urlscan.io logo urlscan.io
SecurityTrails logo

medan.tribunnews.com Open in urlscan Pro
52.222.214.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://medan.tribunnews.com/
Effective URL: https://medan.tribunnews.com/
Submission: On November 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 13 countries across 50 domains to perform 365 HTTP transactions. The main IP is 52.222.214.67, located in United States and belongs to AMAZON-02, US. The main domain is medan.tribunnews.com. The Cisco Umbrella rank of the primary domain is 139699.
TLS certificate: Issued by Amazon on July 5th 2022. Valid for: a year.
This is the only time medan.tribunnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.222.214.63 16509 (AMAZON-02)
1 52.222.214.67 16509 (AMAZON-02)
18 18.66.147.43 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
16 52.222.236.15 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
32 18.66.97.75 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 52.222.236.55 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 13.32.121.37 16509 (AMAZON-02)
3 18.65.39.49 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 14 2a00:1450:400... 15169 (GOOGLE)
2 213.19.147.42 3356 (LEVEL3)
3 34.98.64.218 396982 (GOOGLE-CL...)
1 18.185.208.235 16509 (AMAZON-02)
1 110.238.107.108 136907 (HWCLOUDS-...)
6 185.86.137.32 201081 (SMARTADSE...)
1 2.18.232.7 16625 (AKAMAI-AS)
1 104.18.18.126 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
6 2602:803:c003... 26667 (RUBICONPR...)
7 2a02:2638::24 44788 (ASN-CRITE...)
1 103.132.192.30 138552 (RTBHOUSE-...)
5 185.94.180.124 35220 (SPOTX-AMS)
4 2a02:2638::3 44788 (ASN-CRITE...)
5 37.252.172.68 29990 (ASN-APPNEX)
5 37.252.173.213 29990 (ASN-APPNEX)
4 185.86.139.58 201081 (SMARTADSE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 36.66.3.171 7713 (TELKOMNET...)
1 2a03:2880:f12... 32934 (FACEBOOK)
4 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
35 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.67 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
21 2606:4700:1::... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
4 142.250.181.226 15169 (GOOGLE)
8 21 172.217.18.2 15169 (GOOGLE)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
2 3 185.89.210.244 29990 (ASN-APPNEX)
1 35.244.159.8 15169 (GOOGLE)
1 4 23.35.237.56 16625 (AKAMAI-AS)
1 2620:116:800d... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 103.229.205.243 30419 (MEDIAMATH...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 52.48.205.142 16509 (AMAZON-02)
2 2 54.93.177.145 16509 (AMAZON-02)
1 1 35.204.74.118 396982 (GOOGLE-CL...)
2 2 3.122.84.21 16509 (AMAZON-02)
2 2 37.157.3.30 198622 (ADFORM)
1 1 2600:9000:223... 16509 (AMAZON-02)
1 82.113.101.132 6805 (TDDE-ASN1)
1 185.59.208.177 43541 (VSHOSTING)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 178.250.0.157 44788 (ASN-CRITE...)
2 141.95.33.111 16276 (OVH)
2 162.19.138.117 16276 (OVH)
1 3.33.220.150 16509 (AMAZON-02)
3 114.119.175.30 136907 (HWCLOUDS-...)
2 141.95.98.65 16276 (OVH)
1 76.223.111.18 16509 (AMAZON-02)
2 3 185.64.190.79 62713 (AS-PUBMATIC)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
365 74
1    52.222.214.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-63.fra56.r.cloudfront.net
medan.tribunnews.com
1    52.222.214.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-67.fra56.r.cloudfront.net
medan.tribunnews.com
18    18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net
t-1.tstatic.net
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
9    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
delivery.r2b2.io
16    52.222.236.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-15.fra56.r.cloudfront.net
t-3.tstatic.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
ampcid.google.com
32    18.66.97.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-75.fra56.r.cloudfront.net
t-2.tstatic.net
5    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    52.222.236.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-55.fra56.r.cloudfront.net
asset.kompas.com
3    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    18.65.39.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-49.ams1.r.cloudfront.net
apis.kompas.com
3    2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
14    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    213.19.147.42 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
targeting.unrulymedia.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
kompascybermedia-d.openx.net
us-u.openx.net
u.openx.net
1    18.185.208.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-208-235.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    110.238.107.108 (Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-110-238-107-108.compute.hwclouds-dns.com
hb.jixie.io
6    185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg8.smartadserver.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
7    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
5    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
4    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    37.252.172.68 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
r2b2-emea.adnxs.com
5    37.252.173.213 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
etarget-emea.adnxs.com
4    185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    36.66.3.171 (Jatimakmur, Indonesia)

ASN7713 (TELKOMNET-AS-AP PT Telekomunikasi Indonesia, ID)
scripts.jixie.media
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
35    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
p4-gsvltkuwlssbu-3pzhbhqmlybrbnrc-if-v6exp3-v4.metric.gstatic.com
22    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
15    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
21    2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
12    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
21    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
4    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    85.114.159.93 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    52.48.205.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-205-142.eu-west-1.compute.amazonaws.com
match.360yield.com
2    54.93.177.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-177-145.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    3.122.84.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-84-21.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2600:9000:223f:6400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    82.113.101.132 (Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
1    185.59.208.177 (Czech Republic)

ASN43541 (VSHOSTING, CZ)
PTR: webgarden-track-lb-ha.vshosting.cz
log.r2b2.io
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2606:4700:20::681a:908 (United States)

ASN13335 (CLOUDFLARENET, US)
eu-1-id5-sync.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
lb.eu-1-id5-sync.com
2    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lbs.eu-1-id5-sync.com
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    114.119.175.30 (Singapore, Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-114-119-175-30.compute.hwclouds-dns.com
traid.jixie.io
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
Apex Domain
Subdomains		 Transfer
66 tstatic.net
t-1.tstatic.net — Cisco Umbrella Rank: 105852
t-3.tstatic.net — Cisco Umbrella Rank: 136774
t-2.tstatic.net — Cisco Umbrella Rank: 38487
667 KB
61 googlesyndication.com
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
590 KB
43 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 367
cm.g.doubleclick.net — Cisco Umbrella Rank: 320
310 KB
25 google.com
cse.google.com — Cisco Umbrella Rank: 4454
accounts.google.com — Cisco Umbrella Rank: 126
www.google.com — Cisco Umbrella Rank: 17
adservice.google.com — Cisco Umbrella Rank: 134
ampcid.google.com — Cisco Umbrella Rank: 2413
region1.analytics.google.com — Cisco Umbrella Rank: 3868
194 KB
21 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7063
c.mgid.com — Cisco Umbrella Rank: 5191
cdn.mgid.com — Cisco Umbrella Rank: 9490
servicer.mgid.com — Cisco Umbrella Rank: 7215
s-img.mgid.com — Cisco Umbrella Rank: 4955
cm.mgid.com — Cisco Umbrella Rank: 1967
213 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 317
326 KB
13 adnxs.com
r2b2-emea.adnxs.com — Cisco Umbrella Rank: 99640
etarget-emea.adnxs.com — Cisco Umbrella Rank: 38196
ib.adnxs.com — Cisco Umbrella Rank: 313
11 KB
12 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 352
466 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 866
gum.criteo.com — Cisco Umbrella Rank: 481
mug.criteo.com — Cisco Umbrella Rank: 1946
10 KB
10 smartadserver.com
prg8.smartadserver.com — Cisco Umbrella Rank: 19692
prg.smartadserver.com — Cisco Umbrella Rank: 1881 Failed
3 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
p4-gsvltkuwlssbu-3pzhbhqmlybrbnrc-if-v6exp3-v4.metric.gstatic.com
117 KB
8 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 724
image6.pubmatic.com — Cisco Umbrella Rank: 922
image8.pubmatic.com — Cisco Umbrella Rank: 886
image2.pubmatic.com — Cisco Umbrella Rank: 1407
7 KB
6 eu-1-id5-sync.com
eu-1-id5-sync.com — Cisco Umbrella Rank: 1531
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1556
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1785
35 KB
6 google.de
adservice.google.de — Cisco Umbrella Rank: 5594
www.google.de — Cisco Umbrella Rank: 3590
ampcid.google.de — Cisco Umbrella Rank: 44162
2 KB
6 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 681
10 KB
6 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 743
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819
4 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
5 KB
5 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 688
6 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1607
sync.teads.tv — Cisco Umbrella Rank: 1604
1 KB
4 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
89 KB
4 jixie.io
hb.jixie.io — Cisco Umbrella Rank: 37753
traid.jixie.io — Cisco Umbrella Rank: 34013
2 KB
4 openx.net
kompascybermedia-d.openx.net — Cisco Umbrella Rank: 50652
us-u.openx.net — Cisco Umbrella Rank: 683
u.openx.net — Cisco Umbrella Rank: 977
693 B
4 kompas.com
asset.kompas.com — Cisco Umbrella Rank: 31179
apis.kompas.com — Cisco Umbrella Rank: 42371
3 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
142 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
231 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1165
68 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 678
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 1002
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 415
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1319
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 4425
791 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1486
s.tribalfusion.com — Cisco Umbrella Rank: 3468
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 723
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
20 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 883
eb2.3lift.com — Cisco Umbrella Rank: 571
746 B
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1259
168 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 207
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
87 KB
2 r2b2.io
delivery.r2b2.io — Cisco Umbrella Rank: 40977
log.r2b2.io — Cisco Umbrella Rank: 45845
91 KB
2 tribunnews.com
medan.tribunnews.com — Cisco Umbrella Rank: 139699
35 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 457
393 B
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 47588
635 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 951
444 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1432
715 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2184
584 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5036
104 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 989
463 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 jixie.media
scripts.jixie.media — Cisco Umbrella Rank: 30234
26 KB
1 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 16242
182 B
365 50
Domain Requested by
35 tpc.googlesyndication.com medan.tribunnews.com
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
32 t-2.tstatic.net medan.tribunnews.com
22 pagead2.googlesyndication.com medan.tribunnews.com
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
www.googletagservices.com
21 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
medan.tribunnews.com
18 t-1.tstatic.net medan.tribunnews.com
t-1.tstatic.net
16 t-3.tstatic.net medan.tribunnews.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
14 www.google.com 3 redirects cse.google.com
medan.tribunnews.com
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
tpc.googlesyndication.com
12 s0.2mdn.net medan.tribunnews.com
s0.2mdn.net
9 securepubads.g.doubleclick.net medan.tribunnews.com
securepubads.g.doubleclick.net
8 cdn.mgid.com medan.tribunnews.com
jsc.mgid.com
7 bidder.criteo.com t-3.tstatic.net
delivery.r2b2.io
6 googleads.g.doubleclick.net d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
medan.tribunnews.com
6 fastlane.rubiconproject.com t-3.tstatic.net
6 prg8.smartadserver.com t-3.tstatic.net
6 fonts.googleapis.com medan.tribunnews.com
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
client
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 etarget-emea.adnxs.com delivery.r2b2.io
5 r2b2-emea.adnxs.com delivery.r2b2.io
5 search.spotxchange.com t-3.tstatic.net
5 www.gstatic.com medan.tribunnews.com
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
4 cm.mgid.com jsc.mgid.com
4 sync.teads.tv 1 redirects googleads.g.doubleclick.net
medan.tribunnews.com
4 googleads4.g.doubleclick.net medan.tribunnews.com
4 jsc.mgid.com securepubads.g.doubleclick.net
jsc.mgid.com
4 region1.analytics.google.com www.googletagmanager.com
4 d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 prg.smartadserver.com delivery.r2b2.io
4 static.criteo.net delivery.r2b2.io
t-3.tstatic.net
static.criteo.net
3 image8.pubmatic.com 2 redirects
3 traid.jixie.io scripts.jixie.media
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.googletagservices.com medan.tribunnews.com
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
3 www.google.de medan.tribunnews.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 accounts.google.com t-1.tstatic.net
accounts.google.com
3 apis.kompas.com t-1.tstatic.net
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com medan.tribunnews.com
www.googletagmanager.com
3 maxcdn.bootstrapcdn.com medan.tribunnews.com
maxcdn.bootstrapcdn.com
2 image2.pubmatic.com 2 redirects
2 id5-sync.com eu-1-id5-sync.com
2 lbs.eu-1-id5-sync.com eu-1-id5-sync.com
2 lb.eu-1-id5-sync.com eu-1-id5-sync.com
2 eu-1-id5-sync.com jsc.mgid.com
2 s-img.mgid.com
2 gum.criteo.com 1 redirects medan.tribunnews.com
2 servicer.mgid.com jsc.mgid.com
2 c1.adform.net 2 redirects
2 x.bidswitch.net 2 redirects
2 pm.w55c.net 2 redirects
2 match.360yield.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 sync.mathtag.com 2 redirects
2 us-u.openx.net googleads.g.doubleclick.net
2 p4-gsvltkuwlssbu-3pzhbhqmlybrbnrc-if-v6exp3-v4.metric.gstatic.com d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
p4-gsvltkuwlssbu-3pzhbhqmlybrbnrc-if-v6exp3-v4.metric.gstatic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 targeting.unrulymedia.com t-3.tstatic.net
2 sb.scorecardresearch.com medan.tribunnews.com
2 connect.facebook.net medan.tribunnews.com
connect.facebook.net
2 medan.tribunnews.com 1 redirects
1 eb2.3lift.com
1 u.openx.net
1 match.adsrvr.org scripts.jixie.media
1 mug.criteo.com
1 c.mgid.com jsc.mgid.com
1 log.r2b2.io delivery.r2b2.io
1 portal.o2online.de medan.tribunnews.com
1 s.ad.smaato.net 1 redirects
1 um.simpli.fi 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 s.tribalfusion.com medan.tribunnews.com
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
1 cms.quantserve.com d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 www.facebook.com medan.tribunnews.com
1 scripts.jixie.media www.googletagmanager.com
1 prebid-asia.creativecdn.com t-3.tstatic.net
1 hbopenbid.pubmatic.com t-3.tstatic.net
1 htlb.casalemedia.com t-3.tstatic.net
1 a.teads.tv t-3.tstatic.net
1 hb.jixie.io t-3.tstatic.net
1 tlx.3lift.com t-3.tstatic.net
1 kompascybermedia-d.openx.net t-3.tstatic.net
1 asset.kompas.com medan.tribunnews.com
1 cse.google.com medan.tribunnews.com
1 delivery.r2b2.io medan.tribunnews.com
365 91

This site contains links to these domains. Also see Links.

Domain
www.tribunnews.com
www.tribunnewswiki.com
style.tribunnews.com
travel.tribunnews.com
wow.tribunnews.com
newsmaker.tribunnews.com
video.tribunnews.com
www.tribunjualbeli.com
health.tribunnews.com
trends.tribunnews.com
jakarta.tribunnews.com
wartakota.tribunnews.com
bekasi.tribunnews.com
banten.tribunnews.com
tangerang.tribunnews.com
depok.tribunnews.com
jabar.tribunnews.com
bogor.tribunnews.com
cirebon.tribunnews.com
jateng.tribunnews.com
solo.tribunnews.com
banyumas.tribunnews.com
muria.tribunnews.com
pantura.tribunnews.com
jogja.tribunnews.com
jatim.tribunnews.com
surabaya.tribunnews.com
suryamalang.tribunnews.com
mataraman.tribunnews.com
madura.tribunnews.com
bali.tribunnews.com
aceh.tribunnews.com
prohaba.tribunnews.com
gayo.tribunnews.com
sultra.tribunnews.com
palembang.tribunnews.com
bangka.tribunnews.com
batam.tribunnews.com
belitung.tribunnews.com
babel.tribunnews.com
padang.tribunnews.com
bengkulu.tribunnews.com
pekanbaru.tribunnews.com
jambi.tribunnews.com
sumsel.tribunnews.com
lampung.tribunnews.com
kupang.tribunnews.com
flores.tribunnews.com
banjarmasin.tribunnews.com
kaltim.tribunnews.com
kalteng.tribunnews.com
kaltara.tribunnews.com
manado.tribunnews.com
gorontalo.tribunnews.com
sulbar.tribunnews.com
pontianak.tribunnews.com
palu.tribunnews.com
makassar.tribunnews.com
lombok.tribunnews.com
ternate.tribunnews.com
ambon.tribunnews.com
papua.tribunnews.com
papuabarat.tribunnews.com
www.tribunnetwork.com
www.gramedia.com
ebooks.gramedia.com
www.youtube.com
www.facebook.com
instagram.com
twitter.com
news.google.com
www.tiktok.com
account.tribunnewswiki.com
tribunmedanwiki.tribunnews.com
tribunmedantravel.tribunnews.com
shopping.tribunnews.com
www.kgmedia.id
Subject Issuer Validity Valid
tribunnews.com
Amazon		 2022-07-05 -
2023-08-03		 a year crt.sh
tstatic.net
Amazon		 2022-07-05 -
2023-08-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
1838731126.rsc.cdn77.org
R3		 2022-10-20 -
2023-01-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
kompas.com
Amazon		 2022-04-03 -
2023-05-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.jixie.io
Sectigo RSA Organization Validation Secure Server CA		 2022-04-30 -
2023-05-31		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.jixie.media
Sectigo RSA Organization Validation Secure Server CA		 2022-08-28 -
2023-09-28		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-11 -
2023-03-08		 a year crt.sh
*.r2b2.io
AlpiroSSL ECC DV CA		 2021-10-19 -
2022-11-18		 a year crt.sh
*.eu-1-id5-sync.com
E1		 2022-11-04 -
2023-02-02		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh

This page contains 26 frames:

Primary Page: https://medan.tribunnews.com/
Frame ID: D3C5C9CDBD50C831FD43830E89E5AC2C
Requests: 180 HTTP requests in this frame

Frame: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 2FCA3CF54F63BFA408368E120705E04C
Requests: 1 HTTP requests in this frame

Frame: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: CB9B7C7A3B84A694A4887EF981160EEE
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 5663D1EE80FAD8F2FC35F267D6916BF6
Requests: 8 HTTP requests in this frame

Frame: https://p4-gsvltkuwlssbu-3pzhbhqmlybrbnrc-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 47461E9774DFDD0C7DDF618B22D66065
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: 09EB466A13376D600976CC8E7D96B9EB
Requests: 1 HTTP requests in this frame

Frame: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: F38C77FE68AC3FEC8675DC3EAB7716A0
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: C539815A8872A4B293A03FAE5124256C
Requests: 16 HTTP requests in this frame

Frame: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: CD5C8A43760934F6BCD42C7F48DD9ECD
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: 4D72FD43CF3B986CCA55855A802A761B
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: 9A8A9D97E2B53C63BD1BC393A81AAB90
Requests: 15 HTTP requests in this frame

Frame: https://jsc.mgid.com/t/r/tribunnews.com.1210784.js
Frame ID: F818734475596E144F981F839B3B9C9C
Requests: 19 HTTP requests in this frame

Frame: https://jsc.mgid.com/t/r/tribunnews.com.1181811.js
Frame ID: 3457FEFC4E8C441C3B3B076105E05C04
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaz1ZIDEIzy-JMDGJT-otgBMAE&v=APEucNUTbD9_b-UrW0pTCF1NK32kveSbtkSvayICpIPDXjvf-Ib6BQVLnA4jZTY1vz0tg6ulhLq-Y2oEAkG_VlW_nT6KNoN4sKCj1CdNweaFjS9H5GqOGqdJfArbRi1OggAy2UcNLhZ7M1zQtRDk_iLiMag_gzbYfg78I4AvZspAnlRdokasiwQ
Frame ID: A6D741694FFE94EF8BF3BB578EFBCC13
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARim4ILYATAB&v=APEucNVsolAbgIZyTLJEYhMHaVnvGoef0QvCpPEpVH38RcfzB2snUADHvZCgD7ZLsKiNHnrXkQaRBIBm-q6Qp7YaHWkSunKh-E8rUAb5E8IcE00neC52K0XmVjc7TqxpVvnIKN89--RBqYM8kPigou7LV4cVY78Gycw8WEDEHEiizoRn5wHZd8w
Frame ID: B7F2700BAF456841ABFFEAFA7D2FBC71
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3EAB67B55889E6BBE16DE0C8751F3AA5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A118481A62763D39F0BB9B74F0EE9B0E
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12373822943082315776/300x600.html?e=69&leftOffset=0&topOffset=0&c=7cJP6PC2DH&t=1&renderingType=2&ev=01_247
Frame ID: F3E7E00830F3F01FFC7F284CF4AF300B
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F0259DABB2E131321D1BB2E8FF18A8FB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC52AA05182D792A0D68207C4EA51CFF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: A7AD24A84FDDAB5163EC2162AFCF3EC7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=medan.tribunnews.com
Frame ID: 8D3B2B2DAC03A7DF5997DF5A94E54218
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1667961035404915753317
Frame ID: DB1DB43E46603620AA1599208F621596
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1667961035429501182394
Frame ID: 358D81F64E809295E4488B0D0738C6D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B249BA7422284F3F1242083A70F74FA7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B13C32F5D63BFBDD9C7D85920ED0DB8A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tribun-medan.com - Berita Terkini Medan

Page URL History Show full URLs

  1. http://medan.tribunnews.com/ HTTP 301
    https://medan.tribunnews.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

