXJGC0nQQigwud/mwtbq+clLRHAOO5m9X2Kc/vEYgF0Q/goo9tz3Gw9DgecUX4=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame 7E32 207 KB
63 KB 235ms
102ms Script
application/javascript 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1376186.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=119066
accept-ranges: bytes
content-length: 63913
expires: Mon, 17 Jul 2023 22:30:55 GMT

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame C291 2 KB
1 KB 40ms
40ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178615.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 31SG1V0WFRNKXC6R
age: 6130
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7e7a93bf9db7d933-HEL
expires: Mon, 17 Jul 2023 13:26:29 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame C291 836 B
991 B 43ms
42ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178615.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: XZ0F6F1NMNRBE95M
age: 6202
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nfYbs+YuLJxWxkEppmsDbnhW64j8JquqZ1qzCAnTLGmaweE7eAw9cInuu3GQD+kJueAaciG07u0=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7e7a93bf9dbbd933-HEL
expires: Mon, 17 Jul 2023 13:26:29 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS80NzU4MjEvNzg5N...
s-img.mgid.com/g/16325037/492x277/-/ Frame C291 32 KB
32 KB 47ms
47ms Image
image/webp 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16325037/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS80NzU4MjEvNzg5N2EyZjQ5ZjY4Mjc1ZDhhZTBhNTBkNzJhNDA0ZDAuanBn.webp?v=1689513988-nBooqRHZJZ-Kvwcii3Wus0SWTMDy5JrSM2iH5pk7XNw
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bd3c965b15c0dfbf459b26b7c9a33d6894102c5f622058b7f3a016390902598

Request headers

Referer: https://medan.tribunnews.com/
Origin: https://medan.tribunnews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 09:40:11 GMT
x-mg-request-uuid: 52ea5f75-27dc-4446-a5b8-b2a75d103549
server: cloudflare
age: 1144042
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7e7a93bf9dbfd933-HEL
content-length: 32318
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi80NzU4MjEvMDE5N...
s-img.mgid.com/g/16510481/492x277/-/ Frame C291 16 KB
17 KB 43ms
42ms Image
image/webp 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16510481/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi80NzU4MjEvMDE5NmE5OGYxNjI2MzdhNzM4ZTdlNjE5ZjFlYjlmZDMuanBlZw.webp?v=1689513988-u9zP-utSWTIQidUtcGT4iqpcHda1wh3YWZFG5L5a7Gc
Requested by: Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4e745ecc90ca46d26088d3f16ba99290c6d0a074181e61993daf64a34baa3ba

Request headers

Referer: https://medan.tribunnews.com/
Origin: https://medan.tribunnews.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
cf-cache-status: HIT
last-modified: Wed, 21 Jun 2023 08:12:07 GMT
x-mg-request-uuid: 1d10fa7b-00bc-43d9-9811-842b13402684
server: cloudflare
age: 1143826
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7e7a93bf9dc4d933-HEL
content-length: 16784
alt-svc: h3=":443"; ma=86400

GET
H3 200 i.js Show response
cm.mgid.com/ Frame C291 0
144 B 75ms
74ms Script
application/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1689513989099429065431
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178615.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7e7a93bfee6bd933-HEL
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 204 isdeleted
apis.kompas.com/api/ Frame 0
0 222ms
222ms Preflight 2600:9000:2490:5000:18:8a85:cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.kompas.com/api/isdeleted

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5000:18:8a85:cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.3.28

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://medan.tribunnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://medan.tribunnews.com
access-control-max-age: 0
cache-control: no-cache, private
date: Sun, 16 Jul 2023 13:26:29 GMT
mail-subject: Join_via_header
server: nginx
vary: Origin
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
we-hiring: jobs@kompas.com
x-amz-cf-id: qdxhkbNccpfyTy6SrZFi7G6M6KWH6xsBy8QS7xO2JDvpOzeZl5FGBg==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-powered-by: PHP/7.3.28
x-xss-protection: 1; mode=block

POST
H2 200 isdeleted Show response
apis.kompas.com/api/ 183 B
988 B 237ms
237ms Fetch
application/json 2600:9000:2490:5000:18:8a85:cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.kompas.com/api/isdeleted

Requested by

Host: asset-1.tstatic.net
URL: https://asset-1.tstatic.net/js/kgmedia/tribunnews/ssouser.min-1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5000:18:8a85:cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.3.28

Resource Hash

e9f38a034a7e5f0ebf6fa2c3b0ba3160034db7045d540d792e84808406e863cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medan.tribunnews.com/
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-powered-by: PHP/7.3.28
x-cache: Miss from cloudfront
mail-subject: Join_via_header
we-hiring: jobs@kompas.com
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: SZpRkqCpcL4Pmr5RC08exbwQIPq2kwEvTJOHpEdAZnS-Zpirur9uhA==
expires: -1

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 239ms
114ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2529a69bbc8f3ba2227a0959ee8c997f28298a8b6f9efc931f4bd0c75dc412dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11832
x-xss-protection: 0

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 117ms
117ms XHR
application/json 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=657538641912-e5c2itnmne4v4ple558a79fi6kkb3iau.apps.googleusercontent.com&as=Y7K3%2BK9Qeu2zpJNput37TQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52ae50c98f41f37a37fb23920a08b9d1ddf9a445f57d908ecc9a45c46a5cc0b7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VFg1TLjPmtxlxTTVac_86Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-VFg1TLjPmtxlxTTVac_86Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medan.tribunnews.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 57FB 15 KB
6 KB 192ms
61ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=medan.tribunnews.com

Requested by

Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/2023/07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://medan.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 13:26:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 334174
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 97ms
96ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: asset-3.tstatic.net
URL: https://asset-3.tstatic.net/ads/prebid/prebid8.3.0-07072023.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jul 2023 13:26:29 GMT