365
Requests

92 %
HTTPS

43 %
IPv6

50
Domains

91
Subdomains

74
IPs

13
Countries

3770 kB
Transfer

8781 kB
Size

60
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://medan.tribunnews.com/ HTTP 301
    https://medan.tribunnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 239
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-dUOveGjMVjriXGIJwv3A&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-dUOveGjMVjriXGIJwv3A&google_cver=1&C=1
Request Chain 241
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2sQyhIH5wdtmTLMafV00gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-dUOveGjMVjriXGIJwv3A&google_cver=1
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKHV8tILl8bcdqEzASnV9L4&google_cver=1
Request Chain 243
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkyOTUzODMzNzM1MDY1MzIzOQ%3D%3D
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGC1PeHuknoqudDz93XlpS8&google_cver=1
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEB-RBzahRnY39Vvdi3G3h8g&google_cver=1
Request Chain 251
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 252
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 270
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHP4lzcevReKtR1mwFtIEk0&google_cver=1&google_push=ASkJ3FbZyJYJCTWBw2hcjy25p5uN9sK676YdGNg6QsG3y02ht9pDV6HKcGBrG7um3efqXrOa4SZI_pex-N-RpdmiuCvCVfi6pq3Gww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbZyJYJCTWBw2hcjy25p5uN9sK676YdGNg6QsG3y02ht9pDV6HKcGBrG7um3efqXrOa4SZI_pex-N-RpdmiuCvCVfi6pq3Gww
Request Chain 271
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBm__T32HUoHEdEDVwrX-4s&google_cver=1&google_push=ASkJ3Fa4ZktLOK5-Be2hc2h9nSqInfy6Z0LWHrq8pFDtjtxyN5AFffAWdCAx5dtt2iRJtgG3LPo-YkLur6Uwlt5-NrDGWDUUuFzh&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa4ZktLOK5-Be2hc2h9nSqInfy6Z0LWHrq8pFDtjtxyN5AFffAWdCAx5dtt2iRJtgG3LPo-YkLur6Uwlt5-NrDGWDUUuFzh%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBm__T32HUoHEdEDVwrX-4s&google_cver=1&google_push=ASkJ3Fa4ZktLOK5-Be2hc2h9nSqInfy6Z0LWHrq8pFDtjtxyN5AFffAWdCAx5dtt2iRJtgG3LPo-YkLur6Uwlt5-NrDGWDUUuFzh&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa4ZktLOK5-Be2hc2h9nSqInfy6Z0LWHrq8pFDtjtxyN5AFffAWdCAx5dtt2iRJtgG3LPo-YkLur6Uwlt5-NrDGWDUUuFzh%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 272
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHpJ5VYLUC21823TwCuOSK0&google_cver=1&google_push=ASkJ3FaOslJlq3HQtGt-JOpIWV_lthuTaQs-uKjDM7sieEnr1EEjYbhDkzfnGcFSEpYlsQg2e6LDm_cITSng-kcP7u-ks6MMoJ5m HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzgzODA5MjA0NjM2Njg3NQ%3D%3D&google_push=ASkJ3FaOslJlq3HQtGt-JOpIWV_lthuTaQs-uKjDM7sieEnr1EEjYbhDkzfnGcFSEpYlsQg2e6LDm_cITSng-kcP7u-ks6MMoJ5m
Request Chain 273
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDg_4T59s4cUlDQWFA96Ays&google_cver=1&google_push=ASkJ3FZFCLeKmceW1k7ow1RCn6Z2tTvT8SGVHBp3FkU88MSWVaL8v7IXjpowWpD7bXGLbVmIsdhgQ24IKpU8A9oE8Trn-7eycPem HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDg_4T59s4cUlDQWFA96Ays&google_cver=1&google_push=ASkJ3FZFCLeKmceW1k7ow1RCn6Z2tTvT8SGVHBp3FkU88MSWVaL8v7IXjpowWpD7bXGLbVmIsdhgQ24IKpU8A9oE8Trn-7eycPem&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G93s35gtQj62aAceMuw9IA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZFCLeKmceW1k7ow1RCn6Z2tTvT8SGVHBp3FkU88MSWVaL8v7IXjpowWpD7bXGLbVmIsdhgQ24IKpU8A9oE8Trn-7eycPem
Request Chain 274
  • https://match.360yield.com/match/ebda?google_gid=CAESEFc9VHd-U2cuFNXdInkgHK0&google_cver=1&google_push=ASkJ3FZt-wtHE2-zW6xOCDChPPBwhiaAnj_lC6w75raJ0Ikb5LJyLzhVwYOkXPU687usmS97zWrSdVBfA0dnuoxeVkw4WeOAZHoX HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFc9VHd-U2cuFNXdInkgHK0&google_cver=1&google_push=ASkJ3FZt-wtHE2-zW6xOCDChPPBwhiaAnj_lC6w75raJ0Ikb5LJyLzhVwYOkXPU687usmS97zWrSdVBfA0dnuoxeVkw4WeOAZHoX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CwlM_HdjQqCbRw-0EJE8WA&google_push=ASkJ3FZt-wtHE2-zW6xOCDChPPBwhiaAnj_lC6w75raJ0Ikb5LJyLzhVwYOkXPU687usmS97zWrSdVBfA0dnuoxeVkw4WeOAZHoX
Request Chain 289
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECUNI4HgHjWbxHjcnjoloX4&google_cver=1&google_push=ASkJ3FYqCQ8dyqY350nALN2kOXJIL0MDSq65CvQO_ipWErm9UuwQI_UQBFqFnxhoZiJORKTemhQA6V6C8LD7Z0cO76l3B0SBChkj HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECUNI4HgHjWbxHjcnjoloX4&google_cver=1&google_push=ASkJ3FYqCQ8dyqY350nALN2kOXJIL0MDSq65CvQO_ipWErm9UuwQI_UQBFqFnxhoZiJORKTemhQA6V6C8LD7Z0cO76l3B0SBChkj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cmFBdjh6VEsxT1NBUms1&google_gid=CAESECUNI4HgHjWbxHjcnjoloX4&google_cver=1&google_push=ASkJ3FYqCQ8dyqY350nALN2kOXJIL0MDSq65CvQO_ipWErm9UuwQI_UQBFqFnxhoZiJORKTemhQA6V6C8LD7Z0cO76l3B0SBChkj
Request Chain 290
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHP4lzcevReKtR1mwFtIEk0&google_cver=1&google_push=ASkJ3FbMTxLULIlx5ddGzF1j_cVkF18FobrDCpWKTwjY0aPvKRIijt5r-TaCeEnb-KIImXbX9twvEYxSf7QLCkfElWT9AbzIx69Z HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbMTxLULIlx5ddGzF1j_cVkF18FobrDCpWKTwjY0aPvKRIijt5r-TaCeEnb-KIImXbX9twvEYxSf7QLCkfElWT9AbzIx69Z
Request Chain 291
  • https://um.simpli.fi/gp_match?google_gid=CAESENP9UF-9dxPi4KB2rEQ_raQ&google_cver=1&google_push=ASkJ3FZZKF7F8d41ttmX_FYzyS1OL6npcFsej_nLlqax9TeobWGP6pi7vxRWcNCvZTbvmq8EcGa3jQMqjYJ-jPURa3Cf8gtesfQI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=95DCD8124FDA42FFABF253AB7EF435E1&google_push=ASkJ3FZZKF7F8d41ttmX_FYzyS1OL6npcFsej_nLlqax9TeobWGP6pi7vxRWcNCvZTbvmq8EcGa3jQMqjYJ-jPURa3Cf8gtesfQI
Request Chain 292
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGdH6a6Jp-fq85HmaZ7tHh4&google_cver=1&google_push=ASkJ3FaGh6o_QAWKbeRAVGTzn5zyD8kxAI1ZZah391Go5lbDvdbzx7jFuhbvSYMKeV_juXLCxAKcAFuY8MCDINIBw7aJgwOO5o9v HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGdH6a6Jp-fq85HmaZ7tHh4&google_cver=1&google_push=ASkJ3FaGh6o_QAWKbeRAVGTzn5zyD8kxAI1ZZah391Go5lbDvdbzx7jFuhbvSYMKeV_juXLCxAKcAFuY8MCDINIBw7aJgwOO5o9v HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaGh6o_QAWKbeRAVGTzn5zyD8kxAI1ZZah391Go5lbDvdbzx7jFuhbvSYMKeV_juXLCxAKcAFuY8MCDINIBw7aJgwOO5o9v&google_hm=hsxFkWDWR5i5cviUMlfCww==
Request Chain 293
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHyC4pjWyHSr8uEasffT3Rs&google_cver=1&google_push=ASkJ3Fa31Zz2pTD7hjIwSiK0GKORcAqnGqnWp4j8ukYZRG0FbwypxcPYqkf4dwQj-k8CZ7oPasDZzS_RgxsoxRVx-V8JgiywLRAf HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHyC4pjWyHSr8uEasffT3Rs&google_cver=1&google_push=ASkJ3Fa31Zz2pTD7hjIwSiK0GKORcAqnGqnWp4j8ukYZRG0FbwypxcPYqkf4dwQj-k8CZ7oPasDZzS_RgxsoxRVx-V8JgiywLRAf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ0Nzc0MzQwNjg2MDc2ODI5OA&google_push=ASkJ3Fa31Zz2pTD7hjIwSiK0GKORcAqnGqnWp4j8ukYZRG0FbwypxcPYqkf4dwQj-k8CZ7oPasDZzS_RgxsoxRVx-V8JgiywLRAf
Request Chain 294
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPo7bXz-RLIrF5l1sFWCZyk&google_cver=1&google_push=ASkJ3FZf4XxvJOhsg1FpN1LhJ7sk4R-VVGRG6bnBiR_f-BRgrDQxT3DHjwDM1ZXF0j0YudaxUeZIWTICYaH6QF9U1B4RSgYgx7wj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FZf4XxvJOhsg1FpN1LhJ7sk4R-VVGRG6bnBiR_f-BRgrDQxT3DHjwDM1ZXF0j0YudaxUeZIWTICYaH6QF9U1B4RSgYgx7wj
Request Chain 295
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAIO-CSpefkaiG8YtfHiv2U&google_cver=1&google_push=ASkJ3FaPZUQ2sYqgMOCE8OnLqqn6BIqfoB405Ufg41Z2dD0INp3THV5aSDAU_IW2xrEj0_kA5UtzHnMYOCyyEeKrhh8AM1_eKpg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FaPZUQ2sYqgMOCE8OnLqqn6BIqfoB405Ufg41Z2dD0INp3THV5aSDAU_IW2xrEj0_kA5UtzHnMYOCyyEeKrhh8AM1_eKpg HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 348
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=tribunnews.com&sn=ChromeSyncframe&so=0&topUrl=medan.tribunnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ma6nHnxPTE1yMHVvZ1JmZFhpdkdhckhrcmhyMzhCTmExN3ZhaWp1MDgwb0F1N2pPWU5PR3ovQVEvMlcvc2hPcHRGekEvbE5lZS8wYXdKZTV2NktPMFVaQytYMnpwejF4WjhwOGs2VTJaZUFyaWZEY2lQWjM1L2FXOFlHdTI1WmxDSFNvZVkxUmpBUjBzeUh4aWdXaDU5cEpVSDgzRGtKTVhHUU5ETEpDMUZubWEvUVN5akpmY1JFWlNKOVZ2Rm91UkE3NGNOUFFDbGpqeHNiQlhaSXNtMUJKZUlWYkFDUG13T2lpdWlsQ2xqN2RIVVp4a2xrMDJkNVNYeXMrOFZlcHdUYnZkVDNXa0UxWGV2MWpFVmRjRVBoeHd1Zz09fA&cppv=2
Request Chain 368
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUJEREVDREYtOTgyRC00MjNFLUI2NjgtMDcxRTMyRUMzRDIw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELtaDH0fg_vCbnxdoXlLqtM&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

365 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
medan.tribunnews.com/
Redirect Chain
  • http://medan.tribunnews.com/
  • https://medan.tribunnews.com/
232 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-67.fra56.r.cloudfront.net
Software
TribunOS /
Resource Hash
d37b031c1861e84a0b9d3e6d6298a38bf77364dda544e5faa50c00711882e3ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tstatic.net fonts.google.com adservice.google.co.id adservice.google.com *.gstatic.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google-analytics.com datastudio.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io *.jixie.io *.criteo.com i.connectad.io *.mgid.com *.facebook.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
139
cache-control
no-store, no-cache, must-revalidate no-transform
content-encoding
br
content-security-policy
frame-ancestors 'self' *.tstatic.net fonts.google.com adservice.google.co.id adservice.google.com *.gstatic.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google-analytics.com datastudio.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io *.jixie.io *.criteo.com i.connectad.io *.mgid.com *.facebook.net
content-type
text/html; charset=UTF-8
date
Wed, 09 Nov 2022 02:28:13 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy
geolocation=();notifications=();push=();sync-xhr=();fullscreen=(self);
pragma
public
referrer-policy
strict-origin-when-cross-origin
server
TribunOS
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
x-amz-cf-id
7qRz30fOHv1tbBKBC9qGDYyWmh9rAq_8TMMGSJRtmJ_4EGKo_rVuPA==
x-amz-cf-pop
FRA56-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Security-Policy
frame-ancestors 'self' *.tstatic.net fonts.google.com adservice.google.co.id adservice.google.com *.gstatic.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google-analytics.com datastudio.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io *.jixie.io *.criteo.com i.connectad.io *.mgid.com *.facebook.net
Content-Type
text/html
Date
Wed, 09 Nov 2022 02:30:32 GMT
Location
https://medan.tribunnews.com/
Pragma
public
Referrer-Policy
strict-origin-when-cross-origin
Server
TribunOS
Via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
1rUiW2wmy7UDSevTYTWDpcpf5pKIrWjy7btBrStGc78fwT0NLxChHg==
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Redirect from cloudfront
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
style_daerah_web_20221017.css
t-1.tstatic.net/css/theme21/ 		48 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/css/theme21/style_daerah_web_20221017.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b6a43a7f24c942e8f1ed28c87453afdd7f05a75dc8fdc74a98b857e0732866c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 08:40:34 GMT
x-amz-version-id
XVdtPTO.xgQ7wMux83pJU_XrqnX79Ojf
content-encoding
br
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1705798
x-amz-meta-sha256
1b6a43a7f24c942e8f1ed28c87453afdd7f05a75dc8fdc74a98b857e0732866c
x-cache
Hit from cloudfront
last-modified
Mon, 17 Oct 2022 06:13:53 GMT
server
AmazonS3
etag
W/"24e1ec6c73acf58b5a55a6fc89223099"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
x-amz-cf-id
vTW-fjMnk_XockhDqKlmO1J1cUDIZOi-cI4DYtxxeCDposZCWnxtTw==
x-amz-meta-s3b-last-modified
20221017T061228Z
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
24857298
cdn-cachedat
2021-06-08 14:23:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
990eb37a8813a99367bd383681b974a4
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
767320855dfc9208-FRA
cdn-requestpullsuccess
True
jquery-1.8.3.min.js
t-1.tstatic.net/js/jquery/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/jquery/jquery-1.8.3.min.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:04:58 GMT
x-amz-version-id
null
content-encoding
br
last-modified
Wed, 25 Mar 2015 04:27:56 GMT
server
AmazonS3
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"e1288116312e4728f98923c79b034b67"
age
1254334
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-id
uRCgHMY8DAhoqivuow4M-r8yIELMdvTSZgbg5bf1JFCjIfJO-bxOAw==
expires
Tue, 24 Mar 2015 16:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26611e4f579c7c6d9bd06c96e10d7780c5da29037b9ac1571a4b953f27b5fd31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27322
x-xss-protection
0
server
sffe
etag
"1388 / 619 of 1000 / last-modified: 1667948827"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 09 Nov 2022 02:30:32 GMT
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 01:24:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Nov 2022 02:30:32 GMT
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 01:14:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Nov 2022 02:30:32 GMT
jquery.fancybox_2.min.css
t-1.tstatic.net/js/fancybox2.1.3/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/fancybox2.1.3/jquery.fancybox_2.min.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 02:53:18 GMT
x-amz-version-id
null
content-encoding
br
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
776235
x-amz-meta-sha256
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a
x-cache
Hit from cloudfront
last-modified
Wed, 10 Jun 2020 05:52:59 GMT
server
AmazonS3
etag
W/"9dba4b0617628815180b9c368b6bf56e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
x-amz-cf-id
4O6OY4T2YbhBDQ5PjNkAgp6SzBjBFygkNLPWvz8pzXkjDcgqocglzQ==
x-amz-meta-s3b-last-modified
20200610T055203Z
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617
age
21108563
cdn-cachedat
2021-06-08 21:08:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
767320855dff9208-FRA
cdn-requestpullsuccess
True
tribun.1.8-20190807.js
t-1.tstatic.net/js/tribun/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/tribun/tribun.1.8-20190807.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92d6b966c3b2fb58c469e35de5c5cdf8cdaa30ea9bb7a3e15e1b86765f892452

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 01:53:28 GMT
content-encoding
br
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Mon, 08 Jul 2019 09:23:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1816624
x-amz-meta-cb-modifiedtime
Mon, 08 Jul 2019 09:22:04 GMT
etag
W/"be91403c70880ee1b6e1f2ee7540a674"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=2592000, public
x-amz-cf-id
dIaC8LEODDygillgl3yV2XJa0NpQk_rBTKpvNGgSQ78z9grOIMVrmg==
jquery.bxslider.mini.js
t-1.tstatic.net/js/bxslider/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/bxslider/jquery.bxslider.mini.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
130368e1880972a560164d6a42407eb853179a8eb98aa11b3ec7605296dfe775

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
date
Thu, 03 Nov 2022 09:15:28 GMT
last-modified
Wed, 25 Mar 2015 04:27:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
494105
etag
W/"d7163e041d3b536a19694784ad2ec6da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-id
4jA58ikMlrxJLkzOwmgWytYFMSWxaRyQ8W-_BjUgLzDP_-ArS-6c5A==
expires
Tue, 24 Mar 2015 16:00:00 GMT
jquery.fancybox.pack.js
t-1.tstatic.net/js/fancybox2.1.3/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/fancybox2.1.3/jquery.fancybox.pack.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ff9d4ae2b3407b031e3359007ff4d7ac9e0b342f25ce44c77d3cb7f14f65043

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
br
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
date
Wed, 02 Nov 2022 02:17:15 GMT
last-modified
Wed, 25 Mar 2015 04:27:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
605598
etag
W/"38b8a249b8b955e0c789a490847d9cc5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-id
-ZWVbt4nBrBR3dWbYa0KVzHdXjzUFIzBcaqtiyXwOrhLaADfp7NEWw==
expires
Tue, 24 Mar 2015 16:00:00 GMT
tribunnews.com_desktop
delivery.r2b2.io/hb/kompasGramedia/ 		315 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e8cc93e23c71ea3160a9570789f455f58d497d7c5f86a702992aec2bfc11b38b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
1387
content-length
92375
x-77-nzt
AcO1rgWKNC3/awUAAA
x-accel-expires
@1667961445
adt-powered-by
slim
server
CDN77-Turbo
etag
16f2809d23726bbfc59d9c0d27421faf
x-77-nzt-ray
ffffffffdd8ef1c9c8106b634dca8028
content-type
text/javascript; charset=utf-8
cache-control
s-maxage=1800
accept-ranges
bytes
prebid6.29.1-19082022.js
t-3.tstatic.net/ads/prebid/ 		333 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f35bb4bcaf2396e85660c9e3d973f2096814c4953cabf71cd308611ed932d8af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:01:58 GMT
content-encoding
br
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 04:21:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
1585715
etag
W/"23986ded528aca6846a7a14814957cff"
x-amz-meta-cb-modifiedtime
Fri, 19 Aug 2022 04:20:37 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=2592000, public
x-amz-cf-id
F-W23v5yYl-H-HstIchXJdGC-mhy0BVAFN_w2F5AcWporg6Cx0rgYw==
glightbox.min.css
t-1.tstatic.net/css/glightbox/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/css/glightbox/glightbox.min.css
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 04:54:03 GMT
x-amz-meta-cache-control
max-age=2592000, public
content-encoding
br
x-amz-version-id
null
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1546590
x-amz-meta-sha256
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
x-cache
Hit from cloudfront
last-modified
Fri, 08 May 2020 08:14:16 GMT
server
AmazonS3
etag
W/"7443f26fb8ef9bb0368d931f2b1f1cb5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
x-amz-cf-id
Cl6hHud2d-QM12wsBDh-jhAN2E2-cZMVoiB5JwfBLmJcFS1tkbTEMQ==
x-amz-meta-s3b-last-modified
20200331T194635Z
glightbox.min.js
t-1.tstatic.net/css/glightbox/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/css/glightbox/glightbox.min.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 05:37:24 GMT
x-amz-meta-cache-control
max-age=2592000, public
content-encoding
br
x-amz-version-id
null
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
2494389
x-amz-meta-sha256
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
x-cache
Hit from cloudfront
last-modified
Fri, 08 May 2020 08:14:31 GMT
server
AmazonS3
etag
W/"c8e60c852f16b93503708e1b27423274"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-id
gtzkgZah1jSy0ihoOXxhyXv6QkW_DWHfxtXuk-bO6QwTJTmXq9Kyog==
x-amz-meta-s3b-last-modified
20200331T184655Z
sdk.js
connect.facebook.net/id_ID/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/id_ID/sdk.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a08e8904caf4e897743cd9db1ce5ae34a1a82aef1e8de3799e8f4124100c0f62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://medan.tribunnews.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 09 Nov 2022 02:30:32 GMT
content-md5
xzALdBp4hwD0BSyZ+N11EA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
tnwlpkWLpOH2U/RPnrg1kwaMCqxeJXCKxJw3HoEietsUeMkj4TZ3I+CZkvcIToDvbbkmSIaWcBSw/DmHZzsp3Q==
x-fb-trip-id
917726464
x-fb-content-md5
42940e3f4367b35754e9b18e8e9dc12d
cross-origin-opener-policy
same-origin-allow-popups
etag
"43898d517944df795a9814d085b052a8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Wed, 09 Nov 2022 02:30:52 GMT
tribunmedan.svg
t-1.tstatic.net/img/logo/daerah/svg3/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-1.tstatic.net/img/logo/daerah/svg3/tribunmedan.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a8cdf7c03a39d4aa2f2830f3f05f3a54bb441b6991f91afd2aaa9f7165f26c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:04:31 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 22 Feb 2018 09:01:50 GMT
server
AmazonS3
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"19dc44a6afc974f446d568155d12d5c5"
x-amz-meta-cb-modifiedtime
Thu, 22 Feb 2018 08:54:16 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000, public
age
1585561
x-amz-cf-id
n5zJ0hpI9YAeVCCZFhNo0Wuee2DsxwXKjElN00yH25kG6jJaczCGeQ==
cse.js
cse.google.com/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=05d7b8ef00c5d4a0b
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
c09c8b2f95ad16b29b17235f385c632537d407d8ac2a82a23228683d83094479
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server
gws
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3001
x-xss-protection
0
expires
Wed, 09 Nov 2022 02:30:32 GMT
Logo_T_blue.svg
t-1.tstatic.net/img/logo/tribun/svg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-1.tstatic.net/img/logo/tribun/svg/Logo_T_blue.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
date
Tue, 01 Nov 2022 21:46:30 GMT
last-modified
Sat, 15 Aug 2015 14:25:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
621843
x-amz-meta-cb-modifiedtime
Fri, 24 Jul 2015 09:49:00 GMT
etag
W/"2881375fb0f9e7fc4d0a2f42434696e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000, public
x-amz-cf-id
VK9GzIMzL2BlzyKwmxH2EoP6pjw00ZZuV-HUn67Uuja9Lus4xrFncw==
Inilah-wajah-8-polisi-berpangkat-Bripda-yang-diduga-menyerang-RS-Bandung.jpg
t-2.tstatic.net/medan/foto/bank/images2/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/images2/Inilah-wajah-8-polisi-berpangkat-Bripda-yang-diduga-menyerang-RS-Bandung.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfb821a412dd39129f52a774d8c9abb96a149f202bbaec1121a2c760b1cd54a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 14:45:10 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 13:20:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
128723
etag
"f45ae0d5c980b1018177929f69027366"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
73882
x-amz-cf-id
_VExSLZUm_x-ul8s1GobFU8Xf4Dvp6FP4R-WTwbeaVVNsdM5lZ_cHg==
Bripda-Tito-Tampubolon-penyerang-RS-Bandung.jpg
t-2.tstatic.net/medan/foto/bank/images2/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/images2/Bripda-Tito-Tampubolon-penyerang-RS-Bandung.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0aafc2781e31e57eb88405c671a2acc5c5540ecaee9b048d590a59a1f6a8f5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 05:03:50 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 02:54:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
77203
etag
"ce35714af96cc5571488c09acf9986eb"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
59647
x-amz-cf-id
1wh12nsssWrJGzsF-PWZe9OfOrdvLWvqppVrt4YP2ZXmoUzI1Ssvjw==
Sosok-Pemeran-Kebaya-Merah-Viral.jpg
t-2.tstatic.net/medan/foto/bank/images2/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/images2/Sosok-Pemeran-Kebaya-Merah-Viral.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82d50266429d4d44805d84a951eeae98de6d4a5f7c6883e4fa829bf5eed4a499

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 17:33:20 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Sun, 06 Nov 2022 17:12:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
205033
etag
"5a157d3fd05858b14df3b01d0256f4da"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
40747
x-amz-cf-id
46vItg_UPdlg1VTlELN5y7tZDq3sMj-77KSYColW9mUmqhNG6pkq_A==
manuel-neuer_20160929_141103.jpg
t-2.tstatic.net/medan/foto/bank/images2/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/images2/manuel-neuer_20160929_141103.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
378b3aac9f23f23a601eeb907c602a5d021fde41ea7ba208980f68fd52c783ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 11:35:37 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2016 07:12:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
53696
etag
"e4a87393b2b0ce794698f2b1cd68d349"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
25230
x-amz-cf-id
WR6Tyd4Z3EIt9s7AYGcakOrizCfEl3z3M-bhf2qOV7TwiH5p01ANPA==
Isu-perang-Indonesia-VS-Australia.jpg
t-2.tstatic.net/medan/foto/bank/images2/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/images2/Isu-perang-Indonesia-VS-Australia.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7b087c59e41f61baab97ccc71a85e0ff3647f3ad45fb9f505a942906d819a31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 11:12:22 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 05:30:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
55091
etag
"dbeb852dfa5e1d5e5f717b60e08ae0c8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
77935
x-amz-cf-id
qYpRqKYAXDRjFjDooJaEWzqHYYcgJkvhCt-bc-BH7VvLcwBksygB0Q==
Inilah-wajah-8-polisi-berpangkat-Bripda-yang-diduga-menyerang-RS-Bandung.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Inilah-wajah-8-polisi-berpangkat-Bripda-yang-diduga-menyerang-RS-Bandung.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f2636910ed5d720a958d71951e547a8879f2cac5bc78148be1995820f3be25d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 13:25:50 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 13:20:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
133483
etag
"bdc44e6c468add305f633b9c902023ad"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5574
x-amz-cf-id
LtLYoSmk9zXCfTiFPPHXc7G6D-YBLejYQUtvcnOAeePmF2Q9pnNLTg==
Bripda-Tito-Tampubolon-penyerang-RS-Bandung.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Bripda-Tito-Tampubolon-penyerang-RS-Bandung.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9428a0815b121f5d67fedd4c6f41cd7daf59d6cb101acc96bd3172ce85c3681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 02:55:31 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 02:54:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
84902
etag
"d83de72984ef57e8c81c80734c886ef6"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5507
x-amz-cf-id
iAQn7GjqUDXFW0VcZQLbC0JiKxaHwnyLHHgujNE_n8eyoNUJkjOtXA==
Sosok-Pemeran-Kebaya-Merah-Viral.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Sosok-Pemeran-Kebaya-Merah-Viral.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e5b68d7ccd08ea80ad68cce44ecd39fe69c8f3801baf4bc7bf02c2c63984ca5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 17:24:54 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Sun, 06 Nov 2022 17:12:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
205539
etag
"ecd2b070ccef6e75853e88c10006f6d2"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4197
x-amz-cf-id
wsg7s636vqV8j9I0bZaD-ClZpcRTOgumdXAzi9akpCCaFlKel6iJVw==
manuel-neuer_20160929_141103.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/manuel-neuer_20160929_141103.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d83f151c7f401a8a986e57dc81e6507fc728cdd09f55c65497d81cb88b83cf0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 00:32:57 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2016 07:12:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
93456
etag
"19feec265b8e8c320916ec1c070e80af"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4243
x-amz-cf-id
M-DO1OmHFe_oztyx4ogOU5Kem_vY3m3k05ebkE2RS7Rm-kVVHgQlbQ==
Isu-perang-Indonesia-VS-Australia.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Isu-perang-Indonesia-VS-Australia.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91969c1090d53c593d7010c2588d2c720982abcbf50eceb9850326dc48aeaf6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 05:34:38 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 05:30:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
75355
etag
"3ac02faece26447af39cb822c87fdbd7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6291
x-amz-cf-id
hGll1MfcpDO9EzgvKSwxR-SzqJiEkHG5NxRBeDVlbRGwM7IasegTnQ==
7-tahanan-kabur-Rutan-Klas-IIB-Sipirok.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/7-tahanan-kabur-Rutan-Klas-IIB-Sipirok.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f77866ff60225d671556ef89598c6d1e99b81643bedbc95d7f7ec0816cd1659f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 02:28:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"5c2c89eca2054ac1b3b38124744c8373"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4638
x-amz-cf-id
47egGtwIjCjlew5NKW3oVv-_SjGqiMg-NaHMWIvAiaUTK4ZDI3Waaw==
ferdy-sambo-ismail-bolong-tribunmedan.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/ferdy-sambo-ismail-bolong-tribunmedan.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
044fc3eb59e779c96e8687063bc41697b7e19970fa22ee68f570c20edbbebb7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 22:53:56 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 22:31:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
12997
etag
"1f4a6fae9b905fe627fc8ecf4e9a090a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3876
x-amz-cf-id
Z9bZx-3bJ6ThYfljcFi589OBrg2NUyl9blVSWQjqV3H2KIzRb9lATQ==
emak-emak-hutan-mangrove.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/emak-emak-hutan-mangrove.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
817c3c0e8004e8edb21061dee878f7d8fa85cea76eae2f3db6b9403d6310161b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 03:26:53 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 03:24:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
83020
etag
"69a6d8fd3bac2e03a7035a657973e2e0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5263
x-amz-cf-id
eNIVMTr0sww35hNcBS7aSkz6Ve2Mhy4Y6BZRRI5wFdxFX2-LwyIxpQ==
chelsea-vs-man-city-liga-inggris-epl.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/chelsea-vs-man-city-liga-inggris-epl.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6971a482a0e6293ad1dd5a5b2070d855403a2ab517919050dce98d5868e3eaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:41:13 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Sat, 02 Oct 2021 07:25:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
2960
etag
"fb6c2c2d5244156b5497a7466e447935"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4994
x-amz-cf-id
J1pv7d98VBa2-dWWwpm8Pp63kFPyaPUdicnEkQHcShdi_U3IfJlUHQ==
rizky-billar-ustaz-subki-al-bughury-dan-lesti-kejora.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/rizky-billar-ustaz-subki-al-bughury-dan-lesti-kejora.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3f7de2b1acc27ddba8c5d25191e851c3ff865014cf2ca108610d5d6cad90334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:27:55 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Fri, 27 Aug 2021 12:07:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3758
etag
"a2d4f9b0283af243f004ac450e313cf3"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5945
x-amz-cf-id
kbC4Ni0Utv1JNwLctoLwxy_4cE-wBINEye_SZseslvmV61YlbO3Drg==
ponari_20170918_225127.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/ponari_20170918_225127.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0946b5e9ddf1d4e3f4d444aef5dbe44b9c1b1ff20004de6eef4d51a6fcbf7d1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:26:41 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Sep 2017 15:50:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3832
etag
"8a8c043c82f50cc3f2d934668a797d94"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6126
x-amz-cf-id
FA3s38BeaUktKhSk82C-fMX6Lj9wmxBMjW9WAVfhLxbPj44tGWSNcQ==
Sidang-Tuntutan-Kurir-Ribuan-Pil-Ekstasi.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Sidang-Tuntutan-Kurir-Ribuan-Pil-Ekstasi.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16f267feb8c71c81acd023acc9652fdde0822a14ff9bea3fc182f4b36aff0d1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 13:11:58 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 13:08:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
47915
etag
"bf9ca8595e7be52000722f9d14e9c663"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4990
x-amz-cf-id
T2Dm4NSRsWyg-Syqc3cHsIy_ro8iJL_jA95TaOAdZkHktibO6NaFTQ==
tribunshopping.svg
t-1.tstatic.net/img/logo/tribun/svg/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-1.tstatic.net/img/logo/tribun/svg/tribunshopping.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99dd300f70b33cff7246c8e19268061eefb84cab54398ed804ff215f8db32c77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
KWsm2Pnz2B_tmAlNi.BGzmhH1OmkB_pG
content-encoding
gzip
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
date
Thu, 27 Oct 2022 07:49:14 GMT
x-amz-cf-pop
FRA60-P4
age
1104078
x-amz-meta-sha256
99dd300f70b33cff7246c8e19268061eefb84cab54398ed804ff215f8db32c77
x-cache
Hit from cloudfront
last-modified
Mon, 12 Apr 2021 05:37:16 GMT
server
AmazonS3
etag
W/"449ce3df281678ce0bd54d92009c5e8a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000, public
x-amz-cf-id
6v1Qf0gUVOBzoySh2ybSzyXSMYrg-rI0UHFGl48yFRG-6UaC1DhTTA==
x-amz-meta-s3b-last-modified
20210405T052030Z
goto-veto-vacuum-cleaner.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/goto-veto-vacuum-cleaner.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f03c6e02aa965f94f17f3063279a345c0ffb41648202a229f9bd3702f4c2341