GET
H3 200 i-noref.js Show response
cm.mgid.com/ Frame 1C24 0
144 B 81ms
80ms Script
application/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1689513989135868876237
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178615.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7e7a93c03ef0d933-HEL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame C291 101 KB
24 KB 47ms
47ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178615.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: VVKA3XB2QHEFHDZ5
age: 2884
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e7a93c03ede3769-HEL
x-amz-id-2: MtKN5eO9+yEPhiXJGC0nQQigwud/mwtbq+clLRHAOO5m9X2Kc/vEYgF0Q/goo9tz3Gw9DgecUX4=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame C291 207 KB
63 KB 145ms
144ms Script
application/javascript 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1178615.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=119066
accept-ranges: bytes
content-length: 63913
expires: Mon, 17 Jul 2023 22:30:55 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 7E32 33 B
407 B 203ms
65ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

76a0a6f6ac09f11561a019e837f349db69366cbd5be7306fa67dcdf21f7f58d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://medan.tribunnews.com
date: Sun, 16 Jul 2023 13:26:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 200 events.php Show response
log.r2b2.io/ 9 B
505 B 275ms
143ms XHR
text/javascript 185.59.208.177
VSHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://log.r2b2.io/events.php?u=https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07&hbDomain=tribunnews.com
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS: webgarden-track-lb-ha.vshosting.cz
Software: nginx /
Resource Hash: 96619a3fa6ebd14fba5dd3318d309a74194b67dfe521aec155b46cec20cce4ab

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:25 GMT
content-encoding: gzip
last-modified: Sun, 16 Jul 2023 13:26:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://medan.tribunnews.com
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame C291 33 B
407 B 190ms
66ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

88975e96823d39a647d5de825e09e2205298c158b52082aa8f66bdcb456c30b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://medan.tribunnews.com
date: Sun, 16 Jul 2023 13:26:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 90ms
89ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jul 2023 13:26:29 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 57FB
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=tribunnews.com&sn=ChromeSyncframe&so=0&topUrl=medan.tribunnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=brz9HnwzNmRvQy9lSnVKOVc3Y3VOamR6ZGUvT24yc3BpbzdRZjAzWDJqYTg1YVFoNloxVFgwQThWV3loSU9iQURYeGJiQXFrM3N0SmViYlRHenJZMjBHanlxaEVlY2wwTUVGSDNIU3pMSCtKOWZxTlNxSXA2TnpLVkhPN0...

441 B
658 B

218ms
65ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=brz9HnwzNmRvQy9lSnVKOVc3Y3VOamR6ZGUvT24yc3BpbzdRZjAzWDJqYTg1YVFoNloxVFgwQThWV3loSU9iQURYeGJiQXFrM3N0SmViYlRHenJZMjBHanlxaEVlY2wwTUVGSDNIU3pMSCtKOWZxTlNxSXA2TnpLVkhPN0E2Q0xKc0JEQmtMeHQ0TWpMMXJzVFdqWk9aRDBOL1VrbS91OGI2YUpVMUR5bEtJUjhpQ0dXYUl0cDE1VGdkazN6UHVObC9XbHhDWDNxQlh0aWJVd29vZ1lBajB6dkc0ZmFwWUg1RWdRMHlmZUFscVBiUzNqRGRxOUhpQ1BndW9BdzVkaWRpQUsvdXU1OXMydlhZdGZtNVVtNTBxSEhHdz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c3d7480f4e219f97636f601e49281fbfd65714a22e692cd14e327225e6454ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1082816
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=brz9HnwzNmRvQy9lSnVKOVc3Y3VOamR6ZGUvT24yc3BpbzdRZjAzWDJqYTg1YVFoNloxVFgwQThWV3loSU9iQURYeGJiQXFrM3N0SmViYlRHenJZMjBHanlxaEVlY2wwTUVGSDNIU3pMSCtKOWZxTlNxSXA2TnpLVkhPN0E2Q0xKc0JEQmtMeHQ0TWpMMXJzVFdqWk9aRDBOL1VrbS91OGI2YUpVMUR5bEtJUjhpQ0dXYUl0cDE1VGdkazN6UHVObC9XbHhDWDNxQlh0aWJVd29vZ1lBajB6dkc0ZmFwWUg1RWdRMHlmZUFscVBiUzNqRGRxOUhpQ1BndW9BdzVkaWRpQUsvdXU1OXMydlhZdGZtNVVtNTBxSEhHdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 279425
content-length: 0
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 13:26:29 GMT

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ Frame 7E32 241 B
655 B 200ms
66ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

dc2ac8ea287dd693678a861685e758559ca8ab7800e300793ac2c3d13610257e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://medan.tribunnews.com
date: Sun, 16 Jul 2023 13:26:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ Frame C291 241 B
655 B 197ms
69ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