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:32:31 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 10:52:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
39482
etag
"806b88f2f558b31408b44105965ae851"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5354
x-amz-cf-id
b_CZqTZ08mHtJrnXx-17W4Qay8HBJ-xtf7cl7_vdm4GmHbQKuphohg==
ice-coorel-notebook-cooler.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/ice-coorel-notebook-cooler.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4730daad5fb2bac2d6868018aa47a1366d69e0c46cd432a98fab2dced26d61ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:32:31 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Thu, 28 Apr 2022 10:17:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
39482
etag
"7d1f31040be645b28b12d1399cb7fa54"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3842
x-amz-cf-id
Jq41HnajY7V96iUFsGlTWBUEWsiguiph11XiIFAvfAlytf_4jOq0GQ==
kulit-wajah-kusem.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/kulit-wajah-kusem.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f0229ab7b7b060ff56be2899983c7d6a4b9ba036e992690f40a9a4d875ef984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:33:08 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 10:01:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
39445
etag
"2208b53405af6090af70ffe711af3533"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3227
x-amz-cf-id
0-6GY9nfhFSpRdKtASM9uDvGSZObGMvIZCggze-OFtoGrddfp8roHA==
kipas-harus-rajin-dibersihkan-agar-udara-yang-dihasilkan-lebih-bersih.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/kipas-harus-rajin-dibersihkan-agar-udara-yang-dihasilkan-lebih-bersih.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae27903ac0710c9faf2f50a91764597a8e22e8047b4289d71588c118ed776800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:33:08 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 08:22:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
39445
etag
"3dd7fd08ff3b0732fcb4b01442f7967a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3778
x-amz-cf-id
IXxbN61LsQhjGPqNAggQykhFA9Wsm1IckeCrJLFYP4MynrN_6n1PRw==
logitech-webcam-c270-hd.jpg
t-2.tstatic.net/shopping/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/shopping/foto/bank/thumbnails2/logitech-webcam-c270-hd.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0728accf6e1f227a9b89845a044afef5dacdf8f451989ed974e9f6639fdcd937

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:33:08 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Thu, 21 Apr 2022 02:36:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
39445
etag
"151ed7d1ce742b22a375823305019409"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3921
x-amz-cf-id
e0SakbjEpVkra54WHDftvUqWEeIm4oRA7eN-VxkZ6dqy5lq-itmLFw==
Sosok-Pemeran-Wanita-Kebaya-Merah-Dicari.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Sosok-Pemeran-Wanita-Kebaya-Merah-Dicari.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
347ea568fa76cd677b93d8751795bdaa2dea47b046e6f81144315799e01acbcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 17:57:49 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Sun, 06 Nov 2022 17:46:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
203564
etag
"bc1293f9fddea8184c0133e473ab706f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3063
x-amz-cf-id
d3vxUCQJ4dryzNGLt3hREwcq6kG_1oUaAulXkybC7R0xdZkDl5GlUw==
Akibat-Banjir-Pengiriman-Ikan-Asin-jadi-terkendalagg.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Akibat-Banjir-Pengiriman-Ikan-Asin-jadi-terkendalagg.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adf8bdbabb55f51df938ee7384454e81471bf5c5857f072853edbe316f2b880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:07:16 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 17:05:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
33796
etag
"5187c345cdc3f69dd0e80cdf0dacd9d9"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6335
x-amz-cf-id
wnspSbXyEmTepsLNsdAlyZADzv3DLqDYmixyQR8BfMwlbMxvvxeBGg==
Iwan-bule-ketum-PSSI.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Iwan-bule-ketum-PSSI.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
726e0b8a396348134d195d62a53eb3506586bf6058d4ec99c4f3762a46d75478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 08:12:05 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Mon, 31 Oct 2022 08:10:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
757108
etag
"134276cd4cf0553432493f0513451b25"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5330
x-amz-cf-id
UXSdfu8thD8Ofg2JgkjI8eFRBnfo1P7HQReZjPP_YgQG87Sma0S6tQ==
iis-dahlia-ancam-suami-satrio-dewandono-okee.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/iis-dahlia-ancam-suami-satrio-dewandono-okee.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e9bcb9fb091ac3fba889e2203f4145c496a2e1a97ed53c92831a29b23e92400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 12:16:22 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 17:59:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
51251
etag
"3c688a6014b0f48d7d9d13015be3f889"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4856
x-amz-cf-id
7axCuSsPc7t_LZ19tcr_I-Rxe6-i7nfshobwZTc_HBbcwYF6mzzsdw==
Lydia-Kandou-Ternyata-Sudah-Punya-Kekasih-Baru.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Lydia-Kandou-Ternyata-Sudah-Punya-Kekasih-Baru.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42a6562cb56831b97e3a808dbe75c1aaec8fd338b332b1aa4dd34440342e0a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 12:08:04 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 22:20:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
51749
etag
"3d8e872c46a617a4d6d306207d46970b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4783
x-amz-cf-id
YG7Xwru_EWaI9qaIpcrcAIh1OHsE9chdDJRaI37QENP6hvwp9b7Sew==
Nikita-Mirzani-Tulis-Surat-di-Penjara.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Nikita-Mirzani-Tulis-Surat-di-Penjara.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d0c8cd7ea2de197ffeaa20a3108ad38ed3565614f435b111cfbcc5ff6857390

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:17:09 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 18:26:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
137603
etag
"00db4619a03deb4bf01e844e46cd47a8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3792
x-amz-cf-id
m5GbMYRuZ7wf0rWy7YcIPuffJ0PmDw4_l5EoAarWoyDb1ddLo-39-g==
gisel-pacar-baru-tribunmedan.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/gisel-pacar-baru-tribunmedan.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fde204adfdfd52c090e6b6fa15216dbd479c8b60f1a8ff2361fa5e2d076db267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 23:13:25 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 23:07:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
11828
etag
"cd55a324debefbc2b5666ed13ad5a197"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5315
x-amz-cf-id
d4ylGb3TtRGY3BlM79_4C1AfaVIy7Rz-CEOp6Qydiu-bgYjU7MG5Rg==
Lewandiwski-barcelona-vs-Valladolid.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Lewandiwski-barcelona-vs-Valladolid.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f9b99e20e9b72a3542f99d5c55f8d46c18b520e1c17d637ff5d23526a73b54b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 20:53:42 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Mon, 29 Aug 2022 02:19:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
20211
etag
"328b0501934cc7dd8613905ce795e3a3"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6143
x-amz-cf-id
sCe1yYT3NeMqFbHGgAYgULjz6HLW1nZzUeMUGEFllKLZziXL9YV9CA==
Keluarga-Brigadir-J-Kaget-Nomor-Ponsel-Yosua-Aktif-Kembali.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Keluarga-Brigadir-J-Kaget-Nomor-Ponsel-Yosua-Aktif-Kembali.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b440cba76f5c8acde8c793b700e82a14c3ece95fa6eead917ae24cb2fe24697f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 22:53:56 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 22:42:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
12997
etag
"4da182eefe9b18d9a20a712c6b1f9961"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5324
x-amz-cf-id
KGK49D0S2tRSAeNxcPgPuM8NlFURimwKxnXfhxCRhHnpUWFHu9Ut7A==
Sosok-Ichaa-Ceeby-Disebut-Model-Kebaya-Merah.jpg
t-2.tstatic.net/medan/foto/bank/thumbnails2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-2.tstatic.net/medan/foto/bank/thumbnails2/Sosok-Ichaa-Ceeby-Disebut-Model-Kebaya-Merah.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cc9f0006799bb4c218d1dc006f0decbe23fddb45381084d29f3750094e2e33e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 16:10:13 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 16:06:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
37220
etag
"dfe220f03408bc4fc21a181a093a5e95"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4560
x-amz-cf-id
dcarS191971PF9kWQ2iyQIJygUK2eqXYBYKjxNJshM2vBi4iVSUivQ==
tjb_small.png
t-1.tstatic.net/img/logo/tribuniklan/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-1.tstatic.net/img/logo/tribuniklan/tjb_small.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f9ecb8e1c41aeeb8983591498e78e82342ca1fd4be35250764c5494f4ccd05a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 21 Oct 2022 19:21:11 GMT
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
last-modified
Wed, 25 Mar 2015 04:27:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1580962
etag
"d3e661155656ba666f8431241e75089c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
6045
x-amz-cf-id
w4BLlbdQ_1-kA4n5IU3eVUwXf4ZD68D9GkPZMg5Zlrjljw9HlxjBrQ==
expires
Tue, 24 Mar 2015 16:00:00 GMT
1-1607162071-Tanah-sentral-Canggu-Berawa-Bali-view-sawah-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560110/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560110/1-1607162071-Tanah-sentral-Canggu-Berawa-Bali-view-sawah-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
badec949b73175097cbe5d6bacad2b8bb327c4d0939eace1a2975418940782f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 16:19:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3109
etag
"1cab6aa9fb97384c3785382858503c4e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3056
x-amz-cf-id
yO2UsHkebBXtAnnnsOfNfAsUHWzSoJ2bjwW_Quq17AU1gpvBTaxzNA==
1-1857356203-Rumah-Tinggal-Perumnas-3-Bulak-Kapal-Bekasi-Timur-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560058/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560058/1-1857356203-Rumah-Tinggal-Perumnas-3-Bulak-Kapal-Bekasi-Timur-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ab88ceba97e0038e73d25ed8cbc7d377a81dca0327a569d61346d1083984b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 12:37:23 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 12:03:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
49990
etag
"15aee003645af8ae1f75fcde8530c51e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3781
x-amz-cf-id
Mt_f7D51AFVNeOSUovJx63arrGehJRIAThvico8jEJO8o2EngunzgQ==
1-1756237200-Rumah-di-jual-ciledug-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560099/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560099/1-1756237200-Rumah-di-jual-ciledug-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
958a9dfac97be53f97adbff36738769aacae18cb0b2a24bdd7d5744ea2b2bd65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 14:42:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3109
etag
"75712cd6fd9d57b9725b3fca76202ee8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4487
x-amz-cf-id
XqIUtUlcLqIAT9a1cHiy97GNRHXq2RlmsnT0cXawVO52Bo8zx9QwLg==
1-1300195050-Rumah-Citraland-Palma-Grandia--Surabaya-----Low-Budget-Property.-thumb.jpg
t-3.tstatic.net/jualbeli/img/2021/3/2372459/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2021/3/2372459/1-1300195050-Rumah-Citraland-Palma-Grandia--Surabaya-----Low-Budget-Property.-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba9f40d1854c8a80885f6911ccd5b407ceaabb6a310bd9e3436ebb29e66e47b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Thu, 25 Mar 2021 15:11:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3109
etag
"22e1fab40c79c903d2f0a3720d161c63"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3635
x-amz-cf-id
xCs6yC7YmAz0KI78dfMqFXUC8dDyVNrpKAnY9rqsQTcmCrWmwl7VfQ==
1-420427902-Rumah-2-Lantai-Murah-Dekat-Kampus-UAD-dan-Kota-Jogja-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560087/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560087/1-420427902-Rumah-2-Lantai-Murah-Dekat-Kampus-UAD-dan-Kota-Jogja-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44237d6f7b954abc0c4e4ecb391c1166c989132a853dcec3b0bc63bb0b1f8a43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 13:28:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3109
etag
"5d7a8059aa235e30bae070d933a01c30"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3152
x-amz-cf-id
KIxoStB2WvoQTgelQ_8yVGqE9_PKozfb5LeIjmjygi0PWY2uH7E4uQ==
1-738925861-Rumah-Semi-Furnished-Perumahan-Bumi-Rawa-Tembaga-Jakasampurna-Bekasi-Barat-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560143/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560143/1-738925861-Rumah-Semi-Furnished-Perumahan-Bumi-Rawa-Tembaga-Jakasampurna-Bekasi-Barat-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d365251d0034548751123752d1b00b716d2ef730e67f57f689438cf8a2d9e85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 00:51:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3109
etag
"a2737ca4d9121fc3b19c1c647ef4cac9"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3598
x-amz-cf-id
q-F7Utv3R2VNISxUVbOcj8HXd9WhX5IJpxMtT_yh7GUaNWWV-tGFBQ==
1-1837099396-DIJUAL-RUMAH-CANTIK-SIAP-HUNI-200-JUTAAN-DEKAT-BANTUL-KOTA-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560136/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560136/1-1837099396-DIJUAL-RUMAH-CANTIK-SIAP-HUNI-200-JUTAAN-DEKAT-BANTUL-KOTA-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b095db73501882c8569a7857c6511c4dfb3be5dbd4d0a60c9969d919cd0b0d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 00:37:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3109
etag
"77a9f820963697b5f1a06ed645be1904"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3866
x-amz-cf-id
ILx7Wj0Qharl071whpsRuxFxJvZKbEGBfoVh89RQKKxbokaga1CiJg==
1-1134192794-Miliki-Vlla-Mewah-di-tempat-Wisata-kelas-Internasional-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560133/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560133/1-1134192794-Miliki-Vlla-Mewah-di-tempat-Wisata-kelas-Internasional-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
647dcbc3049856019f815bdcddba2b5561d3f87ac2c5e98ff1f09f38edfd8e5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:44 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 23:28:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3109
etag
"0e0aba922d96584ff0b191482c56bdb4"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3096
x-amz-cf-id
yfH-S53ycOPKIRvchzbZ5W9lBeZiTr5vrfM3YBy7PQVOAsSSqH_qHw==
1-2099384858-Komplek-Perumahan-Green-Garden--Rumah-Dekat-Kantor-Polsek-Sungai-Raya-Kubu-Raya-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560132/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560132/1-2099384858-Komplek-Perumahan-Green-Garden--Rumah-Dekat-Kantor-Polsek-Sungai-Raya-Kubu-Raya-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83ff9988e815c6492c161c43ca007675ec54d7c7f221093325e5b0271b89aa8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:45 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 23:21:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3108
etag
"169e1eeb7bf4a1c3af69a9c6d89ef5e7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3517
x-amz-cf-id
94gWspVQ9SOoNXQ40PY9RAxxKpdGpNH-qr0_YIoG6fpoxA-Pm2bEiQ==
1-1546448716-RUMAH-LUAS-DAN-MURAH-DEKAT-CANGGU-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560126/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560126/1-1546448716-RUMAH-LUAS-DAN-MURAH-DEKAT-CANGGU-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b05e6218d62af483d488d439a06d95da34ff26df8854d47be13c2693f37e2d3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:38:45 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 23:00:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3108
etag
"24be49cda48868feec68c9d5a3e26ec0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3451
x-amz-cf-id
FQLz20tDnpEXVBnldeKfEoKUlDw6SnyG1z9oKTCdgsicIhWJ2VCl-A==
1-1320772412-Rumah-Luas-700-m-Di-Kasemen-Dekat-Terminal-Pakupatan-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560113/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560113/1-1320772412-Rumah-Luas-700-m-Di-Kasemen-Dekat-Terminal-Pakupatan-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c61c9120f5ceaae5b2a05ff1354f51543cbf5aff1491ea216084870920980e86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 00:51:14 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 18:23:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
5959
etag
"0b98dc6315adcbe51ca78e467fcefa2e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3102
x-amz-cf-id
7BpZ92rgWYh3bHgP2M3P-EDUfrcNz226CMx2yRR0WpfZ_0diN539HQ==
1-1671148778-Rumah-Over-Kredit-Atau-Lunas-Di-Kasemen-Dekat-Kawasan-Banten-Lama-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560112/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560112/1-1671148778-Rumah-Over-Kredit-Atau-Lunas-Di-Kasemen-Dekat-Kawasan-Banten-Lama-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f98455e68cacdf4a309c68b07a5fe4db993695ee437996d4b9b3343f449d9f50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 00:51:14 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 17:12:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
5959
etag
"6b1f008ed715005ef62270a6e0e9cac8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3663
x-amz-cf-id
KIaLhF7Pok_HeIdsGVpWToUfU4X6yALVtKMLrJ_ojE_9bPt3qFXu0g==
1-2116601436-Rumah-2-Lantai-Terlaris-Gaya-SCANDINAVIAN-di-Mampang-Pancoran-Dekat-Stasiun--dan--Tol-Sawangan-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2559095/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2559095/1-2116601436-Rumah-2-Lantai-Terlaris-Gaya-SCANDINAVIAN-di-Mampang-Pancoran-Dekat-Stasiun--dan--Tol-Sawangan-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac55e1bb592dafcd166e05eb2ff3c87dd283e6cdadce14da6b4e2d97a5354224

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 10:28:35 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 09:16:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
144118
etag
"7925a727c96d257a5421d455cc91e4d0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3387
x-amz-cf-id
Kizx5aynXu4TjPWq_yN8u4wViXCbscFQHrrqNCLFzKJxu47_iUjpqQ==
1-299434775-Jual-ruumah-di-comdet-jakkttiim-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2555651/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2555651/1-299434775-Jual-ruumah-di-comdet-jakkttiim-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc453b09b4ab460df1b7c7e88e33b13f12a73f355ff0f3b4b934e929867baa3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 09:42:33 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Thu, 03 Nov 2022 04:03:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
492480
etag
"a324e4ce43518a69c14247a4f5aaf0fb"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2926
x-amz-cf-id
gLZfEVI5ml5EOIQDx3d97E7GkDegreXmTdTZoNlw5C8rb-xNFid43w==
1-1513603957-Rumah-Tlogosari-Siap-Untuk-Dihuni-thumb.jpg
t-3.tstatic.net/jualbeli/img/2022/11/2560074/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-3.tstatic.net/jualbeli/img/2022/11/2560074/1-1513603957-Rumah-Tlogosari-Siap-Untuk-Dihuni-thumb.jpg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae2b09edcf7adea52bb3eafb3d085fccf11cfc19c5cc94c9464af1877984aa39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 13:04:37 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2022 12:31:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
48356
etag
"28c082743fa391534f645e64ac550ca7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3536
x-amz-cf-id
S1jrsRcFrwBfHvomx35Am9DZqtPm1ay2OVR20MslZbdEaX_9zF8qVA==
lozad.min.js
t-1.tstatic.net/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/lozad.min.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 04:14:54 GMT
x-amz-version-id
null
content-encoding
br
last-modified
Fri, 31 May 2019 01:51:20 GMT
server
AmazonS3
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"34b722949a97a9f6734cd66d940531ce"
x-amz-meta-cb-modifiedtime
Fri, 31 May 2019 01:49:18 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=31536000, public
age
3276939
x-amz-cf-id
W01nPatwwX-l3Lml6J2MVQ7CaCDiXbzLlOgJonInW5m9vAwGyLoEBQ==
firebase-app.js
www.gstatic.com/firebasejs/5.5.6/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-app.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 19:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12419
x-xss-protection
0
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 Nov 2023 19:13:46 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.5.6/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-messaging.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 21:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10096
x-xss-protection
0
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 21:52:10 GMT
kgnotif_tribun.js
t-1.tstatic.net/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/kgnotif_tribun.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df4f9c3d7d11a4ba21b585bfdaff006aa925b32c3ec626969a38a5036a5aa03e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 04:52:56 GMT
x-amz-version-id
o90oKk95.kQcQjo2jl5g8uZJQM55rPPc
content-encoding
br
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1546657
x-amz-meta-sha256
df4f9c3d7d11a4ba21b585bfdaff006aa925b32c3ec626969a38a5036a5aa03e
x-cache
Hit from cloudfront
last-modified
Tue, 09 Nov 2021 09:46:35 GMT
server
AmazonS3
etag
W/"923baa9abb9b96a2804d3114a8ba3016"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-id
H4BeNH5a3xmy_g-DzgYLUmfmGK6GImYpPeJHOqhhHEiKJhuciakShA==
x-amz-meta-s3b-last-modified
20211108T081414Z
sso_g_signin.min-1.2.js
t-1.tstatic.net/js/kgmedia/tribunnews/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.2.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f061b380e02f436858e76db0520500568d2fd4555863a2bb9b4ea3e617891c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
9BXIgNJob9bJF2m_mf40rheLI1N070kc
content-encoding
gzip
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
date
Wed, 26 Oct 2022 02:08:27 GMT
x-amz-cf-pop
FRA60-P4
age
1210926
x-amz-meta-sha256
6f061b380e02f436858e76db0520500568d2fd4555863a2bb9b4ea3e617891c0
x-cache
Hit from cloudfront
last-modified
Fri, 23 Sep 2022 09:32:32 GMT
server
AmazonS3
etag
W/"5c701b18c97c0ad7481c2ce1220bc726"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-id
uM7MOHx8wFs8wb5AQn9MaV4_adAueDH4mW7L44bzdKgGDIA5A-KmCA==
x-amz-meta-s3b-last-modified
20220923T093716Z
extender.min.js
asset.kompas.com/data/2021/sso/js/ 		1000 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2021/sso/js/extender.min.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-55.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
67a09458aa2b97d54491755dcf3d3d00298de54799b49fded2de6db24e103a94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Sun, 29 Oct 2023 14:41:38 GMT
date
Sat, 29 Oct 2022 14:41:38 GMT
x-amz-version-id
MOZ46XzJdcFn1e02WvQVITzvQ0X1BXOD
content-encoding
gzip
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
906534
x-amz-meta-sha256
67a09458aa2b97d54491755dcf3d3d00298de54799b49fded2de6db24e103a94
x-cache
Hit from cloudfront
last-modified
Wed, 21 Sep 2022 22:43:02 GMT
server
nginx
etag
W/"826a4aaed58c0b038c78fad576e7b0d4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
UTSL2Af5EgNeeXlsR-tsRDUI1jgKjVRPjyq60sibR0-smpXeDnxA8A==
x-amz-meta-s3b-last-modified
20220921T224110Z
ssouser.min-1.0.js
t-1.tstatic.net/js/kgmedia/tribunnews/ 		827 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-1.tstatic.net/js/kgmedia/tribunnews/ssouser.min-1.0.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79aa57c367c93a86fbf20383e55c0d23134f8b2184d78fcd0661296c3550cce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 03:57:21 GMT
x-amz-version-id
wa3d33yDjakIiwa0gH3t3kxmqgs5QhxR
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1895592
x-amz-meta-sha256
79aa57c367c93a86fbf20383e55c0d23134f8b2184d78fcd0661296c3550cce9
x-cache
Hit from cloudfront
content-length
827
last-modified
Tue, 18 Oct 2022 03:41:04 GMT
server
AmazonS3
etag
"e5941d7143a2c0798f2801a0b57bce01"
content-type
application/javascript
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
FyHDsQQDhs3ugNdP5KEByJ0cA7UwRL9-nPgFksqxQhBM4GjRxKFY3w==
x-amz-meta-s3b-last-modified
20221018T033928Z
gtm.js
www.googletagmanager.com/ 		248 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8eba4a64a6d2b6f3f46dab750b3d0f9532a6c15cda37b33f20e4822468bff052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80132
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Nov 2022 02:30:32 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 18:50:24 GMT
x-content-type-options
nosniff
age
114008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 18:50:24 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617, 617, 617, 617
age
173949
cdn-cachedat
2021-06-08 21:22:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56780
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c77fece8de88b583637a288214bfb709
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
76732085e8d0927a-FRA
cdn-requestpullsuccess
True
matlok_memilih.png
t-1.tstatic.net/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-1.tstatic.net/img/matlok_memilih.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e169cf4f2fde53ff50ff2ecb38b0df2cbc613aaf3b93b2e52202cad8ce93a8bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:57:52 GMT
x-amz-version-id
T0clr0qUHmWxhANs7kCSWhmPkvyvy8UK
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1582361
x-amz-meta-sha256
e169cf4f2fde53ff50ff2ecb38b0df2cbc613aaf3b93b2e52202cad8ce93a8bd
x-cache
Hit from cloudfront
content-length
1055
last-modified
Mon, 12 Sep 2022 03:56:24 GMT
server
AmazonS3
etag
"7c3cd375a8dc8d79a2afc6e5395fe8e8"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
IfB3e98VTdwCd5zYplPu_WWZuEvPrVl7aSRS4ToEadq7rf-Yq2bM_A==
x-amz-meta-s3b-last-modified
20220909T085209Z
pubads_impl_2022110301.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 22:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15423
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131019
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 08:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Nov 2023 22:13:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		409 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=medan.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f9790594ea01903178ad509cddbb3d58b5ff680804be1c0fdbb09ff81f72237
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
168
x-xss-protection
0
expires
Wed, 09 Nov 2022 02:30:32 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 05:20:16 GMT
content-encoding
gzip
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
76217
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
WNOXjfCPNcf6tq21n4cs9to7S-ArTDah6qxaUq0Uhbgl8_RKdU9K_g==
sdk.js
connect.facebook.net/id_ID/ 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/id_ID/sdk.js?hash=8d26a84427d8b660d16daaff60a16921
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/id_ID/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e31148c17fa0b3ce48d6eb14c71982b66696b821553db0a7fab95e54f7b27bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://medan.tribunnews.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 09 Nov 2022 02:30:32 GMT
content-md5
rK+/PCyyC3AB+lGySbMmug==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86930
x-fb-rlafr
0
x-fb-debug
joZvFnNm6ZkTM3zvsXdOlnp+cHq8kCJw1Ilr39OJQxmB7d8ehBWpZmMFYUUJjmeGFQDhUD2lvUoYIGG4Ss4bLA==
x-fb-content-md5
008b024ec5b7fa6369731ab27b5bf626
cross-origin-opener-policy
same-origin-allow-popups
etag
"8ea47f53bfcd46efd1febfc9e3f9feba"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 09 Nov 2023 01:32:38 GMT
user
apis.kompas.com/api/activity/ 		87 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/activity/user
Requested by
Host: t-1.tstatic.net
URL: https://t-1.tstatic.net/js/jquery/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-49.ams1.r.cloudfront.net
Software
nginx / PHP/7.3.28
Resource Hash
921fc4cc7b41074468b141c5a1696301a04fc8f1d87e438cc6cc1568b3fe8cff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:33 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS1-P1
x-powered-by
PHP/7.3.28
x-cache
Miss from cloudfront
mail-subject
Join_via_header
we-hiring
jobs@kompas.com
content-length
87
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
cache-control
private, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, X-Requested-With
x-amz-cf-id
E-FV4Zf24Yd9hLe4sUZio0GqQ0lU1-ptYqPAlF7alCt_f5sWeLjl8A==
expires
-1
client
accounts.google.com/gsi/ 		191 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: t-1.tstatic.net
URL: https://t-1.tstatic.net/js/kgmedia/tribunnews/sso_g_signin.min-1.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a7e260959c0dd98e9b2d17fee09954ba0c5faa81bffad13b1c7a8074ff1d57b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-W5lZLTFlVUetmbP4pcc27g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-W5lZLTFlVUetmbP4pcc27g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 09 Nov 2022 02:30:32 GMT
cse_element__de.js
www.google.com/cse/static/element/f275a300093f201a/ 		302 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/f275a300093f201a/cse_element__de.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=05d7b8ef00c5d4a0b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4cc3c4828ca3466dd9ae6fc32714aa6dc832c16205e709d78ff886275c39329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 14:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103343
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:37:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 04 Nov 2023 14:27:38 GMT
default+de.css
www.google.com/cse/static/element/f275a300093f201a/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/f275a300093f201a/default+de.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=05d7b8ef00c5d4a0b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 14:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:37:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 04 Nov 2023 14:27:38 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=05d7b8ef00c5d4a0b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 01:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 09 Nov 2022 02:34:20 GMT
bx_loader.gif
t-1.tstatic.net/css/theme21/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-1.tstatic.net/css/theme21/images/bx_loader.gif
Requested by
Host: t-1.tstatic.net
URL: https://t-1.tstatic.net/css/theme21/style_daerah_web_20221017.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t-1.tstatic.net/css/theme21/style_daerah_web_20221017.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 02:39:20 GMT
x-amz-version-id
Hpwrz52PSL722wx25QIBrifPqiYmzn1T
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
863473
x-amz-meta-sha256
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
x-cache
Hit from cloudfront
content-length
8581
last-modified
Sat, 19 Jun 2021 21:55:45 GMT
server
AmazonS3
etag
"931bdb6b50816b03206c66921760b246"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
vAd8lAfLhHyii8MT2PPEzcFFdbioKq7IiMCAnJhcW2HLv-nmrZZqVg==
x-amz-meta-s3b-last-modified
20210619T215418Z
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://medan.tribunnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://medan.tribunnews.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 09 Nov 2022 02:30:32 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://medan.tribunnews.com
pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
arj
kompascybermedia-d.openx.net/w/1.0/ 		73 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kompascybermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fmedan.tribunnews.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5286ab06-eddb-47c1-ba9b-6233161bd7e5%2C222720b0-387d-4855-9331-788198342f69%2Cd130ba78-f8f9-43a6-8a98-3837ff0c81b9%2C5a0b0f9e-42b8-4085-95c5-95bdd20e97a7%2C5ce254ba-3b46-4efb-8e1e-2f8c63559559%2C645519f1-abaa-4cfb-8c50-97d5b3fb5b64%2C93b1410b-d097-41db-8685-669765ead443%2C447b750d-9b6e-4b26-871a-934dc8015d7c&nocache=1667961032863&ttduuid=&aus=728x90%2C970x90%2C970x250%7C160x600%7C300x600%2C300x250%7C300x250%7C300x600%2C300x250%7C300x250%2C300x100%2C1x1%7C320x100%2C320x50%2C1x1%7C640x100%2C468x60%2C320x100%2C1x1&divids=div-Top-Leaderboard%2Cdiv-Left-WideSkyscraper%2Cdiv-Right-MediumRectangle-1%2Cdiv-Right-MediumRectangle-2%2Cdiv-Right-MediumRectangle-3%2Cdiv-Inside-MediumRectangle%2Cdiv-BelowArticles%2Cdiv-BelowImages&aucs=div-Top-Leaderboard%2Cdiv-Left-WideSkyscraper%2Cdiv-Right-MediumRectangle-1%2Cdiv-Right-MediumRectangle-2%2Cdiv-Right-MediumRectangle-3%2Cdiv-Inside-MediumRectangle%2Cdiv-BelowArticles%2Cdiv-BelowImages&auid=540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279%2C540782279
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
14746c7d21c1aaca46dc0748d8b1dae8a03cf514f5abec0e0b9ff442f58ac851

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://medan.tribunnews.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2Fmedan.tribunnews.com%2F&tmax=2000
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.208.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-208-235.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version
x-auction-status
12, 12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbpost
hb.jixie.io/v2/ 		62 B
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.jixie.io/v2/hbpost
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
110.238.107.108 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-110-238-107-108.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
e3f673d4b83bdd24e439cc6e83418df02e1b8df4b4b7ff24aabaa5adf10f46c3

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:33 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
7c90d520-5fd6-11ed-b05e-1bed5ce4422c
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
-1
v1
prg8.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg8.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg8.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg8.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg8.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg8.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid-request
a.teads.tv/hb/ 		16 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 09 Nov 2022 02:30:32 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=450352&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2258a0a9578f17cd4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmedan.tribunnews.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fmedan.tribunnews.com%2F%22%2C%22domain%22%3A%22medan.tribunnews.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22tribunnews.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A8%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A8%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fmedan.tribunnews.com%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2259a79ee280454be%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2262cd516ae3af188%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%226310d73c29bed59%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22655f70436878612%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22669a03407dd0d67%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22688aefc526cd726%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%221x1%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22300x100%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2270d5a5afd90cb26%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%221x1%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%227357a42088e9215%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%221x1%22%7D%7D%2C%7B%22w%22%3A640%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22640x100%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22450352%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c58c91baaa2e7d9a6a8149ed2dbeee454d3a1dff8e71fd4c9ddcf194fd039fcb

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTjl%2FWH%2BQYoigRWL6He0aDzmkc5xwem3%2FaguGrvXJERg6RsdGIf4GKhdau9hKtPunQD%2FCyRHQeQZwzAb9vl0jr2BRgqQ9aUj3qdaCBpT2Obrn7X02aQQKHrpNvgW76hc2rJ5TFqP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76732087aae3bb5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		29 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2f6e7ca45ab674c3e4d5bb40c3b98e19d97834222f470fb71090a81b51daed8f

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 09 Nov 2022 02:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484472&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.domain=medan.tribunnews.com&tg_i.pbadslot=div-Top-Leaderboard&tk_flint=pbjs_lite_v6.29.1&x_source.tid=5286ab06-eddb-47c1-ba9b-6233161bd7e5&l_pb_bid_id=87a257375d464bb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.39593980544520413
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
18758e6a857a7990a37307e29c9d28d80db9d084da60a5e27cfbf066acfe9e1a

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:33 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2621
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		391 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484474&size_id=9&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.domain=medan.tribunnews.com&tg_i.pbadslot=div-Left-WideSkyscraper&tk_flint=pbjs_lite_v6.29.1&x_source.tid=222720b0-387d-4855-9331-788198342f69&l_pb_bid_id=88f227d8c0bceef&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6726468512522858
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
161ce96a5de56dbaf405e3fd21d573aae290132e09ae4091061b2085d91d1425

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:33 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
391
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		416 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484476&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.domain=medan.tribunnews.com&tg_i.pbadslot=div-Right-MediumRectangle-1&tk_flint=pbjs_lite_v6.29.1&x_source.tid=d130ba78-f8f9-43a6-8a98-3837ff0c81b9&l_pb_bid_id=8962874865ef1ff&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7291571440959241
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9e350edd1687a60bae4925956fd7242db352c1f11b56015cb4ed0c49644b88d7

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:33 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
416
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		396 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484478&size_id=15&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.domain=medan.tribunnews.com&tg_i.pbadslot=div-Right-MediumRectangle-2&tk_flint=pbjs_lite_v6.29.1&x_source.tid=5a0b0f9e-42b8-4085-95c5-95bdd20e97a7&l_pb_bid_id=9091c8b202d0d5d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08125722517037559
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d5b37b13050bf9a04dc066869f5c37be231c4b34c824676e4a652c625845b164

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:33 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
396
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		416 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484480&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.domain=medan.tribunnews.com&tg_i.pbadslot=div-Right-MediumRectangle-3&tk_flint=pbjs_lite_v6.29.1&x_source.tid=5ce254ba-3b46-4efb-8e1e-2f8c63559559&l_pb_bid_id=917b377427a854f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7330341440669768
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c19776aca75a2e7367c8467ec84a922e4d9397734b257bc0bdc7f911d235721c

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:33 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
416
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		416 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434108&zone_id=2484482&size_id=15&alt_size_ids=19%2C221&rf=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.ref=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.page=https%3A%2F%2Fmedan.tribunnews.com%2F&tg_i.domain=medan.tribunnews.com&tg_i.pbadslot=div-Inside-MediumRectangle&tk_flint=pbjs_lite_v6.29.1&x_source.tid=645519f1-abaa-4cfb-8c50-97d5b3fb5b64&l_pb_bid_id=92c935785d33ab9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8849859600509344
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
95437285dd43d3658b5a5cbdb2d6ede2f9c11d8b172ecd7c8795145b6aed748e

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:33 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
416
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.1&cb=29914558943
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 09 Nov 2022 02:30:33 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
280686
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/280686?src_sys=prebid
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Wed, 09 Nov 2022 02:30:32 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.003989
X-SpotX-Timing-Transform
0.000346
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.003989
X-SpotX-Timing-Page-Require
0.000285
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001656
X-fe
026
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.010927
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003787
Last-Modified
Wed, 09 Nov 2022 02:30:32 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Exception
0.000018
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000010
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000835
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
282137
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/282137?src_sys=prebid
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Wed, 09 Nov 2022 02:30:32 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.002302
X-SpotX-Timing-Transform
0.000556
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.002302
X-SpotX-Timing-Page-Require
0.000409
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001601
X-fe
073
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.009698
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003871
Last-Modified
Wed, 09 Nov 2022 02:30:32 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Exception
0.000019
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000016
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000922
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
301966
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301966?src_sys=prebid
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Wed, 09 Nov 2022 02:30:32 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.002174
X-SpotX-Timing-Transform
0.000275
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.002174
X-SpotX-Timing-Page-Require
0.000405
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001585
X-fe
100
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.008617
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003279
Last-Modified
Wed, 09 Nov 2022 02:30:32 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Exception
0.000016
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000021
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000860
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
301967
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301967?src_sys=prebid
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Wed, 09 Nov 2022 02:30:32 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.002241
X-SpotX-Timing-Transform
0.000308
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.002241
X-SpotX-Timing-Page-Require
0.000294
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001984
X-fe
058
X-SpotX-Timing-Page-Cookie
0.000006
X-SpotX-Timing-Page
0.009543
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003759
Last-Modified
Wed, 09 Nov 2022 02:30:32 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Exception
0.000016
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000013
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000922
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
282227
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/282227?src_sys=prebid
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Wed, 09 Nov 2022 02:30:32 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.002193
X-SpotX-Timing-Transform
0.000261
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.002193
X-SpotX-Timing-Page-Require
0.000308
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001326
X-fe
142
X-SpotX-Timing-Page-Cookie
0.000001
X-SpotX-Timing-Page
0.008095
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003189
Last-Modified
Wed, 09 Nov 2022 02:30:32 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://medan.tribunnews.com
X-SpotX-Timing-Page-Exception
0.000015
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000011
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000791
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.1&cb=79512267074
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
publishertag.standalone.js
static.criteo.net/js/ld/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://medan.tribunnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400
date
Wed, 09 Nov 2022 02:30:32 GMT
expires
Thu, 10 Nov 2022 02:30:32 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
publishertag.standalone.js
static.criteo.net/js/ld/ 		94 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b0fccf88d0ee7903a0708933b870de0a072ec9cfda9b2b8db5f37c7c8651ef46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/javascript

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-17656"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Nov 2022 02:30:32 GMT
prebid
r2b2-emea.adnxs.com/ut/v3/ 		19 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.68 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:32 GMT
AN-X-Request-Uuid
d9ee900f-bd86-4f7b-881d-7e0f7b62555c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
0
cdb
bidder.criteo.com/ 		234 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=30632226903
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
8b1da86ba80d89b454c1440a20a65340a9a6d9cb2570bb71a0b26a885bb1f596
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
212
prebid
etarget-emea.adnxs.com/ut/v3/ 		19 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://etarget-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.213 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:32 GMT
AN-X-Request-Uuid
7b9bc5f4-bdb8-4ce5-8ea3-26334b8cc320
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
r2b2-emea.adnxs.com/ut/v3/ 		19 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.68 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:32 GMT
AN-X-Request-Uuid
e23afe7a-0f27-444e-829a-ef97f0957fe2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ 		232 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=33985954515
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d4c3bf8e509cec6531052bab0daf4f3024e8d04a501eaaa965a54de057580127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
212
prebid
etarget-emea.adnxs.com/ut/v3/ 		19 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://etarget-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.213 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:32 GMT
AN-X-Request-Uuid
a78b6902-93ea-43d5-b873-586fab6dd94e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
r2b2-emea.adnxs.com/ut/v3/ 		19 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.68 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:32 GMT
AN-X-Request-Uuid
705738c3-a1a8-4628-a72e-d863d1908ec6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ 		234 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=31491431143
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
64950a5f556c43b7b58b6a8a57e248f6b3243681a41631408c4e98da4c582284
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
210
prebid
etarget-emea.adnxs.com/ut/v3/ 		19 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://etarget-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.213 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:32 GMT
AN-X-Request-Uuid
bcc09f43-9f73-4b9b-924d-fb472ab2ad0c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
r2b2-emea.adnxs.com/ut/v3/ 		19 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.68 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:32 GMT
AN-X-Request-Uuid
f02048d5-973a-42e8-9987-04aee8882651
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ 		234 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=65839259739
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
68a13e98d8f55b2ce26fffc080450dfb62b62f2f4d2b2abbcb5d547582577c82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
211
prebid
etarget-emea.adnxs.com/ut/v3/ 		19 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://etarget-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.213 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:32 GMT
AN-X-Request-Uuid
2e8b4261-d547-40f5-b4bc-1747b00b69c4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
r2b2-emea.adnxs.com/ut/v3/ 		19 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.68 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:32 GMT
AN-X-Request-Uuid
cf84fc53-02e2-4ac1-ab01-5aa73ffaa82a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ 		232 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=39179068096
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
dd7f5a77400f9a7234a7759574f3cdf0a900eee47c871e0c7e8f7b484fc0c3f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
211
prebid
etarget-emea.adnxs.com/ut/v3/ 		19 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://etarget-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.213 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:32 GMT
AN-X-Request-Uuid
e61687ab-e52e-46b1-83e8-367200ff7c01
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=medan.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=medan.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		138 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1683082886568733&correlator=2594960843724714&eid=31070746%2C44761477%2C31069353%2C31069924%2C31068366%2C31070232&output=ldjh&gdfp_req=1&vrg=2022110301&ptt=17&impl=fifs&iu_parts=31800665%2CTribunMedan%2CHome%2Cvignette&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=3068406939&sfv=1-0-39&ists=1&fas=8&prev_scp=pos%3Dvignette%26page%3Dhome&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1667961032954&lmt=1667961032&dlt=1667961032509&idt=411&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmedan.tribunnews.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1069401286.1667961033&ga_sid=1667961033&ga_hid=1600953303&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71c76c3f935b2f4ecc938ee8ca8cc7824ebcbb6dcce65b2f3c904317745a0781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42332
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 2FCA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:30:33 GMT
expires
Thu, 09 Nov 2023 02:30:33 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022110301.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022110301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ee392dca9cf6955b327a13a4212fc607bd8b6e01f53237ff2146526d84e0150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 15:40:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
471012
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13864
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 08:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Nov 2023 15:40:20 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 09 Nov 2022 01:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3944
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 09 Nov 2022 03:24:49 GMT
js
www.googletagmanager.com/gtag/ 		227 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3ded5c01c45225d1a3f62c728cec913e6c61a7e3871e9f3c6d032cec7170343
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79699
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 09 Nov 2022 02:30:33 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d798f58d064f654a56ef08cb2fa155290862cb2b7609624473df1e847626c9fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75812
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 09 Nov 2022 02:30:33 GMT
jxpublisher_3_1.min.js
scripts.jixie.media/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/jxpublisher_3_1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ5M3B
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
36.66.3.171 Jatimakmur, Indonesia, ASN7713 (TELKOMNET-AS-AP PT Telekomunikasi Indonesia, ID),
Reverse DNS
Software
openresty /
Resource Hash
5dc685ed4935640fc69a56126575082ea8379cf3e588d9f1d7c1c6a1aff762ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