7da5657cd15e1a7cc6d5c302f5aeae343028a1cc120f3a2bab7227959aa24673

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://medan.tribunnews.com
date: Sun, 16 Jul 2023 13:26:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EEAE 13 KB
5 KB 62ms
60ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medan.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 11482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 10:15:07 GMT
expires: Mon, 15 Jul 2024 10:15:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E71A 783 B
535 B 72ms
71ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cc689d6115320c288925067574f5dd0eb238c13a08f20323eb12e49294c549da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Of4nCsamGFLqPot565U9Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medan.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Of4nCsamGFLqPot565U9Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 13:26:29 GMT
expires: Sun, 16 Jul 2023 13:26:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame EEAE 37 KB
14 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 12:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jul 2024 12:03:06 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E71A 0
0 94ms
94ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307100101&jk=1601223832471963&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C291 42 B
64 B 97ms
96ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNnlvikkXzwILS3CH6U5yKzidMxYlgPd_Ul0-n2VyBg03FNEdFihsbHWg3hgUJFwa5Fx7DfTJF2e0GKPj55OE6f8EEX9WwIQU77Z-wc0ogqzE4GfU5&sig=Cg0ArKJSzE6fm1Ri1wzEEAE&id=lidar2&mcvt=1013&p=507,1075,1110,1375&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20230712&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2018793739&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689513988303&rpt=327&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E32 42 B
64 B 96ms
96ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyodhydc_KE_XxbFXTVz9Rb056NMKvxCzERErMwt5lI0MnskW9vwc1Rbk-M7ISl5kEXFnkGvDUCHdti-_y15C3huaeXpSFLpbOCYxhVLZjOnDZbjzo&sig=Cg0ArKJSzFiiQXeRMlgfEAE&id=lidar2&mcvt=1003&p=150,436,240,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230712&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1945105482&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689513988271&rpt=392&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EEAE 0
10 B 61ms
60ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vNV5EQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 c
c.mgid.com/ Frame 7E32 43 B
194 B 103ms
102ms Image
image/gif 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=230|95|28|hTTEdJVkmebimCcydQYjB0twUqtMdQWCSjSrlLx7AdEmbRaWLSOctjZJ44yT2lI44Bsayh2lj6nIqdIdTsTFhQ**&fw=1&extjs=66044&cid=1376186&h2=yemL3nijs1GFNu8rqu03CPM4f9mav4QeZJCKBWc8j2o*&rid=5eff88a7-23dc-11ee-8bfa-e43d1a2a04aa&tt=Direct&iv=11&pageImp=1&pvid=1895ee19275a845d813&cbuster=1689513989998956039146
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:30 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 1c38a331-21ef-4121-836f-0db6d073319d
server: cloudflare
content-type: image/gif
cf-ray: 7e7a93c5a97dd933-HEL
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 c
c.mgid.com/ Frame C291 43 B
194 B 71ms
70ms Image
image/gif 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=288|250|24|hTTEdJVkmebimCcydQYjBwLVq4fnVJ-tDS2Gtq8whh5KAU5EsEWvJQ-0PgvZOWXbuxUHCv0wi7lNXNiIL1w9WQ**&fw=1&extjs=66044&v=288|250|24|hTTEdJVkmebimCcydQYjB5m7FhzJGBasqGdZHcOyDkgKnaMTatWWWSpzp6SnlxF7QZU7iVNv8WU3VwOAqQPOkg**&cid=1178615&h2=yemL3nijs1GFNu8rqu03CPM4f9mav4QeZJCKBWc8j2o*&rid=5efdb275-23dc-11ee-a339-e43d1a2a96ec&tt=Direct&iv=11&pageImp=0&pvid=1895ee19275a845d813&cbuster=1689513990179400621913
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:30 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: d12033ed-9ac7-4981-9d99-f3a64ed7a2b2
server: cloudflare
content-type: image/gif
cf-ray: 7e7a93c6bbded933-HEL
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 c
c.mgid.com/ Frame 7E32 43 B
194 B 120ms
119ms Image
image/gif 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=230|95|12|hTTEdJVkmebimCcydQYjBwOuKmBJAtkKtUc8DoxLiQj_2EHoF80MAk6LUrCP0hKCSvoxo9a0t_CTPjjhtmu3JQ**&extjs=66044&v=230|95|28|hTTEdJVkmebimCcydQYjBx6tErH7n_cmKUuOZfeVicvKDfiiecuCYJysInuLymhmM20rbCfZp_SDHZ1F9fEPEA**&cid=1376186&h2=yemL3nijs1GFNu8rqu03CPM4f9mav4QeZJCKBWc8j2o*&rid=5eff88a7-23dc-11ee-8bfa-e43d1a2a04aa&tt=Direct&iv=11&pageImp=0&pvid=1895ee19275a845d813&cbuster=1689513990194236874100
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:30 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 28324dc8-661d-430c-b4b2-1d42d6b5b4cd
server: cloudflare
content-type: image/gif
cf-ray: 7e7a93c6cc0fd933-HEL
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 99ms
97ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307100101&jk=1601223832471963&bg=!r6ylrPjNAAb90kgr3dI7ADkAdvg8WiNthVrzkZ9CMe6MhZcppT3a5jsW2NT9fv3IzO-ZOh4xqDJ1XdkH0NQCLzcyLRKq-nalMugCAAAAj1IAAAAoaAEHCgDOKOMb4o0G0r7UPJxzAxsErd8bDzGiTymyCg8vt8u7wcGc7GW7TmIJy7KMVNBU8g06lZ6wdO2jy8OefhN6v0iZIyUOJSvMUssNdEESDwL7NqEYYT6fG9G1O29IZhNIIpn9KT-NR40D9aERnE8dIa8558XRkW3z9aoJGFbS2BuYwBB1UHpoNZPM5ytgmm-MaoP2qu3vnOicKtJTmYNtTIclkHskHaXFUfomvnGWWOfR4Tk7djhwu4A91wHmBt5RvUCN8BJ7kHelY4_SevlZeFWZAp97P9RAg_O7psScW_JQPDp9NR-_F_AG3Ku4r6F4iTGpQPLg8FkC0U5AI_arUYcqOiIm5Bco8WVbXXQbTGG-d2oZ-cwCP_2IvubXCrgRSvHdT9w08NN9GtqQnXDJZL-SU9T0T17zGDOaEA-YjDTgd69HAHeG3dYRZBYAh1D9QyTY9rU_vnLVi2GMvYWsBkJtB10yGk2KhNkfK97ljx7s9G01BF16lLluWbL6Yx6fR9l2OJEvvYBtUgHEZqrTPYMKJswtmrVXO_r16vCn32rUG512n2By5o--iaMf8VHcO5ymy-YD7jL1fIGGp3Hlft-xGYw-aHo5LSy4mk4nNyURb13coF1aMp9fIvvoOYTIwiIWMW4UgtRTfOlTt3alCxI39APqYVGj5eoPTMmxdTb8MarHdG_gsGrAw_by2p0koo7sfJSFT8BOuVdHuzbR44i6EBfo-DgUGYiXWGQC0Z9eYSVpjS7KOAv93s_2G0eTS9DYibuEkZp5bnXtKdQkf0Z71cpfzAiDkav2l--rsqT2oLCUjcVCk0zF6Mo-S4VtYYZ0aEzF3wWGw7vy3F8K52LiXyhIo3cHtlAyFLDXUXFYc_UV_fFGQFl82v5r5ozTMTKvJ5S5LJVNZmAw4bevj6CvEXEAHtUMVzUWZZHjVzVIsLSZmVsNpmof-W0e5pILBLYeZ_C9uXjJGMdASD_p0uwzWBfEzkrETtTGZxOUmp-zRlvXTiDGhCNi3_RV9YGgW-y5NUt3zDwLP9oE9Bw3E2-tG5lt31Q2tFRGozwiB01TB38jkzHlRP2RlKI_l4PB3dkEw_DiaTPoqXpwFD8sSOaWK9z9XM9PFlKF5wriwBjZEWE4gOviq-7o8OhnV_x7jcaHZQ_L7wZGy1nqrZ2tIiYDkQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 pd
kompascybermedia-d.openx.net/w/1.0/ 43 B
304 B 166ms
83ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kompascybermedia-d.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:31 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200 9.gif
id5-sync.com/s/441/ 43 B
1 KB 66ms
66ms Image
image/gif 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 16 Jul 2023 13:26:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 146ms
54ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

pixelSync
pixel-sync.sitescout.com/dmp/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=450352&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=450352&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=0

0
187 B

187ms
57ms

Image
text/plain

98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=0
Protocol: H2
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 16 Jul 2023 13:26:31 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 16 Jul 2023 13:26:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 200 userSync.js Show response
ads.pubmatic.com/AdServer/js/ 7 KB
3 KB 58ms
57ms Script
application/javascript 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:32 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 06:09:39 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=154596
accept-ranges: bytes
content-length: 2358
expires: Tue, 18 Jul 2023 08:23:08 GMT

GET
H2 200 loaduser Show response
traid.jixie.io/api/ 52 B
323 B 672ms
224ms XHR
application/json 43.129.34.52

General

Check archive.org

Show headers Download Go to

Full URL: https://traid.jixie.io/api/loaduser?accountid=49294e929f73c07439de2f2801b98a58
Requested by: Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.129.34.52 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: c7021cba3e04eb345d5569eff7603ba2bbbafe27d0c4a70ef4554121ca3ed5e2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:33 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"34-CLDRNnrEq6BUIaOWRyovC7wI60s"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medan.tribunnews.com
access-control-allow-credentials: true

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A382 15 KB
6 KB 58ms
58ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://medan.tribunnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=38515
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Sun, 16 Jul 2023 13:26:33 GMT
expires: Mon, 17 Jul 2023 00:08:28 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A382 5 KB
6 KB 203ms
57ms Script
text/html 198.47.127.19

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79489281&p=158361&s=857612&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00e4c67e4ece70f153704ccb2c6890aa38ea641a3fa2a1e0c51b804e4e6a01fd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 16 Jul 2023 13:26:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

OPTIONS
H2 200 rid
match.adsrvr.org/track/ Frame 0
0 229ms
74ms Preflight
text/html 15.197.193.217

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://medan.tribunnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private
content-length: 27
content-type: text/html
date: Sun, 16 Jul 2023 13:26:33 GMT
vary: Origin
x-aspnet-version: 4.0.30319

GET
H2 200 rid
match.adsrvr.org/track/ 63 B
393 B 199ms
75ms XHR
application/json 15.197.193.217

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Requested by: Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://medan.tribunnews.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 Jul 2023 13:26:34 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medan.tribunnews.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Tue, 15 Aug 2023 13:26:34 GMT

POST
H2 200 upkiejson
accounts.tokopedia.com/ 127 B
2 KB 409ms
250ms XHR
application/json 193.108.153.22

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.tokopedia.com/upkiejson
Requested by: Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.22 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://medan.tribunnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:34 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://medan.tribunnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tkp-srv-id: accountsapp-10-41-64-121
x-tkpd-origin-match: origin-accounts.tokopedia.com
content-length: 127

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 4A53
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 684F
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588525749850987

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame E0B7
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8763838319184165482

0
0

GET

dcm
aax-eu.amazon-adsystem.com/s/ Frame 362B
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EB7B6BEF-F989-498F-8CE9-FF0A2E295EFB&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EB7B6BEF-F989-498F-8CE9-FF0A2E295EFB&redir=true&gdpr=0&gdpr_consent=&dcc=t

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 3C49
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AaHHN1GllWUapJw0U6CIMAeikWEarcMxD6PsSVUb

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame A896
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6505542326944562583&gdpr=0&gdpr_consent=

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame CD5C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256407350369122444&gdpr=0&gdpr_consent=

0
0

GET
H2 400 sync Show response
t.adx.opera.com/pub/ Frame A635 0
413 B 194ms
59ms Document
text/plain 82.145.213.8

General

Check archive.org

Show headers Download Go to

Full URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 16 Jul 2023 13:26:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: nginx

GET sync
sync.srv.stackadapt.com/ Frame 09DF 0
0

GET

pm
match.prod.bidr.io/cookie-sync/ Frame 8053
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1

0
0

GET

b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame D271
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 391B
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
0

GET
H2 200 bridge
cm.adgrx.com/ Frame 8070 43 B
283 B 219ms
58ms Document
image/gif 63.251.232.170

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Sun, 16 Jul 2023 13:26:34 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-2

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame F501 43 B
361 B 142ms
65ms Document
image/gif 35.186.193.173

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Sun, 16 Jul 2023 13:26:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H/1.1 200
OK cookiesync
core.iprom.net/ Frame 3EE2 43 B
279 B 290ms
67ms Document
image/gif 195.5.165.20

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Sun, 16 Jul 2023 13:26:34 GMT
Vary: Accept-Encoding
X-adserver-worker: erebus-e6b6f093e645@version_1.563v2
X-core-time: 0ms
X-server-arch: v2

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame ACCE 0
0

GET

i.match
s.tribalfusion.com/z/ Frame 31DE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

0
0

GET

/
pixel-eu.onaudience.com/ Frame BDFA
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...