nginx-hit
1
date
Wed, 09 Nov 2022 02:30:35 GMT
via
EA-IDN-jakarta-AREA1-CACHE22[2],EA-IDN-jakarta-AREA1-CACHE23[0,TCP_HIT,0],EA-SGP-GLOBAL1-CACHE25[3],EA-SGP-GLOBAL1-CACHE29[0,TCP_HIT,1]
x-ccdn-cachettl
2592000
x-amz-version-id
aG2xyryM3T_tewlAPS7SOjwDyC.2MlqH
age
9155322
x-amz-request-id
2KGMNTSDW2RBQ3D0
content-length
26290
x-amz-id-2
DvZnW1GznXKvmWSCcqc2fc/gwZ2gTFEoN8l5SoP24T3AiZl8l5jOhTAyKso+5WEFe4mFuVR5gg8=
last-modified
Tue, 26 Jul 2022 03:20:58 GMT
server
openresty
etag
"bf81efb754e98c5d547786eb79360e62"
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
x-ccdn-expires
1228855
accept-ranges
bytes
x-hcs-proxy-type
1
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=8077308&cs_it=b3&cv=3.8.0.210223&ns__t=1667961032995&ns_c=UTF-8&c7=https%3A%2F%2Fmedan.tribunnews.com%2F&c8=Tribun-medan.com%20-%20Berita%20Terkini%20Medan&c9=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:32 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
rHeLG0UswQ-fd6prl3i6OJRlT1VhIa6QyvCl6vPN2ugwbPbdxC4_zg==
x-cache
Miss from cloudfront
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=114488588566911&ev=fb_page_view&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&rl=&if=false&ts=1667961033028&sw=1600&sh=1200&at=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Nov 2022 02:30:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
style
accounts.google.com/gsi/ 		533 B
328 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-X0ZQKwraIU6SL4Z83j2F3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:33 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-X0ZQKwraIU6SL4Z83j2F3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 09 Nov 2022 02:30:33 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Nov 2022 02:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DFP7BBGFWN&gtm=2oeb70&_p=1600953303&_gaz=1&cid=1069401286.1667961033&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667961033&sct=1&seg=0&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&dt=Tribun-medan.com%20-%20Berita%20Terkini%20Medan&en=page_view&_fv=1&_ss=1&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DFP7BBGFWN&cid=1069401286.1667961033&gtm=2oeb70&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DFP7BBGFWN&cid=1069401286.1667961033&gtm=2oeb70&aip=1&z=1359069081
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Nov 2022 02:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FYJCTGV1LV&gtm=2oeb70&_p=1600953303&_gaz=1&cid=1069401286.1667961033&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667961033&sct=1&seg=0&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&dt=Tribun-medan.com%20-%20Berita%20Terkini%20Medan&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FYJCTGV1LV&cid=1069401286.1667961033&gtm=2oeb70&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FYJCTGV1LV&cid=1069401286.1667961033&gtm=2oeb70&aip=1&z=1820404743
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1600953303&t=pageview&_s=1&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&ul=en-us&de=UTF-8&dt=Tribun-medan.com%20-%20Berita%20Terkini%20Medan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAQCACAEK~&jid=1338500175&gjid=708812995&cid=1069401286.1667961033&tid=UA-15224089-38&_gid=212527766.1667961033&_r=1&gtm=2wgb70NNJ5M3B&cd5=medan&cd10=homepage&cd20=1069401286.1667961033&z=592009108
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-15224089-38&cid=1069401286.1667961033&jid=1338500175&gjid=708812995&_gid=212527766.1667961033&_u=YCDACEAABAQCACAEK~&z=385925606
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 09 Nov 2022 02:30:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-15224089-38&cid=1069401286.1667961033&jid=1338500175&_u=YCDACEAABAQCACAEK~&z=1332407012
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-15224089-38&cid=1069401286.1667961033&jid=1338500175&_u=YCDACEAABAQCACAEK~&z=1332407012
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame CB9B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:30:33 GMT
expires
Thu, 09 Nov 2023 02:30:33 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame CB9B 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Nov 2022 02:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 00:54:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Nov 2022 02:30:33 GMT
css
fonts.googleapis.com/ Frame 5663 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Nov 2022 02:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 00:49:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Nov 2022 02:30:33 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 5663 		2 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 14:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
42016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 14:50:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 5663 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 14:03:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
44849
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
server
cafe
etag
12585499704757265805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 14:03:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 5663 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
26292
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 19:12:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 5663 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
42708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 14:38:45 GMT
l
www.google.com/ads/measurement/ Frame 5663 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDGFRQrBGBhE386vrs1jSObOyEOxR-YzYAi39KwsrXHFkFAhJWNuRs85wfsFpoX-yvKDgxgo8Y9hlyOlt1WdtjLS1i6Q
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5663 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48209
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667824238049716"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 02:30:33 GMT
0d3fd3b530a886383bd6b91513e5ed38.js
www.gstatic.com/mysidia/ Frame 5663 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 20:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14033
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 22:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 01 Feb 2023 20:18:51 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame CB9B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
349544eac2a5e347ebc6e23a6ca44ab6531e59c40f5d337ddddf1270608ce257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38543
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7963
x-xss-protection
0
server
cafe
etag
15183902602499586604
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 15:48:10 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CB9B 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 00:17:06 GMT
x-content-type-options
nosniff
age
8007
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 09 Nov 2023 00:17:06 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CB9B 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 00:16:58 GMT
x-content-type-options
nosniff
age
8015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 09 Nov 2023 00:16:58 GMT
redir.html
p4-gsvltkuwlssbu-3pzhbhqmlybrbnrc-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 4746 		247 B
961 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-gsvltkuwlssbu-3pzhbhqmlybrbnrc-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
c021eaddeeff71e75d0674f05e7d086de1d251206265115337c3ca002f9d7885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
203
content-security-policy-report-only
script-src 'nonce-dfOUCKuxuTwuKclIid8UQA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:30:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iframe.html
p4-gsvltkuwlssbu-3pzhbhqmlybrbnrc-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 4746 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-gsvltkuwlssbu-3pzhbhqmlybrbnrc-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-gsvltkuwlssbu-3pzhbhqmlybrbnrc-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-gsvltkuwlssbu-3pzhbhqmlybrbnrc-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
2ffff28793023f4cc6d6c930d743a009b4752e9a4bb0a4535fdb6e393158e458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-gsvltkuwlssbu-3pzhbhqmlybrbnrc-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1863
content-security-policy-report-only
script-src 'nonce-9MAW2MsYEFYyzGfAdSsiKg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:30:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 09EB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 19:30:05 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=medan.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=medan.tribunnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		241 KB
60 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1683082886568733&correlator=930673323379978&eid=31070746%2C44761477%2C31069353%2C31069924%2C31068366%2C31070232%2C676982996&output=ldjh&gdfp_req=1&vrg=2022110301&ptt=17&impl=fifs&iu_parts=31800665%2CTribunMedan%2CHome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=160x600%2C728x90%7C970x90%7C970x250%2C300x600%7C300x250%2C300x250%2C300x600%7C300x250%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=2&adks=1365649329%2C1151295369%2C645028135%2C2464932481%2C645028121%2C3110274607%2C3110274592%2C976996096%2C976996097%2C709143181&sfv=1-0-39&ists=31&prev_scp=pos%3DLeftWideSkyscraper%26page%3Dhome%7Cpos%3DTopLeaderboard%26page%3Dhome%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D970x250%26hb_pb_rubicon%3D0.09%26hb_adid_rubicon%3D1329146ecdd24e54%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.09%26hb_adid%3D1329146ecdd24e54%26hb_bidder%3Drubicon%7Cpos%3DRightMediumRectangle-1%26page%3Dhome%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.04%26hb_adid_pubmatic%3D126ff3c81811995a%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D126ff3c81811995a%26hb_bidder%3Dpubmatic%7Cpos%3DRightMediumRectangle-2%26page%3Dhome%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.04%26hb_adid_pubmatic%3D128e086325a5f5b5%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D128e086325a5f5b5%26hb_bidder%3Dpubmatic%7Cpos%3DRightMediumRectangle-3%26page%3Dhome%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.04%26hb_adid_pubmatic%3D129a53f0cee585e5%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D129a53f0cee585e5%26hb_bidder%3Dpubmatic%7Cpos%3DNativeAds-Latest-1%26page%3Dhome%7Cpos%3DNativeAds-Latest-2%26page%3Dhome%7Cpos%3DNativeAds-Populer-1%26page%3Dhome%7Cpos%3DNativeAds-Populer-2%26page%3Dhome%7Cpos%3DPremiumTopframe%26page%3Dhome&eri=1&sc=1&cookie=ID%3D0720cd58a0c8ce52-22de841d71ce0008%3AT%3D1667961032%3AS%3DALNI_MaJcPt60gABGTuqyMiGGnBGhlV4bA&gpic=UID%3D00000b7eb114b2f8%3AT%3D1667961032%3ART%3D1667961032%3AS%3DALNI_MZO9G0Znu8-CPvJujYXfL8qQB3YGg&abxe=1&dt=1667961033768&lmt=1667961033&dlt=1667961032509&idt=411&adxs=225%2C436%2C1075%2C1075%2C1075%2C-9%2C-9%2C1225%2C1225%2C-12245933&adys=537%2C180%2C537%2C3260%2C4223%2C-9%2C-9%2C1261%2C1366%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C-1%7C-1%7C3%7C4%7C-1&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmedan.tribunnews.com%2F&frm=20&vis=1&psz=160x600%7C970x250%7C300x600%7C300x600%7C300x600%7C0x-1%7C0x-1%7C300x105%7C300x105%7C0x0&msz=160x-1%7C728x90%7C300x250%7C300x-1%7C300x250%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x0&fws=128%2C132%2C640%2C640%2C640%2C2%2C2%2C0%2C0%2C128&ohw=0%2C728%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1069401286.1667961033&ga_sid=1667961033&ga_hid=1600953303&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3020314cc1b798e383d8895c4a5a4eedf44a84c2177f7dc5d44d4b55211158f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61478
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,5778375738,5782653578,5806199487,5782655009,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-1,138361972125,138362601929,138366796737,138362660293,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://medan.tribunnews.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame F38C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:30:33 GMT
expires
Thu, 09 Nov 2023 02:30:33 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210191347000/ Frame C539 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 08 Nov 2022 18:47:48 GMT
age
27766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61564
x-xss-protection
0
server
sffe
etag
"84cdcac007f64412"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Nov 2023 18:47:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame C539 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:32 GMT
age
119942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5198
x-xss-protection
0
server
sffe
etag
"aeb1502543fb438c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame C539 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 04 Nov 2022 03:28:40 GMT
age
428514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28845
x-xss-protection
0
server
sffe
etag
"fdb7364f8f067758"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Nov 2023 03:28:40 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame C539 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:32 GMT
age
119942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1912
x-xss-protection
0
server
sffe
etag
"9f4a70ec77acc0d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame C539 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 02 Nov 2022 09:07:25 GMT
age
580989
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"2923b90bb7365105"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Nov 2023 09:07:25 GMT
truncated
/ Frame C539 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67c7014fe6c8c1d643dea740c99a9eb314d864535a87098425342a8c8c64553c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
container.html
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame CD5C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:30:33 GMT
expires
Thu, 09 Nov 2023 02:30:33 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210191347000/ Frame 4D72 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 08 Nov 2022 18:47:48 GMT
age
27766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61564
x-xss-protection
0
server
sffe
etag
"84cdcac007f64412"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Nov 2023 18:47:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 4D72 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:32 GMT
age
119942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5198
x-xss-protection
0
server
sffe
etag
"aeb1502543fb438c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 4D72 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 04 Nov 2022 03:28:40 GMT
age
428514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28845
x-xss-protection
0
server
sffe
etag
"fdb7364f8f067758"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Nov 2023 03:28:40 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 4D72 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:32 GMT
age
119942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1912
x-xss-protection
0
server
sffe
etag
"9f4a70ec77acc0d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 4D72 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 02 Nov 2022 09:07:25 GMT
age
580989
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"2923b90bb7365105"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Nov 2023 09:07:25 GMT
truncated
/ Frame 4D72 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce2cbae3b2d451fe41c153367c507aa2cd58a6f339432eb78a0bf73af1e25f17

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210191347000/ Frame 9A8A 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 08 Nov 2022 18:47:48 GMT
age
27766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61564
x-xss-protection
0
server
sffe
etag
"84cdcac007f64412"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Nov 2023 18:47:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 9A8A 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:32 GMT
age
119942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5198
x-xss-protection
0
server
sffe
etag
"aeb1502543fb438c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 9A8A 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 04 Nov 2022 03:28:40 GMT
age
428514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28845
x-xss-protection
0
server
sffe
etag
"fdb7364f8f067758"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Nov 2023 03:28:40 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 9A8A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:32 GMT
age
119942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1912
x-xss-protection
0
server
sffe
etag
"9f4a70ec77acc0d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 9A8A 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 02 Nov 2022 09:07:25 GMT
age
580989
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"2923b90bb7365105"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Nov 2023 09:07:25 GMT
truncated
/ Frame 9A8A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88ce10d2ea3123dea6c6fcc1a368e19229ca7bde9b1e11d79f5963fec5a64080

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
tribunnews.com.1210784.js
jsc.mgid.com/t/r/ Frame F818 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/r/tribunnews.com.1210784.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f0d86889701e9c0505b7df581b33b35db59057f2fc368cedb5dc71b27c18bef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
x-amz-version-id
fjkXtTHzOdwuJ9HprLkTedBFmgLFQeXm
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
E4EMHQYHYEVE2XHC
age
4104
cf-polished
origSize=2373
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
3XnKjqE28l5BroMUPM2jH0Jbm0QSrqOEY7tLQL90sS0e8yJ39U/E4KImRK7wlBDhlJlhZSQCSMo=
cf-bgj
minify
last-modified
Thu, 03 Nov 2022 14:22:04 GMT
server
cloudflare
etag
W/"3265d213ee7ddc960af9a42720491e1e"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7673209138537457-LHR
expires
Wed, 09 Nov 2022 05:30:34 GMT
truncated
/ Frame F818 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1be0a087633370ec5db2e1dedd7220fbae2d881bf53e27d1c6c947332a2f2651

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
tribunnews.com.1181811.js
jsc.mgid.com/t/r/ Frame 3457 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/r/tribunnews.com.1181811.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0929c6e38b78521316107239c8415db5243274f97e678f69001af4ad3dd98f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
x-amz-version-id
Y52TsdkCl24FD4t9sPOM8TgPH2JXEWiu
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
1WTTTBYZPJZWP1BX
age
3225
cf-polished
origSize=2373
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
VU6ItBVWTNGW38VDHwhGFYd63M+0HpfrZC+6VYePjK4r0UH/sUlZVFxyE6d86k4GH5Whnj+JLks=
cf-bgj
minify
last-modified
Thu, 03 Nov 2022 14:20:21 GMT
server
cloudflare
etag
W/"343465928dfeef1eb0d900eceee75e20"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7673209138547457-LHR
expires
Wed, 09 Nov 2022 05:30:34 GMT
truncated
/ Frame 3457 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2e43194d6e5732bbe8ee1401fa1503cbf2b14811d498150583fde029b929ee4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
17228771058373847583
tpc.googlesyndication.com/daca_images/simgad/ Frame C539 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/17228771058373847583
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73019fe1876fde1efc56d2756019c67d038af0cd37e9b231556146712fa64842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 15:09:58 GMT
x-content-type-options
nosniff
age
559236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59428
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 13:05:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Nov 2023 15:09:58 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C539 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:48:56 GMT
x-content-type-options
nosniff
server
cafe
age
38498
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
expires
Wed, 09 Nov 2022 15:48:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C539 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 08:13:18 GMT
x-content-type-options
nosniff
server
cafe
age
65836
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 09 Nov 2022 08:13:18 GMT
l
www.google.com/ads/measurement/ Frame C539 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7vhJIV8CW7faomwiLKi4_2uTv4e1MafEpPLjECXgL6fkem0IES9W64W0Ie4qSjij4BS9ITXoEVayV-6KVjib5wqq2ZQ
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C539 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CsFV3yRBrY6X4NLW89u8P-YejyAXuupKabfS4_7KkEK4CEAEgytbjH2CVqpSCoAegAZC16vsDyAECqQJ7g6n7reWwPuACAKgDAcgDCKoEgAJP0Fdy68k3eomAOyHvFsG4iAmgsgCK2yJs2tUMKW3fHX3M2p9IkUjGd7TrwxYwaA7LJfqI8yXNcp3ggbgi12n5GidIZZ56ZNjDFUxgRY01s1IRabRZNBWpT0ODu4d50cTcJsuo4uT_qIUuTWFyEAdP2CrhdXnGYWccdqoGOUDA1NZY-cN9UpjtVHsTfrht91wbg8-6iZQZZgJ11yZNhr8oaG6mCU6-nLrzg1dUx57qcS3N4fWSq_p74sgVv_8cB_3F6REvVNscmh_aeAv6ZkjQGXmjIvudOprzkR8npjB_LIP7kTfewLek2AbGjfBBBkKKr2c-MwGwAtgR6pvITHOzwAS72Jrs2wLgBAGSBQQIBBgBkgUECAUYBKAGAoAH2MqVBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJauCtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTc3ODQwMzQwNjEyNTMwMjAY0cMR&sigh=tRewvaJWfAs&uach_m=[UACH]&cid=CAQSOwDq26N9BfmP1ZkBad29MnXuRia0vH3wW1xhXXADt9A_jlirU0yF1N0BgJNrWVLLq_3pIqcFmaLtsu5YGAEgEw
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
9054329694116232591
tpc.googlesyndication.com/simgad/ Frame 4D72 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9054329694116232591?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmcMKGBiTzkQ3ZdgA7TnkKb_qeRgw
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f725282aeef31b01557ecc7e4ef5e58444ff76f859afcbb012cae123d9a06d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 15:41:26 GMT
x-content-type-options
nosniff
age
557348
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33603
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 12:59:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Nov 2023 15:41:26 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4D72 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:48:56 GMT
x-content-type-options
nosniff
server
cafe
age
38498
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
expires
Wed, 09 Nov 2022 15:48:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4D72 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 08:13:18 GMT
x-content-type-options
nosniff
server
cafe
age
65836
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 09 Nov 2022 08:13:18 GMT
l
www.google.com/ads/measurement/ Frame 4D72 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPUEB41-iQQJD8Ouag3zbGyIBDNv30FEfKNyZ84e5XaGKK4NTFzdq_WrRg0_NXTbxkSCbWf2YRvG3S9IqCG3_27e9_NQ
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 4D72 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cox7VyRBrY6f4NLW89u8P-YejyAXqzeabbduP8YbbEI_Z6fjiMBABIMrW4x9glaqUgqAHoAGQter7A8gBAqkCe4Op-63lsD7gAgCoAwHIAwiqBIACT9C4k1g9HbfwrleqZbKruaU0HmJJXseSi5RHYJNyFpotxd-Dv5lcrpxKCGtUD3Gky8IONprhn2w9IympZmL5ADdl_93G9boZbM47G6oChr1FIQ3sBdEWMYCxp7DHX0aW8Q-8HuIsDCVi5mBamxn1mMu56wkoSlxk-osjNF2zHRAF6aDHAMbNjdaaILzuK-egrUNvh74zoUq-Iw1rfKcBlIVk9od_uolFNVc27ETcPkYhnkMeCeRF5Bj1U-7MM2hoZ_LbNnEPTkGkSp4QRSF0YXl4lmHIar6qkjmfgc62HpAH1FIu_CKVPl5EEb-igvyTum2Srlh0FnuAWGCdmMNv8sAE05iZqqMC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB9jKlQSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDbrAnSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi03Nzg0MDM0MDYxMjUzMDIwGNHDEQ&sigh=_0Mxds3Lhds&uach_m=[UACH]&cid=CAQSOwDq26N9BfmP1ZkBad29MnXuRia0vH3wW1xhXXADt9A_jlirU0yF1N0BgJNrWVLLq_3pIqcFmaLtsu5YGAEgEw
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
16096933925413000740
tpc.googlesyndication.com/daca_images/simgad/ Frame 9A8A 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16096933925413000740
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395427f376c7c80bf11e9738a4eeb56cb1c845268c9bab441a5ff057081673ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 14:41:41 GMT
x-content-type-options
nosniff
age
560933
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75042
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 13:05:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Nov 2023 14:41:41 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9A8A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:48:56 GMT
x-content-type-options
nosniff
server
cafe
age
38498
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
expires
Wed, 09 Nov 2022 15:48:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9A8A 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 08:13:18 GMT
x-content-type-options
nosniff
server
cafe
age
65836
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 09 Nov 2022 08:13:18 GMT
l
www.google.com/ads/measurement/ Frame 9A8A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJgyVY3V7pEsdaQdAfvuXXv_umikXzgT-6WJuRb8AeAJHlceIMdqlgEziBYVy1zUO6pP4jsw6cycvQjoVRUmAQwOG-4g
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 9A8A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHWgWyRBrY6j4NLW89u8P-YejyAXqzeabbfuQ8YbbEI_Z6fjiMBABIMrW4x9glaqUgqAHoAGQter7A8gBAqkCe4Op-63lsD7gAgCoAwHIAwiqBIACT9BKrVPx8CnJDnpTO0Rh5H2MhAz_x5mjPU4xW8di1W1elptULFfy7EqR7KafI0j_8wznkDUFvD8Oii7kqCkipV-El3jEVPvAJ6TjbQoXanhy7dCeFo1Rsg9LBfvBUmKi7ZTk9KFXS3HVhm19jSpATvU6C_nb8wHdiVbrwutfUcCnYXqKAwqG-WysC8DboeCgv4JtPqe0-BAbnjnQdzpHgnrV0B_x0on4QHX3V5wrtHhYKQZGzj6kaF60sDC6YXJt_RsevvVsj7aAHz25TpS4WghQ5JyXstqwwSYBvmRR5wrg9ONxJL1ApX3XN06Qdin01GAUViY3dBo6UkBHGYQ998AE05iZqqMC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB9jKlQSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDQxA3SCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi03Nzg0MDM0MDYxMjUzMDIwGNHDEQ&sigh=s2x0W0SiTrE&uach_m=[UACH]&cid=CAQSOwDq26N9BfmP1ZkBad29MnXuRia0vH3wW1xhXXADt9A_jlirU0yF1N0BgJNrWVLLq_3pIqcFmaLtsu5YGAEgEw
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame A6D7 		624 B
670 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaz1ZIDEIzy-JMDGJT-otgBMAE&v=APEucNUTbD9_b-UrW0pTCF1NK32kveSbtkSvayICpIPDXjvf-Ib6BQVLnA4jZTY1vz0tg6ulhLq-Y2oEAkG_VlW_nT6KNoN4sKCj1CdNweaFjS9H5GqOGqdJfArbRi1OggAy2UcNLhZ7M1zQtRDk_iLiMag_gzbYfg78I4AvZspAnlRdokasiwQ
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:30:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame F38C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 18:06:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30242
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
server
cafe
etag
12585499704757265805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 18:06:32 GMT
15142923358481430376
s0.2mdn.net/simgad/ Frame F38C 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15142923358481430376
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8956083570df6561abc6a57805765bd7c6ad54dd4ccde6750c84597289be1759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 11:46:04 GMT
x-content-type-options
nosniff
age
398670
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54345
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 09:34:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Nov 2023 11:46:04 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame F38C 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 18:06:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30242
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 18:06:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F38C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvR_fgcCWqp065i21mOJycdxrDa6r-MVW2NAUZxdmPtCEnH9bcJEI-SQwvEsBMo_Iq_rByTwk_gutCZrC2RZUBvuzk92RYzkU7vbbPx3PxzQukGpeuoT8PyUujgxDa_Ha5x6dT3xM38WDUXT1gELlc_u6GGOSJb76qEi-rXvq1Og_N8Kizp11dIioSrzFRDrIXXq57OeEvOYjjXBkYUjYtnG6B_GydB4vormJPF110g7d45XNx3Hwqln4gNAduFEKzhdQYbfIJ0_gDQQvZJWXebrTcBGSfF-9doLkMRkDzEc5mQIhn6AbEiIJUJ6Jlgyfupnz-AlFafd-ChnGjmbZAHeBe8URUwyQ8v7LXFb1w4Yoo66-9MFgeCBXNgapTsEF8O_02YOaaNSpZAKVvcE_GAZ6en8hW76ngvBYoOPfAfvf1NNfqjnaeL_f5zxlfO0w0FVmjtvgEjKo7f-pcBevCDI0qaxf0nOto2TjzZ8_SP4HcBa2QlCPrCXxnReHGQxH_TlTgiNU61kFbeIgqhx_rLXbpvq5X7ObH_hfWADtRJddl0j7OLArnCoN0XTXlA1bQ8PyaF3BG1TWUK9seCg63N0jZ1JTNcDN2yslBLD0g-9UIBFhoDZTLDmesHZBXRPwpmR2kkxpeX3RU-Dj8LQXcHi4pKKhoBjbK4C0nlsFI8bHpTFEDnSWlvJkx6ZT2iSnLJsPsphOc6lMUvzsRu2MsbAE8MTFNiTxUn_tFyPumkFRs669rGnI2XG2XoEAo0hK-yrp15SHlNT33nqoP2XpUFbmMgkVfz_rJd3c1xiF6BfmFfvKFjJ95evEsFAenZbvl5c1HxiwTxbQEc3910FJwASOFlR6Ioq3NPrUAcIz8VIO3DjkQZ5VCDitiqHhn1NSNpU4I5x1RP8sRKvI_aDDsFzV5qbX-otAnqMZ6mdiDpN_ndI5CzjV0BLQk5yaTYdaO2LsJi0KPH_EkV-vbcmEj2o9eIW05r7NTYLpnioC-lUyGRKRUAukVpUXEsnaKNVEkuelhfR59gmboxq9c0KFWrLU63cPJNb4B75R4AOt98UCx9V1RMJ1Uvf4-StL_tsIZeZm6EagoXgg6kNOa3FFaD_mX68vJBA0PXXtCY6oNdInM-ueNdaBBp3npOzops95vmnbfyQBCzhsWKoaqdZmDcqdbCmmbyV5O9DsOPb-Z9dioBefVT17TINEndR6fhDfLyUwqy2kDR&sai=AMfl-YQ0aGlkBFc3sST1giy2TjRPQf_RlJi8weJf_VBADuDZ432OeXPrBQMfjZQx8iyAvz591bwoZQsOBcyczfPd0CxXNUSw4kvE4UFmX9U3AlOQSAp9J-JlVjO7Km0zwCdA67wg_j_iB8a8GhVhlsN4SCdIJV6KpXTYTTxgmDs6hGFv0Ag8mPluBLfxxTOryjvv0uSJehRT0tacfvgJwsCYK7EHURk3QnxAZ59ZT-O6c9czf_CpPbmFjmyGS2VP9oM6OAac7DLCIwKZdbVYr0gdlw3QA54mwnLR3UuKKKawPQh2S60axtED0eNcyZZDVvEbhcuKAYF0QsHdIbsi_VtWYp3JLQZ3gbJGXsp9WvEklJezFTrC66nHJ9-YL2GpbLApjVyPFGnb2JZa3ycVSeFpeg&sig=Cg0ArKJSzDKujxYXpFAxEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221101.16584&arae=0&ftch=1&adurl=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 09 Nov 2022 02:30:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 09 Nov 2022 02:30:34 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F38C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 11:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
399991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 11:24:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F38C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AnmUyP41f8ufdxi7EsH1FJvXxNATwLbtmnUGM36MQG6Y1lMtu6DZ7uRkC8Bvs9prBJ-evR_QmqZHQsyRYuo1p2VlG5oaa8yI2tgaaA87uzlUuK4Lo
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame F38C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
26293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 19:12:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame F38C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
42709
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 14:38:45 GMT
l
www.google.com/ads/measurement/ Frame F38C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfbclLBCqBQpQ8YtTofOSW05Ug1-XgxahIbP01UN4qTK76ZMGGo4lpwrl-I7a7dp_8_3PGI59hbuVqeqoVI8LauwgOFA
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F38C 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48209
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667824238049716"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 02:30:34 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B7F2 		640 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARim4ILYATAB&v=APEucNVsolAbgIZyTLJEYhMHaVnvGoef0QvCpPEpVH38RcfzB2snUADHvZCgD7ZLsKiNHnrXkQaRBIBm-q6Qp7YaHWkSunKh-E8rUAb5E8IcE00neC52K0XmVjc7TqxpVvnIKN89--RBqYM8kPigou7LV4cVY78Gycw8WEDEHEiizoRn5wHZd8w
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:30:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame CD5C 		86 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9FCt4lrrye79HNuhPr8Z-YMsFst7E_kjxGLKfQS4WNsKuM9tQ1HdzzHstHJQeK7ipjxf2eyikm0i3miLBwCWpIc4PSZYUAwOZI7V4rRTeLRqnEOYbT22Hz6MxGz336_bGIP1FiblghftT5TPZDPsG4sAVOVTH4pASrmdnC4kLdtrTiuw&dbm_d=AKAmf-Dkeg0qzdP9U3X4asrQ5dO6-VWp9wyw0M_DLKM6iU-nfhlW1CGzSlIhJheayJ_Nft5-gmQdNpDR0P1oGoZcrt0KQs2GaEXxe5fhYBaqx8hxmfdvMeuTsPK13MXs6eC40AYdO1w1tXpKKdaE8SrFiomNKrVaQzUrLuDchHFqbFixw5uYAk_rMjdSk1LITPmrdN2wBaU5ji_zXDtu1INb8DRq9N2YOGU46ckl_qI9qAGmbV2qYEEOKMx8TXSjWH7J6xuCvY33tmUFkZNVkaNsCTTB9eCJbo1sVdkdcVTM9lDhOJInwG-SaipRHig37SWikTUgzsBm1uFbzVScje-8DVPKPXggIfDDTgvS8Oj-rMp9BttKKTD28Kg4EY5zaYUInvTmz69kMuIlLA2C-gV1SBQQUuekyL60GsT3afXeClQ_xQrtvpnQUf67_3hmqi8JuicUXYR6t40nThfYRIN2qXIEcCFex-WKhXm3MA91GellhuTi7ReSzfOFB-9dEMImMGzbsGtnv6KFtO5TKW6xKodHgvh2Za_3ey9F_WkodaVQo9SwZKsYjCjntl7gvPWqT_0uHI-ZCcqCipQVmlnPZ7-bg51WqFmmAiAIw6_jp52K6TCE2Gk0a5NoPw0nEpQqRpBnt-OZNi6Ma0WbKl8bYM3eLbFHr7zWw_k_2UX9zrm0h0v47HLRO-5_SpfFqBYqljnb5M8VFhWPYXKT2n-jnT4ABmgGkeVZn5FJ11UjcGabfMccCmOazjsEBfdbTf4hVkmH_mt5VU3dSktLnGDnl9xUXnqGnXZNC6EO3GODffI8CyJboYqIHy307rOv1zboJ0ooUrTmHXvQ_uE4BufrNRY7xP3x06-MvDpSbi2ZDqyOPslyS67cyfLuKs0-EV7LUaT8nHX3xlEJkMvfcVJr4i-sln3fz60MOgjtEzQGpGKSeBvq-716uq-wpEVnSjQzUpbo4x8iplbweBjUgqMJWzUoPVB21eIv1K92AqizNne-vt0yGPww-krTMi_q8R_GbP2CzYSfnNllE24tSjZJcAcVzaHMfGuJq7psJdgZP4dovMypvVOQKBPuYyzHgNdz8zzdj1NtTgbXrC-trcfFBc1ynmQmDWIzopuQKOmJOcxeCeguOKaGo5OtbizYhNlPIeXdv2QiP6DmZ3A2YjShlkZDWdUq8j9_HAkMkKdIQJEPCQ2KajLN3jc5aJwmRkYu74KHpwAuv057kWMmhJ1qkqpts8Z3zlIITlBw7yL-gx6oShqG2k1Z9oXgp7If-tLFUuWeQ6IsOCMv92QioLN2RyRgSPRTEEcPBeB3YeZopK4emLHzTIcByAyGOBduy5ZCwAnF9ulyJ_ETz31pLANNJf90BY6A2Txw5j3muyqu7az2UvmEJoEGrLXghOJSZ1-Gua9GOD6nAX3o-GnfOfHWOVhtGB0vfR8_OlRkJgVZdPnzoBZk6D_KwKFt7Gjg0rjvV8Go0WBNlrt71bcI3IIEG-RnmVWI81GlaSgFmXoXfliNbq560EdlnpxxHi5YO9b_q5WaWa66mBHb5fbECjW2jjX5BI7ldvzPciwsAvybSwgUAZDui8myDfG6-XZH344GOac5G4xyydfeoCy0CCUjmqjs8O7LM2wPrscxMgQFiMm7YH9jZ-dZY1TzZiGmcx5FkEshXY6mgGkUDtSFTNSFuETneCRX_53-SISbS6TCqcM4hcx0QaVFmJkGxtOHT9vNokMAoGyzb1nY_pxWhVabKLAn-ggGy6NnlUTkGsSQBEieg01npV4UGQjWHyFZZprrbP5ZFCXYAXXibeXu1sqexTnCaq5D-y0Qo-Ysc4Xhx8TEUpiQVfGicbgUFxn6UpTtYRwAYCPPK2EodczPiKJnVMCUvYNSHTvCDnL7yawh-H-KP48c65m6aV2s-UOu2eAI6bIomqrfXcj0evyU_sQXgYBTBYUOYkGhZcw7smSzotMk3b6X_4m1xGVrLUUvJWPpBfFr2pqfannKRKMV5kRvirNWFzHEwKX0pRcX6ITwQoTuazIOq-0TULRj8y_GGj739QLf3caMIF_xBYdpX5lhBGYRN6XUtx0cRlsCSfreQ3KED85OuUOZHHGtb9lTBz0SumQtqg-cfxBkwOVneFn_i2Su6qtGNQmv563j2b3UiRxNFVOpdtWduDmSJHz7NDLl0hLlpDIhExUOmkZuC7QWh-u_G7fsvw6mxnrXFGLqnCIUyi-dupUeL88E6wZ4w1zZQNsydkPck7dgm0gaclYFKe1MvLww0xHxhiv1gnyjpbyDijW2vy3dVL3Ke0S1vrP7hFaw-oazkrWpruhrrs3lUnhwXqip2MfrRn_Z7V8nzUic_3RTJhS5-k8Bf_-Wq4QKt6Qu2ShHaetguzql-sPWCN07qy-hqxlgGi-5F6iOqesERmMfsMDpALueps1hj5Pinw_GFAlz9ZxxMlprzQh9imqbvxVGkYru2HYbEzg3X0QuKU7XDLlOHm20iW4ZtF1d8eZcYOwZSq8sGd0GZlzOiRiTNBX7BxwHDq62dG0QmREqHik7x7li4x6-PVn_b0IuSIk_4GZazDB-EUPKfTP23vwYuNoHdwHF_t3TBJlIcFjPlvipWls5RNjWyjIQxpcB8H5JeBZPGjd2mSEnfZHbald4OfN5Ww2VBY8WVj3YihrUyRWNXD5bomu92NGWQJY5n-vwS4e4AB1mNHAmku_miCNp3tHPg2mZzYSYD0hOhPDq0V_bz_trVltKwwXyHdFjahMzFYt4ZB653QRJXzgaK-HGSLMl2bNjDUebjMaWZvi77nj7PkMSX0YKvCUQI7_ZkLyKck_XrUd2fcFVbZxNsZa0hHZ9JEkcIyTvNPnp2Sl1Kcqh4_CGZdJJEVt5bN6SbFgjbaXaMZjyCz9OV64vKLZJdol0Qdeuvn5VpMZlqbqeq8gcmdNcu11TWArPxmIFxriaWB7KNeRLh2UzrvWzmQskITeCUlwiAP89R1DWw-rbOHGcYUJABAEyyN5wyVFEXtktyrYNtcvVLPSku7sklgGJ6gbFVEL709KfkkMhU6jChmOX_YcdtEYmkgYXOGfUMoKl8JAw2yHVHZ0tREBemzUUWFlW8lLSSdpa_ELRj6WjZRcuPV_m6r2WAuREEEAbNP-QETyZRlpTrGTFNeAbXr71KPHl_kY1uG88_k1rFbHqayvE_66kgKQYgbkP-OiOgt4Q4iOMLUiQOw1t023fqYbNB2ksvQbAaRGtDUyme84zXPCcDKwetWFDIf8Mfvs6NYzyXaGeJfwqMco1_TQqDWm7ZmSc2BXgot2yGdhXT8bcf92nRgjiHjM79VnFLVNvmazElhIm0JcOvQs5V-nyZgUNt5mO7IBQ4mTwTiY5jvL0-1qdJIc_j7QIuKdJtkvJMR0fm-iw6Gns9jTLdc8t58QRNrAZkYtNBZuIv18NX0XtILnTq3r3YbYlQcoXmbehdPuhEczd&cid=CAQSOwDq26N9BfmP1ZkBad29MnXuRia0vH3wW1xhXXADt9A_jlirU0yF1N0BgJNrWVLLq_3pIqcFmaLtsu5YGAEgEw&rfl=1%2Chttps%253A%252F%252Fmedan.tribunnews.com%252F%240
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3992e0ea0ae3f6c1dd0003d5d1623b6b96948c79b7ab6f5085e0eeffaff2de0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35506
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD5C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0ok9AAFugaIQJjFes0IuL1c56-JNlfNVmoHCpJtmm-PdRB9rS3WFUcfU_fW7utSHT-zZ4WZq627wOcd85n1IxdTAkXXSonud6Xk-sLlVFEThHKqc
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame CD5C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
26293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 19:12:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame CD5C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
42709
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 14:38:45 GMT
l
www.google.com/ads/measurement/ Frame CD5C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJh2Dv7yhxsD3ps60cSEiZfjoKEPXhevbKK6PAYe8lpQjRf-ewI-scBaugxtVOEi604G60S_pgVighBUQCyWkHJA_EFw
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CD5C 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48209
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667824238049716"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 02:30:34 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C539
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Wed, 09 Nov 2022 02:30:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame A6D7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-dUOveGjMVjriXGIJwv3A&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-dUOveGjMVjriXGIJwv3A&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-dUOveGjMVjriXGIJwv3A&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaz1ZIDEIzy-JMDGJT-otgBMAE&v=APEucNUTbD9_b-UrW0pTCF1NK32kveSbtkSvayICpIPDXjvf-Ib6BQVLnA4jZTY1vz0tg6ulhLq-Y2oEAkG_VlW_nT6KNoN4sKCj1CdNweaFjS9H5GqOGqdJfArbRi1OggAy2UcNLhZ7M1zQtRDk_iLiMag_gzbYfg78I4AvZspAnlRdokasiwQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEJ-dUOveGjMVjriXGIJwv3A&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame A6D7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2sQyhIH5wdtmTLMafV00gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-dUOveGjMVjriXGIJwv3A&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-dUOveGjMVjriXGIJwv3A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaz1ZIDEIzy-JMDGJT-otgBMAE&v=APEucNUTbD9_b-UrW0pTCF1NK32kveSbtkSvayICpIPDXjvf-Ib6BQVLnA4jZTY1vz0tg6ulhLq-Y2oEAkG_VlW_nT6KNoN4sKCj1CdNweaFjS9H5GqOGqdJfArbRi1OggAy2UcNLhZ7M1zQtRDk_iLiMag_gzbYfg78I4AvZspAnlRdokasiwQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-dUOveGjMVjriXGIJwv3A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A6D7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKHV8tILl8bcdqEzASnV9L4&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKHV8tILl8bcdqEzASnV9L4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaz1ZIDEIzy-JMDGJT-otgBMAE&v=APEucNUTbD9_b-UrW0pTCF1NK32kveSbtkSvayICpIPDXjvf-Ib6BQVLnA4jZTY1vz0tg6ulhLq-Y2oEAkG_VlW_nT6KNoN4sKCj1CdNweaFjS9H5GqOGqdJfArbRi1OggAy2UcNLhZ7M1zQtRDk_iLiMag_gzbYfg78I4AvZspAnlRdokasiwQ
Protocol
HTTP/1.1
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:34 GMT
AN-X-Request-Uuid
61693877-f11f-41f0-8db4-4ba27bbcfad5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKHV8tILl8bcdqEzASnV9L4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A6D7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkyOTUzODMzNzM1MDY1MzIzOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkyOTUzODMzNzM1MDY1MzIzOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaz1ZIDEIzy-JMDGJT-otgBMAE&v=APEucNUTbD9_b-UrW0pTCF1NK32kveSbtkSvayICpIPDXjvf-Ib6BQVLnA4jZTY1vz0tg6ulhLq-Y2oEAkG_VlW_nT6KNoN4sKCj1CdNweaFjS9H5GqOGqdJfArbRi1OggAy2UcNLhZ7M1zQtRDk_iLiMag_gzbYfg78I4AvZspAnlRdokasiwQ
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 09 Nov 2022 02:30:34 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
21f1e8f2-3302-4927-891a-de3d6f325af6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkyOTUzODMzNzM1MDY1MzIzOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
17228771058373847583
tpc.googlesyndication.com/daca_images/simgad/ Frame C539 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/17228771058373847583
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73019fe1876fde1efc56d2756019c67d038af0cd37e9b231556146712fa64842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 15:09:58 GMT
x-content-type-options
nosniff
age
559236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59428
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 13:05:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Nov 2023 15:09:58 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C539 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:48:56 GMT
x-content-type-options
nosniff
server
cafe
age
38498
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
expires
Wed, 09 Nov 2022 15:48:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C539 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 08:13:18 GMT
x-content-type-options
nosniff
server
cafe
age
65836
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 09 Nov 2022 08:13:18 GMT
sd
us-u.openx.net/w/1.0/ Frame B7F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGC1PeHuknoqudDz93XlpS8&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGC1PeHuknoqudDz93XlpS8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARim4ILYATAB&v=APEucNVsolAbgIZyTLJEYhMHaVnvGoef0QvCpPEpVH38RcfzB2snUADHvZCgD7ZLsKiNHnrXkQaRBIBm-q6Qp7YaHWkSunKh-E8rUAb5E8IcE00neC52K0XmVjc7TqxpVvnIKN89--RBqYM8kPigou7LV4cVY78Gycw8WEDEHEiizoRn5wHZd8w
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGC1PeHuknoqudDz93XlpS8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame B7F2 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARim4ILYATAB&v=APEucNVsolAbgIZyTLJEYhMHaVnvGoef0QvCpPEpVH38RcfzB2snUADHvZCgD7ZLsKiNHnrXkQaRBIBm-q6Qp7YaHWkSunKh-E8rUAb5E8IcE00neC52K0XmVjc7TqxpVvnIKN89--RBqYM8kPigou7LV4cVY78Gycw8WEDEHEiizoRn5wHZd8w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame B7F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEB-RBzahRnY39Vvdi3G3h8g&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEB-RBzahRnY39Vvdi3G3h8g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARim4ILYATAB&v=APEucNVsolAbgIZyTLJEYhMHaVnvGoef0QvCpPEpVH38RcfzB2snUADHvZCgD7ZLsKiNHnrXkQaRBIBm-q6Qp7YaHWkSunKh-E8rUAb5E8IcE00neC52K0XmVjc7TqxpVvnIKN89--RBqYM8kPigou7LV4cVY78Gycw8WEDEHEiizoRn5wHZd8w
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Wed, 09 Nov 2022 02:30:34 GMT
pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEB-RBzahRnY39Vvdi3G3h8g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame B7F2 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARim4ILYATAB&v=APEucNVsolAbgIZyTLJEYhMHaVnvGoef0QvCpPEpVH38RcfzB2snUADHvZCgD7ZLsKiNHnrXkQaRBIBm-q6Qp7YaHWkSunKh-E8rUAb5E8IcE00neC52K0XmVjc7TqxpVvnIKN89--RBqYM8kPigou7LV4cVY78Gycw8WEDEHEiizoRn5wHZd8w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Wed, 09 Nov 2022 02:30:34 GMT
pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9A8A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Wed, 09 Nov 2022 02:30:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4D72
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Wed, 09 Nov 2022 02:30:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
9054329694116232591
tpc.googlesyndication.com/simgad/ Frame 4D72 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9054329694116232591?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmcMKGBiTzkQ3ZdgA7TnkKb_qeRgw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f725282aeef31b01557ecc7e4ef5e58444ff76f859afcbb012cae123d9a06d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 15:41:26 GMT
x-content-type-options
nosniff
age
557348
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33603
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 12:59:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Nov 2023 15:41:26 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4D72 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:48:56 GMT
x-content-type-options
nosniff
server
cafe
age
38498
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
expires
Wed, 09 Nov 2022 15:48:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4D72 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 08:13:18 GMT
x-content-type-options
nosniff
server
cafe
age
65836
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 09 Nov 2022 08:13:18 GMT
16096933925413000740
tpc.googlesyndication.com/daca_images/simgad/ Frame 9A8A 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16096933925413000740
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395427f376c7c80bf11e9738a4eeb56cb1c845268c9bab441a5ff057081673ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 14:41:41 GMT
x-content-type-options
nosniff
age
560933
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75042
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 13:05:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Nov 2023 14:41:41 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9A8A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 15:48:56 GMT
x-content-type-options
nosniff
server
cafe
age
38498
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
expires
Wed, 09 Nov 2022 15:48:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9A8A 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 08:13:18 GMT
x-content-type-options
nosniff
server
cafe
age
65836
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 09 Nov 2022 08:13:18 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3EAB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
399991
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 04 Nov 2022 11:24:03 GMT
expires
Sat, 04 Nov 2023 11:24:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A118 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43974
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 14:17:40 GMT
etag
48472445140208031
expires
Wed, 09 Nov 2022 14:17:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F38C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d846e60a3a68a7746fe49c990877c745feab405a4e1fc9b1760929222d791051