0
0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A382
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=63tr7_mJSY-M6f8KLile-w%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

62ms
61ms

Image
text/html

23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:34 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=38514
accept-ranges: bytes
content-length: 5606
expires: Mon, 17 Jul 2023 00:08:28 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame A382 49 B
267 B 235ms
73ms Image
image/gif 46.51.194.233

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EB7B6BEF-F989-498F-8CE9-FF0A2E295EFB&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.194.233 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:34 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.12.210
content-length: 49
expires: 0

GET
H2

204

cr
cr.frontend.weborama.fr/ Frame A382
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=742583820

0
46 B

67ms
66ms

Image
text/plain

34.111.129.221

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=742583820
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 34.111.129.221 -, , ASN (),
Reverse DNS
Software: Weborama Collect Frontend /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:33 GMT
via: 1.1 google
last-modified: Sun, 16 Jul 2023 13:26:34 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:26:33 GMT
via: 1.1 google
last-modified: Sun, 16 Jul 2023 13:26:34 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=742583820
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET match
a.audrte.com/ Frame A382 0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame A382
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUI3QjZCRUYtRjk4OS00OThGLThDRTktRkYwQTJFMjk1RUZC&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame A382
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBuxw2s3aHUzydRyTCuNJJU&google_cver=1

0
0

GET
H2 200 pubmatic
um.simpli.fi/ Frame A382 43 B
613 B 204ms
65ms Image
image/gif 34.91.62.186

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 15 Jul 2023 13:26:34 GMT

GET

Pug
simage2.pubmatic.com/AdServer/ Frame A382
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3321407727652259915

0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A382 70 B
266 B 227ms
74ms Image
image/gif 15.197.193.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 16 Jul 2023 13:26:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 EB7B6BEF-F989-498F-8CE9-FF0A2E295EFB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A382 43 B
427 B 236ms
75ms Image
image/gif 2a05:d018:d29:3601:ec8d:4a3a:2499:c89d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/EB7B6BEF-F989-498F-8CE9-FF0A2E295EFB?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:ec8d:4a3a:2499:c89d -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame A382 0
126 B 206ms
57ms Image
text/plain 3.126.56.137

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EB7B6BEF-F989-498F-8CE9-FF0A2E295EFB&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 -, , ASN (),

Reverse DNS

Software

ATS/9.1.10.25 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:26:34 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET sync
x.bidswitch.net/ Frame A382 0
0

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame A382 0
0

GET cs
ad.turn.com/r/ Frame A382 0
0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame A382 0
187 B 65ms
63ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=857612&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 16 Jul 2023 13:26:33 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame A382 0
0

GET usersync
traid.jixie.io/api/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588525749850987

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8763838319184165482

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EB7B6BEF-F989-498F-8CE9-FF0A2E295EFB&redir=true&gdpr=0&gdpr_consent=&dcc=t

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AaHHN1GllWUapJw0U6CIMAeikWEarcMxD6PsSVUb

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6505542326944562583&gdpr=0&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256407350369122444&gdpr=0&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLPwCgABSHsoLABY

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: pixel-eu.onaudience.com
URL: https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=EB7B6BEF-F989-498F-8CE9-FF0A2E295EFB

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBuxw2s3aHUzydRyTCuNJJU&google_cver=1

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3321407727652259915

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EB7B6BEF-F989-498F-8CE9-FF0A2E295EFB&gdpr=0&gdpr_consent=

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: traid.jixie.io
URL: https://traid.jixie.io/api/usersync?info=interests-short,intends-short,cohort&idlist=5e4dac30-23dc-11ee-a4ff-4b31ecbeeb75:jx&sid=1689513000-5e4dac30-23dc-11ee-a4ff-4b31ecbeeb75~1689513993&accountid=49294e929f73c07439de2f2801b98a58

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tribunnews.com/	1970-01-20 13:19:09	Name: 3bun_session Value: mh00trrmih6ui251rpr9uqritp58cbc8
.tribunnews.com/	1970-01-20 13:18:35	Name: vignette_cookies_tribun Value: 1
.tribunnews.com/	1970-01-20 17:37:45	Name: g_state Value: {}
.scorecardresearch.com/	1970-01-20 22:54:33	Name: UID Value: 1B20794fc80c0d048fbbb671689513986
medan.tribunnews.com/	1970-01-20 14:01:45	Name: _pbjs_userid_consent_data Value: 3524755945110770
.gumgum.com/	1970-01-20 22:04:09	Name: cs Value: true
.gumgum.com/	1970-01-20 14:01:45	Name: loc Value: JAnbK9Pr4d8VZkNl0wo_QjCXygM6M9t-rOc3ZTPIP8a5Coe_BwQ9uw4x7QxleioxqLD3EIix-GX5x76HH9ObMf9zasTDWOrgkLJCRqYHdcTCA435R7noin8B6uJ-yrBm
.rubiconproject.com/	1970-01-20 22:04:09	Name: khaos Value: LK5H07WS-1U-FP5P
.rubiconproject.com/	1970-01-20 22:04:09	Name: audit Value: 1\|naVuGyos1qpG65fZwTvI6pHNGL+qfTatXX/yiME3/MJXH69ZVaiYo9Un4gkiGvGmKRsdL5ApwjUCIFkivA8TD6OStvzY0m3a/OcAOQ2chXSDK/N2eFofYr7FQD2yB//hsqlSNZOaaDQ=
.tribunnews.com/	1970-01-20 22:54:33	Name: _ga_FYJCTGV1LV Value: GS1.1.1689513987.1.0.1689513987.60.0.0
.tribunnews.com/	1970-01-20 22:54:33	Name: _ga_DFP7BBGFWN Value: GS1.1.1689513987.1.0.1689513987.60.0.0
.tribunnews.com/	1970-01-20 22:40:09	Name: __gads Value: ID=6db6e1f30472668a:T=1689513987:RT=1689513987:S=ALNI_Ma_tTo7pgns27Zq6fds-wmDDPxsAA
.tribunnews.com/	1970-01-20 22:40:09	Name: __gpi Value: UID=00000c6a2fdddeb0:T=1689513987:RT=1689513987:S=ALNI_MZZL58jEYKLNwTNOaVOk2uiwTSCPQ
.jixie.io/	1970-01-20 22:04:09	Name: jxuuid Value: 5e4dac30-23dc-11ee-a4ff-4b31ecbeeb75
.jixie.io/	1970-01-20 13:18:35	Name: jxuuids Value: 1689513000-5e4dac30-23dc-11ee-a4ff-4b31ecbeeb75~1689513987
.doubleclick.net/	1970-01-20 13:18:37	Name: DSID Value: NO_DATA
.tribunnews.com/	1970-01-20 13:18:37	Name: AMP_TOKEN Value: %24NOT_FOUND
.tribunnews.com/	1970-01-20 22:54:33	Name: _ga Value: GA1.2.892932126.1689513987
.tribunnews.com/	1970-01-20 13:20:00	Name: _gid Value: GA1.2.1767535066.1689513988
.tribunnews.com/	1970-01-20 13:18:34	Name: _gat_UA-15224089-38 Value: 1
.doubleclick.net/	1970-01-20 22:40:09	Name: IDE Value: AHWqTUngGRh9ZgaJKEGcTrdkC0nGYRO_aVgmgKtPBwB4uCcM0Y5X4496lslFYoiU1y0
.mgid.com/	1970-01-20 13:18:35	Name: __cf_bm Value: V_GZMgPvctduhQM_htPmmytl2MkwCG3C9tr0sIcDBkQ-1689513988-0-Aa6BqWJV0Pe9SSeoL9JIiHvgXF2FWaEOhCE4kXH1Pn3fflrPTIABP9AbjWKQOUojdofc7/sjblwu/OW42MUPKLI=
medan.tribunnews.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fmedan.tribunnews.com%2F2023%2F07%22%2C%22svsds%22%3A1%7D%2C%22C1178615%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221689513989047%22%7D%2C%22C1376186%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221689513988939%22%7D%7D
.criteo.com/	1970-01-20 22:40:09	Name: uid Value: f2bd81ce-5fec-4a71-ae19-c9cfc2a57e8f
.tribunnews.com/	1970-01-20 22:40:09	Name: cto_bundle Value: 2jvTl19oRnB3bWYwNlklMkYwNUhRU25LenFQbWE3UVVZeHJ2MTUlMkJ1bzY1a0I4MDNkQkE1ZUdPNGhuJTJGNlJVN29kSUJMazAzQnlZJTJCNnRJJTJGTHV3bmo1bzh1SlREWFUyaWpUbFdqMUNmYUtSVUQ4Q2MxOGVVcU9XYTZJa01UQ2l3RE0zcG9SbnElMkZzcjAyTUFISW5uYiUyQjBlUUZlTEtZQSUzRCUzRA
.id5-sync.com/	1970-01-20 13:18:34	Name: cf Value:
.id5-sync.com/	1970-01-20 13:18:34	Name: cip Value:
.id5-sync.com/	1970-01-20 13:18:34	Name: cnac Value:
.id5-sync.com/	1970-01-20 13:18:34	Name: car Value:
.id5-sync.com/	1970-01-20 13:18:34	Name: gdpr Value:
.id5-sync.com/	1970-01-20 13:18:34	Name: callback Value:
.casalemedia.com/	1970-01-20 22:04:09	Name: CMID Value: ZLPwB2GnfU2H50nHxYVrJQAA
.casalemedia.com/	1970-01-20 15:28:09	Name: CMPS Value: 5267
.casalemedia.com/	1970-01-20 15:28:09	Name: CMPRO Value: 5267