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame F38C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvR_fgcCWqp065i21mOJycdxrDa6r-MVW2NAUZxdmPtCEnH9bcJEI-SQwvEsBMo_Iq_rByTwk_gutCZrC2RZUBvuzk92RYzkU7vbbPx3PxzQukGpeuoT8PyUujgxDa_Ha5x6dT3xM38WDUXT1gELlc_u6GGOSJb76qEi-rXvq1Og_N8Kizp11dIioSrzFRDrIXXq57OeEvOYjjXBkYUjYtnG6B_GydB4vormJPF110g7d45XNx3Hwqln4gNAduFEKzhdQYbfIJ0_gDQQvZJWXebrTcBGSfF-9doLkMRkDzEc5mQIhn6AbEiIJUJ6Jlgyfupnz-AlFafd-ChnGjmbZAHeBe8URUwyQ8v7LXFb1w4Yoo66-9MFgeCBXNgapTsEF8O_02YOaaNSpZAKVvcE_GAZ6en8hW76ngvBYoOPfAfvf1NNfqjnaeL_f5zxlfO0w0FVmjtvgEjKo7f-pcBevCDI0qaxf0nOto2TjzZ8_SP4HcBa2QlCPrCXxnReHGQxH_TlTgiNU61kFbeIgqhx_rLXbpvq5X7ObH_hfWADtRJddl0j7OLArnCoN0XTXlA1bQ8PyaF3BG1TWUK9seCg63N0jZ1JTNcDN2yslBLD0g-9UIBFhoDZTLDmesHZBXRPwpmR2kkxpeX3RU-Dj8LQXcHi4pKKhoBjbK4C0nlsFI8bHpTFEDnSWlvJkx6ZT2iSnLJsPsphOc6lMUvzsRu2MsbAE8MTFNiTxUn_tFyPumkFRs669rGnI2XG2XoEAo0hK-yrp15SHlNT33nqoP2XpUFbmMgkVfz_rJd3c1xiF6BfmFfvKFjJ95evEsFAenZbvl5c1HxiwTxbQEc3910FJwASOFlR6Ioq3NPrUAcIz8VIO3DjkQZ5VCDitiqHhn1NSNpU4I5x1RP8sRKvI_aDDsFzV5qbX-otAnqMZ6mdiDpN_ndI5CzjV0BLQk5yaTYdaO2LsJi0KPH_EkV-vbcmEj2o9eIW05r7NTYLpnioC-lUyGRKRUAukVpUXEsnaKNVEkuelhfR59gmboxq9c0KFWrLU63cPJNb4B75R4AOt98UCx9V1RMJ1Uvf4-StL_tsIZeZm6EagoXgg6kNOa3FFaD_mX68vJBA0PXXtCY6oNdInM-ueNdaBBp3npOzops95vmnbfyQBCzhsWKoaqdZmDcqdbCmmbyV5O9DsOPb-Z9dioBefVT17TINEndR6fhDfLyUwqy2kDR&sai=AMfl-YQ0aGlkBFc3sST1giy2TjRPQf_RlJi8weJf_VBADuDZ432OeXPrBQMfjZQx8iyAvz591bwoZQsOBcyczfPd0CxXNUSw4kvE4UFmX9U3AlOQSAp9J-JlVjO7Km0zwCdA67wg_j_iB8a8GhVhlsN4SCdIJV6KpXTYTTxgmDs6hGFv0Ag8mPluBLfxxTOryjvv0uSJehRT0tacfvgJwsCYK7EHURk3QnxAZ59ZT-O6c9czf_CpPbmFjmyGS2VP9oM6OAac7DLCIwKZdbVYr0gdlw3QA54mwnLR3UuKKKawPQh2S60axtED0eNcyZZDVvEbhcuKAYF0QsHdIbsi_VtWYp3JLQZ3gbJGXsp9WvEklJezFTrC66nHJ9-YL2GpbLApjVyPFGnb2JZa3ycVSeFpeg&sig=Cg0ArKJSzDKujxYXpFAxEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=179&vt=11&dtpt=178&dett=2&cstd=0&cisv=r20221101.16584&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 09 Nov 2022 02:30:34 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame CD5C 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
Origin
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 16:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 16:47:17 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame CD5C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9FCt4lrrye79HNuhPr8Z-YMsFst7E_kjxGLKfQS4WNsKuM9tQ1HdzzHstHJQeK7ipjxf2eyikm0i3miLBwCWpIc4PSZYUAwOZI7V4rRTeLRqnEOYbT22Hz6MxGz336_bGIP1FiblghftT5TPZDPsG4sAVOVTH4pASrmdnC4kLdtrTiuw&dbm_d=AKAmf-Dkeg0qzdP9U3X4asrQ5dO6-VWp9wyw0M_DLKM6iU-nfhlW1CGzSlIhJheayJ_Nft5-gmQdNpDR0P1oGoZcrt0KQs2GaEXxe5fhYBaqx8hxmfdvMeuTsPK13MXs6eC40AYdO1w1tXpKKdaE8SrFiomNKrVaQzUrLuDchHFqbFixw5uYAk_rMjdSk1LITPmrdN2wBaU5ji_zXDtu1INb8DRq9N2YOGU46ckl_qI9qAGmbV2qYEEOKMx8TXSjWH7J6xuCvY33tmUFkZNVkaNsCTTB9eCJbo1sVdkdcVTM9lDhOJInwG-SaipRHig37SWikTUgzsBm1uFbzVScje-8DVPKPXggIfDDTgvS8Oj-rMp9BttKKTD28Kg4EY5zaYUInvTmz69kMuIlLA2C-gV1SBQQUuekyL60GsT3afXeClQ_xQrtvpnQUf67_3hmqi8JuicUXYR6t40nThfYRIN2qXIEcCFex-WKhXm3MA91GellhuTi7ReSzfOFB-9dEMImMGzbsGtnv6KFtO5TKW6xKodHgvh2Za_3ey9F_WkodaVQo9SwZKsYjCjntl7gvPWqT_0uHI-ZCcqCipQVmlnPZ7-bg51WqFmmAiAIw6_jp52K6TCE2Gk0a5NoPw0nEpQqRpBnt-OZNi6Ma0WbKl8bYM3eLbFHr7zWw_k_2UX9zrm0h0v47HLRO-5_SpfFqBYqljnb5M8VFhWPYXKT2n-jnT4ABmgGkeVZn5FJ11UjcGabfMccCmOazjsEBfdbTf4hVkmH_mt5VU3dSktLnGDnl9xUXnqGnXZNC6EO3GODffI8CyJboYqIHy307rOv1zboJ0ooUrTmHXvQ_uE4BufrNRY7xP3x06-MvDpSbi2ZDqyOPslyS67cyfLuKs0-EV7LUaT8nHX3xlEJkMvfcVJr4i-sln3fz60MOgjtEzQGpGKSeBvq-716uq-wpEVnSjQzUpbo4x8iplbweBjUgqMJWzUoPVB21eIv1K92AqizNne-vt0yGPww-krTMi_q8R_GbP2CzYSfnNllE24tSjZJcAcVzaHMfGuJq7psJdgZP4dovMypvVOQKBPuYyzHgNdz8zzdj1NtTgbXrC-trcfFBc1ynmQmDWIzopuQKOmJOcxeCeguOKaGo5OtbizYhNlPIeXdv2QiP6DmZ3A2YjShlkZDWdUq8j9_HAkMkKdIQJEPCQ2KajLN3jc5aJwmRkYu74KHpwAuv057kWMmhJ1qkqpts8Z3zlIITlBw7yL-gx6oShqG2k1Z9oXgp7If-tLFUuWeQ6IsOCMv92QioLN2RyRgSPRTEEcPBeB3YeZopK4emLHzTIcByAyGOBduy5ZCwAnF9ulyJ_ETz31pLANNJf90BY6A2Txw5j3muyqu7az2UvmEJoEGrLXghOJSZ1-Gua9GOD6nAX3o-GnfOfHWOVhtGB0vfR8_OlRkJgVZdPnzoBZk6D_KwKFt7Gjg0rjvV8Go0WBNlrt71bcI3IIEG-RnmVWI81GlaSgFmXoXfliNbq560EdlnpxxHi5YO9b_q5WaWa66mBHb5fbECjW2jjX5BI7ldvzPciwsAvybSwgUAZDui8myDfG6-XZH344GOac5G4xyydfeoCy0CCUjmqjs8O7LM2wPrscxMgQFiMm7YH9jZ-dZY1TzZiGmcx5FkEshXY6mgGkUDtSFTNSFuETneCRX_53-SISbS6TCqcM4hcx0QaVFmJkGxtOHT9vNokMAoGyzb1nY_pxWhVabKLAn-ggGy6NnlUTkGsSQBEieg01npV4UGQjWHyFZZprrbP5ZFCXYAXXibeXu1sqexTnCaq5D-y0Qo-Ysc4Xhx8TEUpiQVfGicbgUFxn6UpTtYRwAYCPPK2EodczPiKJnVMCUvYNSHTvCDnL7yawh-H-KP48c65m6aV2s-UOu2eAI6bIomqrfXcj0evyU_sQXgYBTBYUOYkGhZcw7smSzotMk3b6X_4m1xGVrLUUvJWPpBfFr2pqfannKRKMV5kRvirNWFzHEwKX0pRcX6ITwQoTuazIOq-0TULRj8y_GGj739QLf3caMIF_xBYdpX5lhBGYRN6XUtx0cRlsCSfreQ3KED85OuUOZHHGtb9lTBz0SumQtqg-cfxBkwOVneFn_i2Su6qtGNQmv563j2b3UiRxNFVOpdtWduDmSJHz7NDLl0hLlpDIhExUOmkZuC7QWh-u_G7fsvw6mxnrXFGLqnCIUyi-dupUeL88E6wZ4w1zZQNsydkPck7dgm0gaclYFKe1MvLww0xHxhiv1gnyjpbyDijW2vy3dVL3Ke0S1vrP7hFaw-oazkrWpruhrrs3lUnhwXqip2MfrRn_Z7V8nzUic_3RTJhS5-k8Bf_-Wq4QKt6Qu2ShHaetguzql-sPWCN07qy-hqxlgGi-5F6iOqesERmMfsMDpALueps1hj5Pinw_GFAlz9ZxxMlprzQh9imqbvxVGkYru2HYbEzg3X0QuKU7XDLlOHm20iW4ZtF1d8eZcYOwZSq8sGd0GZlzOiRiTNBX7BxwHDq62dG0QmREqHik7x7li4x6-PVn_b0IuSIk_4GZazDB-EUPKfTP23vwYuNoHdwHF_t3TBJlIcFjPlvipWls5RNjWyjIQxpcB8H5JeBZPGjd2mSEnfZHbald4OfN5Ww2VBY8WVj3YihrUyRWNXD5bomu92NGWQJY5n-vwS4e4AB1mNHAmku_miCNp3tHPg2mZzYSYD0hOhPDq0V_bz_trVltKwwXyHdFjahMzFYt4ZB653QRJXzgaK-HGSLMl2bNjDUebjMaWZvi77nj7PkMSX0YKvCUQI7_ZkLyKck_XrUd2fcFVbZxNsZa0hHZ9JEkcIyTvNPnp2Sl1Kcqh4_CGZdJJEVt5bN6SbFgjbaXaMZjyCz9OV64vKLZJdol0Qdeuvn5VpMZlqbqeq8gcmdNcu11TWArPxmIFxriaWB7KNeRLh2UzrvWzmQskITeCUlwiAP89R1DWw-rbOHGcYUJABAEyyN5wyVFEXtktyrYNtcvVLPSku7sklgGJ6gbFVEL709KfkkMhU6jChmOX_YcdtEYmkgYXOGfUMoKl8JAw2yHVHZ0tREBemzUUWFlW8lLSSdpa_ELRj6WjZRcuPV_m6r2WAuREEEAbNP-QETyZRlpTrGTFNeAbXr71KPHl_kY1uG88_k1rFbHqayvE_66kgKQYgbkP-OiOgt4Q4iOMLUiQOw1t023fqYbNB2ksvQbAaRGtDUyme84zXPCcDKwetWFDIf8Mfvs6NYzyXaGeJfwqMco1_TQqDWm7ZmSc2BXgot2yGdhXT8bcf92nRgjiHjM79VnFLVNvmazElhIm0JcOvQs5V-nyZgUNt5mO7IBQ4mTwTiY5jvL0-1qdJIc_j7QIuKdJtkvJMR0fm-iw6Gns9jTLdc8t58QRNrAZkYtNBZuIv18NX0XtILnTq3r3YbYlQcoXmbehdPuhEczd&cid=CAQSOwDq26N9BfmP1ZkBad29MnXuRia0vH3wW1xhXXADt9A_jlirU0yF1N0BgJNrWVLLq_3pIqcFmaLtsu5YGAEgEw&rfl=1%2Chttps%253A%252F%252Fmedan.tribunnews.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 14:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
43269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 14:29:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame CD5C 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9FCt4lrrye79HNuhPr8Z-YMsFst7E_kjxGLKfQS4WNsKuM9tQ1HdzzHstHJQeK7ipjxf2eyikm0i3miLBwCWpIc4PSZYUAwOZI7V4rRTeLRqnEOYbT22Hz6MxGz336_bGIP1FiblghftT5TPZDPsG4sAVOVTH4pASrmdnC4kLdtrTiuw&dbm_d=AKAmf-Dkeg0qzdP9U3X4asrQ5dO6-VWp9wyw0M_DLKM6iU-nfhlW1CGzSlIhJheayJ_Nft5-gmQdNpDR0P1oGoZcrt0KQs2GaEXxe5fhYBaqx8hxmfdvMeuTsPK13MXs6eC40AYdO1w1tXpKKdaE8SrFiomNKrVaQzUrLuDchHFqbFixw5uYAk_rMjdSk1LITPmrdN2wBaU5ji_zXDtu1INb8DRq9N2YOGU46ckl_qI9qAGmbV2qYEEOKMx8TXSjWH7J6xuCvY33tmUFkZNVkaNsCTTB9eCJbo1sVdkdcVTM9lDhOJInwG-SaipRHig37SWikTUgzsBm1uFbzVScje-8DVPKPXggIfDDTgvS8Oj-rMp9BttKKTD28Kg4EY5zaYUInvTmz69kMuIlLA2C-gV1SBQQUuekyL60GsT3afXeClQ_xQrtvpnQUf67_3hmqi8JuicUXYR6t40nThfYRIN2qXIEcCFex-WKhXm3MA91GellhuTi7ReSzfOFB-9dEMImMGzbsGtnv6KFtO5TKW6xKodHgvh2Za_3ey9F_WkodaVQo9SwZKsYjCjntl7gvPWqT_0uHI-ZCcqCipQVmlnPZ7-bg51WqFmmAiAIw6_jp52K6TCE2Gk0a5NoPw0nEpQqRpBnt-OZNi6Ma0WbKl8bYM3eLbFHr7zWw_k_2UX9zrm0h0v47HLRO-5_SpfFqBYqljnb5M8VFhWPYXKT2n-jnT4ABmgGkeVZn5FJ11UjcGabfMccCmOazjsEBfdbTf4hVkmH_mt5VU3dSktLnGDnl9xUXnqGnXZNC6EO3GODffI8CyJboYqIHy307rOv1zboJ0ooUrTmHXvQ_uE4BufrNRY7xP3x06-MvDpSbi2ZDqyOPslyS67cyfLuKs0-EV7LUaT8nHX3xlEJkMvfcVJr4i-sln3fz60MOgjtEzQGpGKSeBvq-716uq-wpEVnSjQzUpbo4x8iplbweBjUgqMJWzUoPVB21eIv1K92AqizNne-vt0yGPww-krTMi_q8R_GbP2CzYSfnNllE24tSjZJcAcVzaHMfGuJq7psJdgZP4dovMypvVOQKBPuYyzHgNdz8zzdj1NtTgbXrC-trcfFBc1ynmQmDWIzopuQKOmJOcxeCeguOKaGo5OtbizYhNlPIeXdv2QiP6DmZ3A2YjShlkZDWdUq8j9_HAkMkKdIQJEPCQ2KajLN3jc5aJwmRkYu74KHpwAuv057kWMmhJ1qkqpts8Z3zlIITlBw7yL-gx6oShqG2k1Z9oXgp7If-tLFUuWeQ6IsOCMv92QioLN2RyRgSPRTEEcPBeB3YeZopK4emLHzTIcByAyGOBduy5ZCwAnF9ulyJ_ETz31pLANNJf90BY6A2Txw5j3muyqu7az2UvmEJoEGrLXghOJSZ1-Gua9GOD6nAX3o-GnfOfHWOVhtGB0vfR8_OlRkJgVZdPnzoBZk6D_KwKFt7Gjg0rjvV8Go0WBNlrt71bcI3IIEG-RnmVWI81GlaSgFmXoXfliNbq560EdlnpxxHi5YO9b_q5WaWa66mBHb5fbECjW2jjX5BI7ldvzPciwsAvybSwgUAZDui8myDfG6-XZH344GOac5G4xyydfeoCy0CCUjmqjs8O7LM2wPrscxMgQFiMm7YH9jZ-dZY1TzZiGmcx5FkEshXY6mgGkUDtSFTNSFuETneCRX_53-SISbS6TCqcM4hcx0QaVFmJkGxtOHT9vNokMAoGyzb1nY_pxWhVabKLAn-ggGy6NnlUTkGsSQBEieg01npV4UGQjWHyFZZprrbP5ZFCXYAXXibeXu1sqexTnCaq5D-y0Qo-Ysc4Xhx8TEUpiQVfGicbgUFxn6UpTtYRwAYCPPK2EodczPiKJnVMCUvYNSHTvCDnL7yawh-H-KP48c65m6aV2s-UOu2eAI6bIomqrfXcj0evyU_sQXgYBTBYUOYkGhZcw7smSzotMk3b6X_4m1xGVrLUUvJWPpBfFr2pqfannKRKMV5kRvirNWFzHEwKX0pRcX6ITwQoTuazIOq-0TULRj8y_GGj739QLf3caMIF_xBYdpX5lhBGYRN6XUtx0cRlsCSfreQ3KED85OuUOZHHGtb9lTBz0SumQtqg-cfxBkwOVneFn_i2Su6qtGNQmv563j2b3UiRxNFVOpdtWduDmSJHz7NDLl0hLlpDIhExUOmkZuC7QWh-u_G7fsvw6mxnrXFGLqnCIUyi-dupUeL88E6wZ4w1zZQNsydkPck7dgm0gaclYFKe1MvLww0xHxhiv1gnyjpbyDijW2vy3dVL3Ke0S1vrP7hFaw-oazkrWpruhrrs3lUnhwXqip2MfrRn_Z7V8nzUic_3RTJhS5-k8Bf_-Wq4QKt6Qu2ShHaetguzql-sPWCN07qy-hqxlgGi-5F6iOqesERmMfsMDpALueps1hj5Pinw_GFAlz9ZxxMlprzQh9imqbvxVGkYru2HYbEzg3X0QuKU7XDLlOHm20iW4ZtF1d8eZcYOwZSq8sGd0GZlzOiRiTNBX7BxwHDq62dG0QmREqHik7x7li4x6-PVn_b0IuSIk_4GZazDB-EUPKfTP23vwYuNoHdwHF_t3TBJlIcFjPlvipWls5RNjWyjIQxpcB8H5JeBZPGjd2mSEnfZHbald4OfN5Ww2VBY8WVj3YihrUyRWNXD5bomu92NGWQJY5n-vwS4e4AB1mNHAmku_miCNp3tHPg2mZzYSYD0hOhPDq0V_bz_trVltKwwXyHdFjahMzFYt4ZB653QRJXzgaK-HGSLMl2bNjDUebjMaWZvi77nj7PkMSX0YKvCUQI7_ZkLyKck_XrUd2fcFVbZxNsZa0hHZ9JEkcIyTvNPnp2Sl1Kcqh4_CGZdJJEVt5bN6SbFgjbaXaMZjyCz9OV64vKLZJdol0Qdeuvn5VpMZlqbqeq8gcmdNcu11TWArPxmIFxriaWB7KNeRLh2UzrvWzmQskITeCUlwiAP89R1DWw-rbOHGcYUJABAEyyN5wyVFEXtktyrYNtcvVLPSku7sklgGJ6gbFVEL709KfkkMhU6jChmOX_YcdtEYmkgYXOGfUMoKl8JAw2yHVHZ0tREBemzUUWFlW8lLSSdpa_ELRj6WjZRcuPV_m6r2WAuREEEAbNP-QETyZRlpTrGTFNeAbXr71KPHl_kY1uG88_k1rFbHqayvE_66kgKQYgbkP-OiOgt4Q4iOMLUiQOw1t023fqYbNB2ksvQbAaRGtDUyme84zXPCcDKwetWFDIf8Mfvs6NYzyXaGeJfwqMco1_TQqDWm7ZmSc2BXgot2yGdhXT8bcf92nRgjiHjM79VnFLVNvmazElhIm0JcOvQs5V-nyZgUNt5mO7IBQ4mTwTiY5jvL0-1qdJIc_j7QIuKdJtkvJMR0fm-iw6Gns9jTLdc8t58QRNrAZkYtNBZuIv18NX0XtILnTq3r3YbYlQcoXmbehdPuhEczd&cid=CAQSOwDq26N9BfmP1ZkBad29MnXuRia0vH3wW1xhXXADt9A_jlirU0yF1N0BgJNrWVLLq_3pIqcFmaLtsu5YGAEgEw&rfl=1%2Chttps%253A%252F%252Fmedan.tribunnews.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ebd2e1b961bbef77f1bf08b08af4dad8e349dfdf2bfcf7272d314c49cf23276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 14:29:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
43268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11393
x-xss-protection
0
server
cafe
etag
8974296396314687744
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 14:29:26 GMT
tribunnews.com.1210784.es6.js
jsc.mgid.com/t/r/ Frame F818 		262 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f487063d07e520ce44cc9b4ba266fa8df7559d824a2b45ced0cb0a74726e3f8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
x-amz-version-id
BhIVwDe_byHBS9YcSQkbJo8J1DO0a3ay
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
SQ7K635SNFSMBCTH
age
3190
cf-polished
origSize=268770
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
YuH9xWCtmxmVe5GURfM5s/kZAJOlIDJJZMrzLhsAWvEgZ5NfrPv7FrjrsuG96aRiRQAZDpytcgg=
cf-bgj
minify
last-modified
Thu, 03 Nov 2022 14:22:04 GMT
server
cloudflare
etag
W/"c1c5b178cf85c001237c9422be13578d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
767320926d16886d-LHR
expires
Wed, 09 Nov 2022 05:30:34 GMT
tribunnews.com.1181811.es6.js
jsc.mgid.com/t/r/ Frame 3457 		261 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1583da6c38683eb7abba2c9b2cad109040a6cffa4cabc09bf37735f10c5f8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
x-amz-version-id
gROFq1R2vgNTEHOg_SahIrpNv4tMz_IG
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
2HZNEPX5E47QSCSR
age
3185
cf-polished
origSize=267276
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
gq4diBT5JyzmggQNZ4rF1GGo1SIRi15jgl7svQVHpYZJgqTxsnyhN8EPJ9apNCvqUO6hIyDqmzg=
cf-bgj
minify
last-modified
Thu, 03 Nov 2022 14:20:21 GMT
server
cloudflare
etag
W/"1e5c754fe7635df65b258688a7132177"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
767320926d15886d-LHR
expires
Wed, 09 Nov 2022 05:30:34 GMT
dpixel
cms.quantserve.com/ Frame A118 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGgQGWoPJDZw0SnIZ5Lm47M&google_cver=1&google_push=ASkJ3Fbrcd2jw396uge6FAZwO6IMTvjGfcAtE03DMi_Zi7CB54pA4pkCfb-toN4k-Wx_Km7-S9jakgwNU_-SWPQv62fyDBRjF2hU
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame A118 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFINjayUO2q38APt8_C73E0&google_cver=1&google_push=ASkJ3FaVx8dHaEOO07_QWVHraZpFUlW5AG2j671hQZDSmYIY1OhHfqKvjTQC7hE2Eo2-rOrOYMNnl8Rj7m_mpZStYUoAiJgq6ZGtWw
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame A118
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHP4lzcevReKtR1mwFtIEk0&google_cver=1&google_push=ASkJ3FbZyJYJCTWBw2hcjy25p5uN9sK676YdGNg6QsG3y02ht9pDV6HKcGBrG7um3efqXrOa4SZI_pex-N-Rpdmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbZyJYJCTWBw2hcjy25p5uN9sK676YdGNg6QsG3y02ht9pDV6HKcGBrG7um3efqXrOa4SZI_pex-N-RpdmiuCvCVfi6pq3Gww
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbZyJYJCTWBw2hcjy25p5uN9sK676YdGNg6QsG3y02ht9pDV6HKcGBrG7um3efqXrOa4SZI_pex-N-RpdmiuCvCVfi6pq3Gww
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 09 Nov 2022 02:30:35 GMT
Server
MT3 4629 97bee97 master nrt-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbZyJYJCTWBw2hcjy25p5uN9sK676YdGNg6QsG3y02ht9pDV6HKcGBrG7um3efqXrOa4SZI_pex-N-RpdmiuCvCVfi6pq3Gww
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 09 Nov 2022 02:30:34 GMT
i.match
s.tribalfusion.com/z/ Frame A118
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBm__T32HUoHEdEDVwrX-4s&google_cver=1&google_push=ASkJ3Fa4ZktLOK5-Be2hc2h9nSqInfy6Z0LWHrq8pFDtjtxyN5AFffAWdCAx5dtt2iRJtgG3LPo-YkLur6Uwlt5-NrDGWDUUuFzh&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBm__T32HUoHEdEDVwrX-4s&google_cver=1&google_push=ASkJ3Fa4ZktLOK5-Be2hc2h9nSqInfy6Z0LWHrq8pFDtjtxyN5AFffAWdCAx5dtt2iRJtgG3LPo-YkLur6Uwlt5-NrDGWDUUuFz...
43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBm__T32HUoHEdEDVwrX-4s&google_cver=1&google_push=ASkJ3Fa4ZktLOK5-Be2hc2h9nSqInfy6Z0LWHrq8pFDtjtxyN5AFffAWdCAx5dtt2iRJtgG3LPo-YkLur6Uwlt5-NrDGWDUUuFzh&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa4ZktLOK5-Be2hc2h9nSqInfy6Z0LWHrq8pFDtjtxyN5AFffAWdCAx5dtt2iRJtgG3LPo-YkLur6Uwlt5-NrDGWDUUuFzh%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:35 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
767320943bb4bc01-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
503
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBm__T32HUoHEdEDVwrX-4s&google_cver=1&google_push=ASkJ3Fa4ZktLOK5-Be2hc2h9nSqInfy6Z0LWHrq8pFDtjtxyN5AFffAWdCAx5dtt2iRJtgG3LPo-YkLur6Uwlt5-NrDGWDUUuFzh&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa4ZktLOK5-Be2hc2h9nSqInfy6Z0LWHrq8pFDtjtxyN5AFffAWdCAx5dtt2iRJtgG3LPo-YkLur6Uwlt5-NrDGWDUUuFzh%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76732092d8b3bc01-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A118
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHpJ5VYLUC21823TwCuOSK0&google_cver=1&google_push=ASkJ3FaOslJlq3HQtGt-JOpIWV_lthuTaQs-uKjDM7sieEnr1EEjYbhDkzfnGcFSEpYlsQg2e6LDm_cITSng-k...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzgzODA5MjA0NjM2Njg3NQ%3D%3D&google_push=ASkJ3FaOslJlq3HQtGt-JOpIWV_lthuTaQs-uKjDM7sieEnr1EEjYbhDkzfnGcFSEpYlsQg2e6LDm_cITSng-kcP7u...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzgzODA5MjA0NjM2Njg3NQ%3D%3D&google_push=ASkJ3FaOslJlq3HQtGt-JOpIWV_lthuTaQs-uKjDM7sieEnr1EEjYbhDkzfnGcFSEpYlsQg2e6LDm_cITSng-kcP7u-ks6MMoJ5m
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzgzODA5MjA0NjM2Njg3NQ%3D%3D&google_push=ASkJ3FaOslJlq3HQtGt-JOpIWV_lthuTaQs-uKjDM7sieEnr1EEjYbhDkzfnGcFSEpYlsQg2e6LDm_cITSng-kcP7u-ks6MMoJ5m
Date
Wed, 09 Nov 2022 02:30:34 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A118
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G93s35gtQj62aAceMuw9IA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G93s35gtQj62aAceMuw9IA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZFCLeKmceW1k7ow1RCn6Z2tTvT8SGVHBp3FkU88MSWVaL8v7IXjpowWpD7bXGLbVmIsdhgQ24IKpU8A9oE8Trn-7eycPem
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G93s35gtQj62aAceMuw9IA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZFCLeKmceW1k7ow1RCn6Z2tTvT8SGVHBp3FkU88MSWVaL8v7IXjpowWpD7bXGLbVmIsdhgQ24IKpU8A9oE8Trn-7eycPem
date
Wed, 09 Nov 2022 02:30:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame A118
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEFc9VHd-U2cuFNXdInkgHK0&google_cver=1&google_push=ASkJ3FZt-wtHE2-zW6xOCDChPPBwhiaAnj_lC6w75raJ0Ikb5LJyLzhVwYOkXPU687usmS97zWrSdVBfA0dnuoxeVkw4We...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFc9VHd-U2cuFNXdInkgHK0&google_cver=1&google_push=ASkJ3FZt-wtHE2-zW6xOCDChPPBwhiaAnj_lC6w75raJ0Ikb5LJyLzhVwYOkXPU687usmS97zWrSdVBfA0dnuoxe...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CwlM_HdjQqCbRw-0EJE8WA&google_push=ASkJ3FZt-wtHE2-zW6xOCDChPPBwhiaAnj_lC6w75raJ0Ikb5LJyLzhVwYOkXPU687usmS97zWrSdVBfA0dnuox...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CwlM_HdjQqCbRw-0EJE8WA&google_push=ASkJ3FZt-wtHE2-zW6xOCDChPPBwhiaAnj_lC6w75raJ0Ikb5LJyLzhVwYOkXPU687usmS97zWrSdVBfA0dnuoxeVkw4WeOAZHoX
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CwlM_HdjQqCbRw-0EJE8WA&google_push=ASkJ3FZt-wtHE2-zW6xOCDChPPBwhiaAnj_lC6w75raJ0Ikb5LJyLzhVwYOkXPU687usmS97zWrSdVBfA0dnuoxeVkw4WeOAZHoX
access-control-allow-origin
*
date
Wed, 09 Nov 2022 02:30:34 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame A118 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KWFW0JF77EfjURZDwSP4w5oVqVgqnnD3zCLQPtbE38pttionFWKCLu2OOkI39Ich-vjbY7
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 3EAB 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 19:30:05 GMT
300x600.html
s0.2mdn.net/sadbundle/12373822943082315776/ Frame F3E7 		45 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12373822943082315776/300x600.html?e=69&leftOffset=0&topOffset=0&c=7cJP6PC2DH&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67d5278637eb4214fdd4070adc81381785376c917d4d345d2405d195c3cca93a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:30:34 GMT
expires
Thu, 09 Nov 2023 02:30:34 GMT
last-modified
Wed, 14 Sep 2022 11:45:33 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CD5C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWhYPa6PTVvF31cprm5gd5YVTzZZaopcBDBonjnDexlrskEMumwrYJ1CI3hp-_8yj9W8O_lmC1rXpaZeN_LbpYrowEDwp3nANnkND4fflNxV-nqFh7wNEnJ-DQW42hp2aAlyNyN1FIADGESZc0MM2fTDqElt0w1OQrR-m_9FrVlNZME4NdaYrI5HK-699EUfuoAYmUCa6Na_FOSgFJCSvYFhcKjnb0xMv0rM8V_7eE107X_uOClgsgQQA6qQaHcQxz8ruFKVl5amkIdPhYq2VD6UwKzxABFHvaWjui2Q6bH_hu6T2UgOygHytZafzwY0wG_hg9-UZRcBtPrqPAt5cckOopD_SLs1RVuIKH02cHh7Y2gvxhEQ12XyHQzEc-SzO4tiA9xfQ-46-mvvlLyiapP2YIF44KUsykTFd5zhxCHS5grKHoQGQNfiimgnlg4Dy5lNFnJmWMicwfO00x24CsQkAZIZUKWbr7i7-ggdLeQq4lLAxXq1kkkJIwE3v0rYZvz2zC-Xy2hC73Anw1ilu7tedO-lZaofBSkoAiqi4AmU1-AyuSKGma3mQjpi050NT3Mx_-0JwKAvwA3Tct6JAQQy981XLKlB2zi3WaU-a6_KW7x5feK-rtkbVdp9p9HyMiAxNFjLNHhqsfkw3jTcaK4B5rEJQEa2sU7xwpAMwrg9ba_TbYbMuUBohdHkm-kBNTS2cONUKNDh_qrF9PZLPVC_BYirFtBd-C1DGndXNARxqJLDllZ4sBe84Xilm4FR_vjI3goOFMU_tMfwUD4VZ2-2fwuNH8Xkhr8uSIs7z4iuO-tPJ4pH2arhye-STEQuELzRrug7JrtMWTaUeVKlLqJglJjIAcDGdOO7LI5ysDErGKB7RchQFAoYncb07Z7D8LzWT4OnBhZCvNesgV38naXRYKWP8vCHhSt-RrYKnbFMq3WQ9Rj7rC3PKSBvM4H_GxTmzRBhOzvfuPLs58zGLp88kRzgx3QhxJztuoVBcS1jlTZNc3YZpaG6CKfK6h8h1Dbg_5O-UMYi1gKF9KJC-bVPO5v_e5Q3cxhKRLrNLls3ycrXQvl5VECrzABZ04zFzgMm3b2aB2hgACdAvsboV0SYsyJAj057QaANZsVT3BnwT-nuFmJQNJm2swaiqx0bYO3gWpdGWj11jO37C-RSoDN4vH4BzMM6C_xVCLXk4OLr1K4w48gLJkdfVG_fgr7Rylbnqrd-lAhdpx-T0UZ-MFQVMnwhhEzZNSI-4N-wxhlAd9dYbc&sai=AMfl-YSd5ewNpSXrKymRRYlkV_1dYd0InQ96M8xOf3ko-BHyjLP7Y7vuNPpPhPZvHiGY6wRwcLX5PHBtlXKNwMk75ScNuKyYgepYQzFs8y325U6UL3yCTa4qwwi2DO5mdae-2DHSvZTS_eLY5pnvViESbVJCZ-DQiel-L_-tiVSqpJ5KRkQBafpa5PepHTHl20qBE0O6B9QYWAlGFv-2qEvp_gGhuZ04oB78S9IrPz0b-FaCabZZsrxV0HbAEJSz9dkoNrcJWUq_pvE&sig=Cg0ArKJSzAh41ip-OmjNEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=110&cbvp=1&cstd=105&cisv=r20221101.48686&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 09 Nov 2022 02:30:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 09 Nov 2022 02:30:34 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CD5C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 11:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
399991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 11:24:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F025 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43974
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 14:17:40 GMT
etag
48472445140208031
expires
Wed, 09 Nov 2022 14:17:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CD5C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa49f4e0fd7bef2bc8da656e6df44e8fdaf266c8294d42e9b0420b166eeb98d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
Enabler_01_247.js
s0.2mdn.net/879366/ Frame F3E7 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12373822943082315776/300x600.html?e=69&leftOffset=0&topOffset=0&c=7cJP6PC2DH&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12373822943082315776/300x600.html?e=69&leftOffset=0&topOffset=0&c=7cJP6PC2DH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 11:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 11:10:17 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F3E7 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12373822943082315776/300x600.html?e=69&leftOffset=0&topOffset=0&c=7cJP6PC2DH&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12373822943082315776/300x600.html?e=69&leftOffset=0&topOffset=0&c=7cJP6PC2DH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 02:30:34 GMT
fd662b51-94df-4792-a374-1b2ff442fc78
https://medan.tribunnews.com/ Frame 3457 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://medan.tribunnews.com/fd662b51-94df-4792-a374-1b2ff442fc78
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
a5191625-0544-4a9c-aef4-a89de75279a8
https://medan.tribunnews.com/ Frame 3457 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://medan.tribunnews.com/a5191625-0544-4a9c-aef4-a89de75279a8
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
0e4e8ae3-9a4c-45f0-9189-ab49e53d59c7
https://medan.tribunnews.com/ Frame F818 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://medan.tribunnews.com/0e4e8ae3-9a4c-45f0-9189-ab49e53d59c7
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
469eebbf-1ab5-4221-8add-3962c2e7d7d5
https://medan.tribunnews.com/ Frame F818 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://medan.tribunnews.com/469eebbf-1ab5-4221-8add-3962c2e7d7d5
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FC52 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
399991
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 04 Nov 2022 11:24:03 GMT
expires
Sat, 04 Nov 2023 11:24:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame F025
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECUNI4HgHjWbxHjcnjoloX4&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECUNI4HgHjWbxHjcnjoloX4&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cmFBdjh6VEsxT1NBUms1&google_gid=CAESECUNI4HgHjWbxHjcnjoloX4&google_cver=1&google_push=ASkJ3FYqCQ8dyqY350nALN2kOXJIL0MDSq65CvQO_ipWErm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cmFBdjh6VEsxT1NBUms1&google_gid=CAESECUNI4HgHjWbxHjcnjoloX4&google_cver=1&google_push=ASkJ3FYqCQ8dyqY350nALN2kOXJIL0MDSq65CvQO_ipWErm9UuwQI_UQBFqFnxhoZiJORKTemhQA6V6C8LD7Z0cO76l3B0SBChkj
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Nov 2022 02:30:34 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0cc766d172cabf844@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cmFBdjh6VEsxT1NBUms1&google_gid=CAESECUNI4HgHjWbxHjcnjoloX4&google_cver=1&google_push=ASkJ3FYqCQ8dyqY350nALN2kOXJIL0MDSq65CvQO_ipWErm9UuwQI_UQBFqFnxhoZiJORKTemhQA6V6C8LD7Z0cO76l3B0SBChkj
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F025
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHP4lzcevReKtR1mwFtIEk0&google_cver=1&google_push=ASkJ3FbMTxLULIlx5ddGzF1j_cVkF18FobrDCpWKTwjY0aPvKRIijt5r-TaCeEnb-KIImXbX9twvEYxSf7QLCkfE...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbMTxLULIlx5ddGzF1j_cVkF18FobrDCpWKTwjY0aPvKRIijt5r-TaCeEnb-KIImXbX9twvEYxSf7QLCkfElWT9AbzIx69Z
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbMTxLULIlx5ddGzF1j_cVkF18FobrDCpWKTwjY0aPvKRIijt5r-TaCeEnb-KIImXbX9twvEYxSf7QLCkfElWT9AbzIx69Z
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 09 Nov 2022 02:30:35 GMT
Server
MT3 4629 97bee97 master nrt-pixel-x14 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbMTxLULIlx5ddGzF1j_cVkF18FobrDCpWKTwjY0aPvKRIijt5r-TaCeEnb-KIImXbX9twvEYxSf7QLCkfElWT9AbzIx69Z
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 09 Nov 2022 02:30:34 GMT
pixel
cm.g.doubleclick.net/ Frame F025
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESENP9UF-9dxPi4KB2rEQ_raQ&google_cver=1&google_push=ASkJ3FZZKF7F8d41ttmX_FYzyS1OL6npcFsej_nLlqax9TeobWGP6pi7vxRWcNCvZTbvmq8EcGa3jQMqjYJ-jPURa3Cf8gtesfQI
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=95DCD8124FDA42FFABF253AB7EF435E1&google_push=ASkJ3FZZKF7F8d41ttmX_FYzyS1OL6npcFsej_nLlqax9TeobWGP6pi7vxRWcNCvZTbvmq8EcGa3jQMqjYJ-jPU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=95DCD8124FDA42FFABF253AB7EF435E1&google_push=ASkJ3FZZKF7F8d41ttmX_FYzyS1OL6npcFsej_nLlqax9TeobWGP6pi7vxRWcNCvZTbvmq8EcGa3jQMqjYJ-jPURa3Cf8gtesfQI
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 09 Nov 2022 02:30:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=95DCD8124FDA42FFABF253AB7EF435E1&google_push=ASkJ3FZZKF7F8d41ttmX_FYzyS1OL6npcFsej_nLlqax9TeobWGP6pi7vxRWcNCvZTbvmq8EcGa3jQMqjYJ-jPURa3Cf8gtesfQI
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 08 Nov 2022 02:30:34 GMT
pixel
cm.g.doubleclick.net/ Frame F025
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGdH6a6Jp-fq85HmaZ7tHh4&google_cver=1&google_push=ASkJ3FaGh6o_QAWKbeRAVGTzn5zyD8kxAI1ZZah391Go5lbDvdbzx7jFuhbvSYMKeV_juXLCxAKcAFuY8MCDINIBw7aJ...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGdH6a6Jp-fq85HmaZ7tHh4&google_cver=1&google_push=ASkJ3FaGh6o_QAWKbeRAVGTzn5zyD8kxAI1ZZah391Go5lbDvdbzx7jFuhbvSYMKeV_juXLCxAKcAFuY8MCDIN...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaGh6o_QAWKbeRAVGTzn5zyD8kxAI1ZZah391Go5lbDvdbzx7jFuhbvSYMKeV_juXLCxAKcAFuY8MCDINIBw7aJgwOO5o9v&google_hm=hsxFkWDWR5i5cviUMlfCww==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaGh6o_QAWKbeRAVGTzn5zyD8kxAI1ZZah391Go5lbDvdbzx7jFuhbvSYMKeV_juXLCxAKcAFuY8MCDINIBw7aJgwOO5o9v&google_hm=hsxFkWDWR5i5cviUMlfCww==
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaGh6o_QAWKbeRAVGTzn5zyD8kxAI1ZZah391Go5lbDvdbzx7jFuhbvSYMKeV_juXLCxAKcAFuY8MCDINIBw7aJgwOO5o9v&google_hm=hsxFkWDWR5i5cviUMlfCww==
Date
Wed, 09 Nov 2022 02:30:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame F025
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHyC4pjWyHSr8uEasffT3Rs&google_cver=1&google_push=ASkJ3Fa31Zz2pTD7hjIwSiK0GKORcAqnGqnWp4j8ukYZRG0FbwypxcPYqkf4dwQj-k8CZ7oPasDZzS_R...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHyC4pjWyHSr8uEasffT3Rs&google_cver=1&google_push=ASkJ3Fa31Zz2pTD7hjIwSiK0GKORcAqnGqnWp4j8ukYZRG0FbwypxcPYqkf4dwQj-k8CZ7oPasD...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ0Nzc0MzQwNjg2MDc2ODI5OA&google_push=ASkJ3Fa31Zz2pTD7hjIwSiK0GKORcAqnGqnWp4j8ukYZRG0FbwypxcPYqkf4dwQj-k8CZ7oPasDZzS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ0Nzc0MzQwNjg2MDc2ODI5OA&google_push=ASkJ3Fa31Zz2pTD7hjIwSiK0GKORcAqnGqnWp4j8ukYZRG0FbwypxcPYqkf4dwQj-k8CZ7oPasDZzS_RgxsoxRVx-V8JgiywLRAf
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ0Nzc0MzQwNjg2MDc2ODI5OA&google_push=ASkJ3Fa31Zz2pTD7hjIwSiK0GKORcAqnGqnWp4j8ukYZRG0FbwypxcPYqkf4dwQj-k8CZ7oPasDZzS_RgxsoxRVx-V8JgiywLRAf
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame F025
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPo7bXz-RLIrF5l1sFWCZyk&google_cver=1&google_push=ASkJ3FZf4XxvJOhsg1FpN1LhJ7sk4R-VVGRG6bnBiR_f-BRgrDQxT3DHjwDM1ZXF0j0YudaxUeZIWTICYaH6QF9U...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FZf4XxvJOhsg1FpN1LhJ7sk4R-VVGRG6bnBiR_f-BRgrDQxT3DHjwDM1ZXF0j0YudaxUeZIWTICYaH6QF9U1B4RSgYgx7wj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FZf4XxvJOhsg1FpN1LhJ7sk4R-VVGRG6bnBiR_f-BRgrDQxT3DHjwDM1ZXF0j0YudaxUeZIWTICYaH6QF9U1B4RSgYgx7wj
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 09 Nov 2022 02:30:34 GMT
via
1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FZf4XxvJOhsg1FpN1LhJ7sk4R-VVGRG6bnBiR_f-BRgrDQxT3DHjwDM1ZXF0j0YudaxUeZIWTICYaH6QF9U1B4RSgYgx7wj
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
E586-G8-Ynqc_3aaxRxlVEqbbLrXpuOwSX0FL-0DuEXRlfng0HB-ew==
report
sync.teads.tv/um/ Frame F025
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAIO-CSpefkaiG8YtfHiv2U&google_cver=1&google_p...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FaPZUQ2sYqgMOCE8OnLqqn6BIqfoB405Ufg41Z2dD0INp3THV5aSDAU_IW2xrEj0_kA5UtzHnMYOCyyEeKrhh8AM1_eKpg
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Wed, 09 Nov 2022 02:30:34 GMT
pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F025 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-D-2K87SS8xJRugl_pJDDvSIkTWBS60tuiZsBofgb3JxtF2Nlp8wkCnFQV4qAbbKKAuWv2g
Requested by
Host: d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
URL: https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame CD5C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWhYPa6PTVvF31cprm5gd5YVTzZZaopcBDBonjnDexlrskEMumwrYJ1CI3hp-_8yj9W8O_lmC1rXpaZeN_LbpYrowEDwp3nANnkND4fflNxV-nqFh7wNEnJ-DQW42hp2aAlyNyN1FIADGESZc0MM2fTDqElt0w1OQrR-m_9FrVlNZME4NdaYrI5HK-699EUfuoAYmUCa6Na_FOSgFJCSvYFhcKjnb0xMv0rM8V_7eE107X_uOClgsgQQA6qQaHcQxz8ruFKVl5amkIdPhYq2VD6UwKzxABFHvaWjui2Q6bH_hu6T2UgOygHytZafzwY0wG_hg9-UZRcBtPrqPAt5cckOopD_SLs1RVuIKH02cHh7Y2gvxhEQ12XyHQzEc-SzO4tiA9xfQ-46-mvvlLyiapP2YIF44KUsykTFd5zhxCHS5grKHoQGQNfiimgnlg4Dy5lNFnJmWMicwfO00x24CsQkAZIZUKWbr7i7-ggdLeQq4lLAxXq1kkkJIwE3v0rYZvz2zC-Xy2hC73Anw1ilu7tedO-lZaofBSkoAiqi4AmU1-AyuSKGma3mQjpi050NT3Mx_-0JwKAvwA3Tct6JAQQy981XLKlB2zi3WaU-a6_KW7x5feK-rtkbVdp9p9HyMiAxNFjLNHhqsfkw3jTcaK4B5rEJQEa2sU7xwpAMwrg9ba_TbYbMuUBohdHkm-kBNTS2cONUKNDh_qrF9PZLPVC_BYirFtBd-C1DGndXNARxqJLDllZ4sBe84Xilm4FR_vjI3goOFMU_tMfwUD4VZ2-2fwuNH8Xkhr8uSIs7z4iuO-tPJ4pH2arhye-STEQuELzRrug7JrtMWTaUeVKlLqJglJjIAcDGdOO7LI5ysDErGKB7RchQFAoYncb07Z7D8LzWT4OnBhZCvNesgV38naXRYKWP8vCHhSt-RrYKnbFMq3WQ9Rj7rC3PKSBvM4H_GxTmzRBhOzvfuPLs58zGLp88kRzgx3QhxJztuoVBcS1jlTZNc3YZpaG6CKfK6h8h1Dbg_5O-UMYi1gKF9KJC-bVPO5v_e5Q3cxhKRLrNLls3ycrXQvl5VECrzABZ04zFzgMm3b2aB2hgACdAvsboV0SYsyJAj057QaANZsVT3BnwT-nuFmJQNJm2swaiqx0bYO3gWpdGWj11jO37C-RSoDN4vH4BzMM6C_xVCLXk4OLr1K4w48gLJkdfVG_fgr7Rylbnqrd-lAhdpx-T0UZ-MFQVMnwhhEzZNSI-4N-wxhlAd9dYbc&sai=AMfl-YSd5ewNpSXrKymRRYlkV_1dYd0InQ96M8xOf3ko-BHyjLP7Y7vuNPpPhPZvHiGY6wRwcLX5PHBtlXKNwMk75ScNuKyYgepYQzFs8y325U6UL3yCTa4qwwi2DO5mdae-2DHSvZTS_eLY5pnvViESbVJCZ-DQiel-L_-tiVSqpJ5KRkQBafpa5PepHTHl20qBE0O6B9QYWAlGFv-2qEvp_gGhuZ04oB78S9IrPz0b-FaCabZZsrxV0HbAEJSz9dkoNrcJWUq_pvE&sig=Cg0ArKJSzAh41ip-OmjNEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=261&vt=11&dtpt=151&dett=3&cstd=105&cisv=r20221101.48686&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 09 Nov 2022 02:30:34 GMT
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame FC52 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 19:30:05 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame F3E7 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12373822943082315776/300x600.html?e=69&leftOffset=0&topOffset=0&c=7cJP6PC2DH&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:16:22 GMT
x-content-type-options
nosniff
age
852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 02:31:22 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame F3E7 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12373822943082315776/300x600.html?e=69&leftOffset=0&topOffset=0&c=7cJP6PC2DH&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:19:57 GMT
x-content-type-options
nosniff
age
637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 02:34:57 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F3E7 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f57691f6fa510a20ee12a857ca7996567a4a8fd8b09dbdb5de6113c4f93df2da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5730
x-xss-protection
0
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F3E7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12373822943082315776/300x600.html?e=69&leftOffset=0&topOffset=0&c=7cJP6PC2DH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 08:08:22 GMT
x-content-type-options
nosniff
age
66132
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 08:08:22 GMT
60005582_20221103244538648_Zflip4_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F3E7 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221103244538648_Zflip4_ASSET.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1605916fcbb5139605bc161e79a01aa9471dadecdbb966e909bc04e2973b4277
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12373822943082315776/300x600.html?e=69&leftOffset=0&topOffset=0&c=7cJP6PC2DH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 10:18:52 GMT
x-content-type-options
nosniff
age
58302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37359
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 07:45:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 10:18:52 GMT
60005582_20221103023138988_300x600_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F3E7 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221103023138988_300x600_LOOK-01.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
466f49c59589dd9698eb16da5c91c72cbcf6972531e6c2444556fbb98005f9bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12373822943082315776/300x600.html?e=69&leftOffset=0&topOffset=0&c=7cJP6PC2DH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:37:36 GMT
x-content-type-options
nosniff
age
31978
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59788
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:31:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 17:37:36 GMT
60005582_20220825085151068_300x600_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F3E7 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085151068_300x600_BG.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c384e161dd9d69bfc6e872774aadc81b3bd7534a97c5541d20a83c120704dbec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12373822943082315776/300x600.html?e=69&leftOffset=0&topOffset=0&c=7cJP6PC2DH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 22:08:14 GMT
x-content-type-options
nosniff
age
15740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62713
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:51:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 22:08:14 GMT
postview.gif
portal.o2online.de/nws/img/ Frame F3E7 		43 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=26952494_4307561_351023104_145353403_PO1204A20221103&ref=26952494_4307561_351023104_145353403_PO1204A20221103
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 , Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Wed, 09 Nov 2022 02:30:34 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
43
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame F3E7 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12373822943082315776/300x600.html?e=69&leftOffset=0&topOffset=0&c=7cJP6PC2DH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:22:05 GMT
x-content-type-options
nosniff
age
509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 02:37:05 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: t-3.tstatic.net
URL: https://t-3.tstatic.net/ads/prebid/prebid6.29.1-19082022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Nov 2022 02:30:34 GMT
events.php
log.r2b2.io/ 		9 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.r2b2.io/events.php?u=https%3A%2F%2Fmedan.tribunnews.com%2F&hbDomain=tribunnews.com
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/tribunnews.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
webgarden-track-lb-ha.vshosting.cz
Software
nginx /
Resource Hash
7013a0133669ab97049ad316e354d064d0fb31bd0efcf5e9b10d9608c3f5bce7

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:26 GMT
content-encoding
gzip
last-modified
Wed, 09 Nov 2022 02:30:34 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
expires
Tue, 01 Jan 2000 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F3E7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 02:30:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EAB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBWK_yRBrY6T4NLW89u8P-YejyAUAAAAAOAHgBAI&bg=!8_Cl8LTNAAZPh4lnb4c7ACkAdvg8WuG0Poy-PoGepIyxtoDPy7MmNY3_wMpgkzCdzGxtMXsOnUvIcAIAAACxUgAAAAJoAQeZAvVA2KDJMbDBUf88yQln1ujvggjTpHK8EAiwr2dZ95lJv1D_gfj_un-GUUiUnBvSJxdMjd15iMBNAaRqi69MUdbF49m_Sl2PvAOU07pOiyaO0K7oFoEf7IDeTVIVSQAufIu-TBbojxfhpOhVz8uP3luSFERDd2Wu4N6cxhgRj6yfOrnwhCOIU_YFvF2vMYR59oXjGWCKX86m6KINL9ZgEBmM3PffKqcOMUhIxpuGrTzCZHvb8LI6n9r3Fv2P30laTx-CtYjFf_tU0ZwQr7raso4mayNN2ExftBBxTbNk1-qopALBYzZ7BY4GP2hsGhaZmn0nrQymnz10UF5WwiYAwmkuBKINzZzSjQ2p_HAljnwcRV9uPq5aL3ab8JUX5ZoN3p_J49z_z3suc7gM0KY6GLiZjuW-fIVyezpesQ_YvaQ-GbHsMUDQitU_k79YWE4ln-fBQQJDjeOXLsNvZUGXN440LzST7Iig5sJk2KSvQaGq1wCZxdRoPP5Mi726CkKvOQ7UKYQbjHbj3QcEZVWnq_a7bfqPURlNqBkFsWpJ3Hjv1haGc27cwQN3LZmFBJm2PF5xHlyRwUpd4vAB3xML2NhJzhpxmX6uueEyck2JZyVQoYlHoR58vlsfcHJIbu2-yQ2vOfXEhCDGhH8BMmvJ9rVM7ie1yWRorp1EHpYLDBJ6RE7zwLY3RVLxj_wh2HOqsWyQF2zQ8I9HePDMUK0O-DMgYKOYXh5Cjm2CXxumCHh2UYOcwOGK3ES67PGZ6mn3twFHgxu2pHfbiGA0wmBD3Ht3Fsc3n3CcfiezHc0FrTnTtBmaAnKm8AXEvhG-MligBQ7TswSonQx970YgjDRRCy1T48sfZSi07_YUtZVCMeGSlmQuPjp7jpYVxFx-uKcWIo9jCz2MU7hmdHzF3e7HtFU5zRiegZFnUnYuczN1Jvz6VCzLKzoa2erXr_gA4aeD4VFysurJSDHsyiGEkzvl8MftUCGg8TI-knSbUWM2hFDnL06nLMxp
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Nov 2022 02:30:34 GMT
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame A7AD 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 19:30:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FC52 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6PXNyhBrY76vG5uT9u8PmLCAmAoAAAAAOAHgBAI&bg=!CwilCEzNAAZPh4lnb4c7ACkAdvg8WlzAo96X6HbSFPGbz7MERDxMDERiyyKOG3rxxVqnhYppv0wLFwIAAACqUgAAAAJoAQeZAuyVzcuRR1l16aQ729b3660PtLO2E4PU1qHgi7IIV0b2PdZ7V4RT2z6TazKQvWQTZY_v6KN3ORKKRZnO-ZGMCVfrvsob-c5uMeiJgDs7TOQmUeeeVnFiTcNON2IvBEark0-EURl4lf-55QQKtAKrwlVTl4Xe2U1RIZfXF-ah5ymZ2CVBPzSKHT6m2nwF7sip7hxPImWCbUtuxeeuX3HzbDDOwhknJD7EjcZK_pjZg79GWX5ePVQa_Svne_XQ-I50tTJoivG-Nl2SvT9FpTZEMQJpDg8RUS-VmtZiuYu_UwZ9cRHCmpIP_hDPS5vhbYNxbbn2XOKFm8Rknns6YsKkG3fRduQKuLlqL3lZC15vH985U3e3dTL2ddiVzLhG9fjrmWdwqXjMnSddMPrypVNLCud2jx3i6KTQalmaXGw3lY62QCM5o8T7jyIyhvEUBfd6GT6aHz4GSDrCE7q8FBChDRdZldhj0BQ72q56hAdFNirIOSD977O967blyNzIfNPjX04I0Iju2FNKJl310dTsVKzO4_MydTKdv8D2HYJJof5gaE-2BBzVdJT0bK_o_4kMgx8wymRz0lmajwvs-OM_lWh7ymZlwl4yvGN9Y7lhwtM5ByDMxNPOCmVbyZsxhgRR9jDEwS5NuK_JZp9SJztq_8RUYpsBJMszQfq3r4HzbPnUFwMjpqi0IvTNGSROTUyxIRnyi_sZ7AGoH04_PY0Yc9eG4PJmVr1UgLVg55qxpHuAFsr_YY2xF03gid23gQx19v7Oo2D0sZ3gOFKzKI8DUByQRzYjUovvE3AMoXa3bR96Xb6-Cj6tgL-lai0oX_ksfQ3w5hFJ23N5sMSSW8YzdW3BxZ1LCfexLTQrhZsieRMZJheH3ZN-buMc8my5BJb5Kz76ZwcvsYe1Orni0c8PyDFRjAL46By5Mo5a_cGcXZ3AhBtq-5UYaccGuSbUlltOydYqssvRSdehdJjw8xw11DJ6GuseqKh2WwHt6owK
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 3457 		3 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Nov 2022 02:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 00:57:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Nov 2022 02:30:35 GMT
css
fonts.googleapis.com/ Frame F818 		3 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Nov 2022 02:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 00:54:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Nov 2022 02:30:35 GMT
/
c.mgid.com/pv/ Frame 3457 		0
66 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1667961035145780923058&uniqId=0fc67&lct=1667433600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fmedan.tribunnews.com%2F&lu=https%3A%2F%2Fmedan.tribunnews.com%2F&sessionId=636b10cb-04690&pageView=1&pvid=1845a39998986273822&site=535833&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76732095cb167457-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
a475be0e-a397-4671-8dea-f2ce8b8a0f35
https://medan.tribunnews.com/ Frame 3457 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://medan.tribunnews.com/a475be0e-a397-4671-8dea-f2ce8b8a0f35
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
413f7078-daa9-462a-94d5-abf6d899e63b
https://medan.tribunnews.com/ Frame F818 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://medan.tribunnews.com/413f7078-daa9-462a-94d5-abf6d899e63b
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 3457 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQZ016TJQM3CQAQ
age
3940
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
767320969b997457-LHR
expires
Thu, 10 Nov 2022 02:30:35 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 3457 		836 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQP2P0ZGAY0CMXJ
age
4400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
767320969b9a7457-LHR
expires
Thu, 10 Nov 2022 02:30:35 GMT
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame F818 		2 KB
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQZ016TJQM3CQAQ
age
3940
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
767320969b9f7457-LHR
expires
Thu, 10 Nov 2022 02:30:35 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame F818 		836 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQP2P0ZGAY0CMXJ
age
4400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
767320969ba07457-LHR
expires
Thu, 10 Nov 2022 02:30:35 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame F818 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 18:52:55 GMT
x-content-type-options
nosniff
age
113860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 18:52:55 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 3457 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 18:52:55 GMT
x-content-type-options
nosniff
age
113860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 18:52:55 GMT
1
servicer.mgid.com/1181811/ Frame 3457 		1 KB
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1181811/1?pv=5&cbuster=1667961035335412266932&uniqId=0fc67&lct=1667433600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=300&h=92&maxw_1=300&maxh_1=72&cols=1&ref=&cxurl=https%3A%2F%2Fmedan.tribunnews.com%2F&lu=https%3A%2F%2Fmedan.tribunnews.com%2F&sessionId=636b10cb-04690&pageView=1&pvid=1845a39998986273822&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b13f5abe11e2778cabe8761f98b0b11bec36dfb2bf9941b46de730bb5970c547