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
network	error	URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EB7B6BEF-F989-498F-8CE9-FF0A2E295EFB&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .tstatic.net fonts.google.com .tribunjualbeli.com .tribunnews.com .bolasport.com .grid.id .gridoto.com .motorplus-online.com .kompas.com .kompasgramedia.com www.kompasiana.com www.kontan.co.id .ampproject.org .dailymotion.com .youtube.com .ytimg.com .tawk.io
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
aax-eu.amazon-adsystem.com
accounts.google.com
accounts.tokopedia.com
ad.turn.com
ads.pubmatic.com
ampcid.google.com
ampcid.google.fi
apis.kompas.com
asset-1.tstatic.net
asset-3.tstatic.net
asset.kompas.com
bidder.criteo.com
bs.yandex.ru
c.mgid.com
cdn.id5-sync.com
cdn.mgid.com
cdn.prod.uidapi.com
cl.imghosts.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
cse.google.com
delivery.r2b2.io
dsum.casalemedia.com
eb2.3lift.com
fastlane.rubiconproject.com
fc534fda21e27cc3de1ddaa58b4c9f21.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
gum.criteo.com
hb.jixie.io
htlb.casalemedia.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
jsc.mgid.com
kompascybermedia-d.openx.net
lb.eu-1-id5-sync.com
log.r2b2.io
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
medan.tribunnews.com
mug.criteo.com
openbid.pubmatic.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prg.smartadserver.com
prg8.smartadserver.com
pubmatic-match.dotomi.com
r2b2-emea.adnxs.com
region1.analytics.google.com
rtb.openx.net
s-img.mgid.com
s.tribalfusion.com
sb.scorecardresearch.com
scripts.jixie.media
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
t-1.tstatic.net
t.adx.opera.com
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
traid.jixie.io
um.simpli.fi
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fi
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.audrte.com
aax-eu.amazon-adsystem.com
ad.turn.com
cm-supply-web.gammaplatform.com
image2.pubmatic.com
match.adsby.bidtheatre.com
match.prod.bidr.io
pixel-eu.onaudience.com
pubmatic-match.dotomi.com
s.tribalfusion.com
simage2.pubmatic.com
sync-tm.everesttech.net
sync.srv.stackadapt.com
traid.jixie.io
x.bidswitch.net
103.132.192.30
104.18.25.185
108.138.7.10
13.224.189.35
13.248.245.213
141.95.98.65
142.250.185.194
143.204.215.124
15.197.193.217
178.250.7.13
18.193.228.139
18.66.97.80
185.59.208.177
185.64.191.208
185.80.39.216
185.86.139.58
185.89.211.83
193.108.153.22
195.5.165.20
198.47.127.19
2001:4860:4802:32::36
23.213.164.238
23.52.123.144
2600:9000:21f3:9400:3:445f:1a00:93a1
2600:9000:2250:1200:a:e047:753:be1
2600:9000:2490:5000:18:8a85:cc0:93a1
2602:803:c003:200::41
2606:4700:10::ac43:266a
2606:4700:1::6813:874e
2606:4700::6812:bcf
2606:4700::6812:d2d
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::200d
2a00:1450:4001:813::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:400c:c0c::9c
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::2
2a02:6b8::90
2a02:6ea0:c700::10
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:d29:3601:ec8d:4a3a:2499:c89d
3.126.56.137
34.111.129.221
34.91.62.186
35.186.193.173
35.186.253.211
35.244.159.8
36.66.3.170
43.129.34.148
43.129.34.52
46.228.174.115
46.51.194.233
5.135.209.96
52.222.214.87
63.251.232.170
63.33.165.48
82.145.213.8
98.98.134.241
00662afbf044eba1a0c8cf3a47e5bd33327f17d190fd56e1f1542bad392ef49a
0073fe03f364fdb6278704d48cbf0c34ecf67e19bcf2c8ec36c68f9e0fcc9938
00e3d1585cd653455dcad1c9e8bdbd366806ec543dcbe3bdda7e376afc2b6494
00e4c67e4ece70f153704ccb2c6890aa38ea641a3fa2a1e0c51b804e4e6a01fd
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
02f4b61d59a43632e1d926ee3f794f7986c03ea4eb847699b82aaf87a2bdbc16
034e9c373d55d93da882e49293e8cca240bc6840d2ef8812c7baf6f2bc55b6f3
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
061480cb294eab57d81c747217ff8d01168a9622b4cfdff2653ec2d55d6718f6
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
10d5ccb96ad35f641c998359b4eed991d100fa1e6c031ecfe310eb280184efae
10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d
1358946bc2945f07fe1d75017d431fc6de7248cf1b2fd73380bc21a6c2241408
15548cf9a8e6e2dd991752e763b2af8279d9285df95110b70fcb92f324c3cd2a
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
198d0077a21e2e861e594ca9474d9d61de05b890f3ba90b7958dbb8472e0694b
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
2156a70c14cd6f375eab75a5bed768cae157c4aa077e3a869f6f787d8b2a9243
23973751bbd6f7da54aa8234c74aa89eb77a11d042c9e372504676f7473dedbf
2529a69bbc8f3ba2227a0959ee8c997f28298a8b6f9efc931f4bd0c75dc412dc
26290b59fd9788df4df43d2a918005898361b231b2eb0b16020267f5fdfccfd3
26c35aed68c9ae126f82d7c3158aeb12e9e089833e8f477605c87eefa3232b83
2730276b338c4545d703ba87a1d21f85af5895947d672ba04b745a643154196b
27792bf67f3d505e5e2d589328d36292cd8dd0a69f3b22e8fcd0ff9a2ba5b2d8
295448840ddf6aff7e4d87844520d49a01c0fa8ddb4fbed54906cdcb6ef896e0
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
347fd20704d194b013d31c2a64a245c40fea063a85027036abc6bf470cab150f
391d7af9603de79e9111b0311bd2f829847f04645e97b9e73ab9dfc54601f725
3a89ce2608ee128f4c9ecaeda9322a99d4a375374aebac009d36d1c81e9dda59
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
3f6189b0c07126020d0a4324454c6e34746e70271db0f2de7829a1858af2b19a
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44ae6b375f05fe3babfa5d72c81381d1f2a97c5e5e60af89f7179eb8567b361f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470f2e330205bc7569224af43e66acdc0364e46ef06a707a49b4a2526def23f8
486a9f6975cf4d1724c7c6f915dda1eeaf5d0d376df442f243530728f5c45261
4a8cdf7c03a39d4aa2f2830f3f05f3a54bb441b6991f91afd2aaa9f7165f26c8
4b3d2865b495fa461bd186b1b0f51035baa5afd7a80b7cf6c72c0ffba2e9992a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5bdc7147073aebf74df67e07d7eb5fed02916f1463210e16d5f1b7799d1484
51281721c4d4112dd09a878a8ce74dac8b7c478f6da1cf31f5cfd7c8160d30d9
52ae50c98f41f37a37fb23920a08b9d1ddf9a445f57d908ecc9a45c46a5cc0b7
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
546684e949b6d63855d2780c680eb3deed8853f2483da724175146fd855d06e5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
58396050b6cc884451b7ee957fa4ae25b64da361cbccf3cd9f61945afa68457d
5b552f129439dc64d2ee9510fcc28df5ec4a98b1c22e2069e629234f2c732b6f
5b98d1c147a5671bb21287c8a509628ea00f452e0db48058af76bfde225fc1d0
5bd3c965b15c0dfbf459b26b7c9a33d6894102c5f622058b7f3a016390902598
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
605947eb2ef516a6d8f38c977b7596e5b674bb6c704e3a19f5aa10f8b58ac8a7
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6191ac7651d440b704eac8b29a7d30a0d47d7ada32012fdec33c35e6e4f7a2d8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626af780674f76bbf3f30e2dec7256a57732ad2f23ed05a7f881e9b0b81471a0
6419d6c273ac4926f3dcfedf031ca0a3f36e2b259a899d77cda4e8e9925d2721
67a09458aa2b97d54491755dcf3d3d00298de54799b49fded2de6db24e103a94
6926c02dda32aa50c00e106bb29ccf2ce44fc07370cfe2d1192af7f9953de99a
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6cb7cce3685c8e9839c2ed578ad329fb310eccb50dd95f5901ca9b7cb743b4da
6dd0503e9ae8f064106b8f5aafe0d8f4c708b9261f18996c307b04887e3bbbd8
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
76a0a6f6ac09f11561a019e837f349db69366cbd5be7306fa67dcdf21f7f58d8
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79aa57c367c93a86fbf20383e55c0d23134f8b2184d78fcd0661296c3550cce9
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7da5657cd15e1a7cc6d5c302f5aeae343028a1cc120f3a2bab7227959aa24673
83751973f832d1a0de623b03322c4d973c391d9e1a916f4f2fa8f996d988c7ec
87d29de080565bb951001d9eb230973bd9523e120cf84392dff43fa9b8b6f33d
88975e96823d39a647d5de825e09e2205298c158b52082aa8f66bdcb456c30b3
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861
9342167631dcaafd48061d206f0c76be4025253ce9659e41422d91184582a9b9
93a730dae39fdf15f8d7c0e3844566d949b5c0cbc429a92d1276bebdae350372
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
95341767d471be9e6f571ba631d978533c423c141d21989e4108c22e22688bf9
96619a3fa6ebd14fba5dd3318d309a74194b67dfe521aec155b46cec20cce4ab
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9bb78682554710d28abe4c5ff14f22b403a0e38739603f95f648df27adab6089
9bf840ae7df9b4848ede2417e6b7c544a60df790dbdca3b29eef5b702c27c19d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4e745ecc90ca46d26088d3f16ba99290c6d0a074181e61993daf64a34baa3ba
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac19762d688273f891a1beb22bd7524e961627d476adf3546a2a622ecb59b860
ad0560ba945f9511d161d2522a046f6e4dfb0762ae5e81ef53a6ea0da81888d5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af0d951af682be735d65329a908abc3d2d8b79ecc883a493ea858b9a7b916be1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b67e1434089d076d3e5e72f6a8297118d6803d3b73b9a60bfc06b6fe602ad244
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
c290613b06153be3b956621dbe81e454e3793034ad86608429c66186447d245a
c3d7480f4e219f97636f601e49281fbfd65714a22e692cd14e327225e6454ea0
c43e0e050891f2c148041a5d4fa51f628c5eae5c67eb6bbbad6525bb83892686
c7010b31c87c6f79e14f35c75598991914a963b7e8f4f227bdaf63f1179b3cfc
c7021cba3e04eb345d5569eff7603ba2bbbafe27d0c4a70ef4554121ca3ed5e2
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cac53234245ba6b4af5f63f343fa990854ac6077b795f17d24fcf30925a8b0e0
cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475
cc689d6115320c288925067574f5dd0eb238c13a08f20323eb12e49294c549da
cdcb4afa68b205157d58241c022f7322b31a99299ed72eb7ac051de9e8b6e2ed
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
d283c95d807756ad28c37cc9cc1bf3f49d0952c0a1b2cc4c2d4e9b93386b7eb5
d87b62518676faf3edc1e8ea262dabb281c4c88c1c2d9f74a169a953d5aadac8
dc2ac8ea287dd693678a861685e758559ca8ab7800e300793ac2c3d13610257e
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df3af4cae75685ae25b2bb51e8bed3de9df46b03b87e1d5281365727c9af72f4
df4f9c3d7d11a4ba21b585bfdaff006aa925b32c3ec626969a38a5036a5aa03e
e169cf4f2fde53ff50ff2ecb38b0df2cbc613aaf3b93b2e52202cad8ce93a8bd
e231576da7a8ff8063d095d0f472834f83b612440cb2f4b915609b6e5f57499a
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e697f30c7634ef967f70977bc85512b5fd539a927ecd3e5afcca3db33fdd3850
e93fb97457d90225908d0dd88076c28af9aa69a361a8ed0334746032dd391270
e9f38a034a7e5f0ebf6fa2c3b0ba3160034db7045d540d792e84808406e863cf
ec3d53c93d3c5d934321988a2cdd7315f1413f60cad11835dd5bd7b3faf971e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f386b6267d04bd09b26cfcb538b15a3563962bf7c47b34c33d6248b25bd24b61
f4683e02f8f4ad18f7a7dbcbbc0cd5946b90e0ff80dafdf62c2111949f654196
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
faab2944b009e54a29f7fcb3a8c923b1c2c631bbe3ff258f9b5282a9e54814ae
fc526cd56a48c4cb45355a716b333867ab483146d9e65eafb11222be1ac37b08
fda4e07a7eb6eac62326be60b01116f96f4ba7670a07b8c3e339d5c2081c5219
ff492a5eaef9760d8ffc3658d0e7fd5873c2a1f304742ea59b2967fca3419981
ff65958ce67b6ade63d89402a31ed3f9fca25d5d9c97e422e57deaa6a09ce6b4

medan.tribunnews.com Open in urlscan Pro 52.222.214.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

260 Requests

87 %HTTPS

47 %IPv6

61 Domains

94 Subdomains

73 IPs

13 Countries

2261 kBTransfer

6354 kBSize

34 Cookies

88 Outgoing links

Redirected requests

260 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

medan.tribunnews.com Open in urlscan Pro
52.222.214.87 Public Scan

Screenshot
Live screenshot

Full Image

260
Requests

87 %
HTTPS

47 %
IPv6

61
Domains

94
Subdomains

73
IPs

13
Countries

2261 kB
Transfer

6354 kB
Size

34
Cookies

260 HTTP transactions
2 data transactions