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
76732096fbd77457-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1210784/ Frame F818 		1 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1210784/1?mp4=1&ap=1&w=300&h=92&maxw_1=300&maxh_1=72&cols=1&pv=5&cbuster=1667961035339277467377&uniqId=07b74&lct=1667433600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fmedan.tribunnews.com%2F&lu=https%3A%2F%2Fmedan.tribunnews.com%2F&sessionId=636b10cb-04690&pageView=0&pvid=1845a39998986273822&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
489a65094cfcb77885a7064e62f1094ed98da4d3d2e0a1e749a524649197150d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
76732096fbd87457-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
isdeleted
apis.kompas.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/isdeleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-49.ams1.r.cloudfront.net
Software
nginx / PHP/7.3.28
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://medan.tribunnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
access-control-allow-methods
POST
access-control-allow-origin
https://medan.tribunnews.com
access-control-max-age
0
cache-control
no-cache, private
date
Wed, 09 Nov 2022 02:30:35 GMT
mail-subject
Join_via_header
server
nginx
vary
Origin
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
we-hiring
jobs@kompas.com
x-amz-cf-id
y2lB8V9ZoIRco0cVPPzuDtLVwk-qF4nFJfc8nX5fUZfAOLZ0R2XfWA==
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-powered-by
PHP/7.3.28
x-xss-protection
1; mode=block
isdeleted
apis.kompas.com/api/ 		183 B
977 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/isdeleted
Requested by
Host: t-1.tstatic.net
URL: https://t-1.tstatic.net/js/kgmedia/tribunnews/ssouser.min-1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-49.ams1.r.cloudfront.net
Software
nginx / PHP/7.3.28
Resource Hash
e9f38a034a7e5f0ebf6fa2c3b0ba3160034db7045d540d792e84808406e863cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medan.tribunnews.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Nov 2022 02:30:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
x-powered-by
PHP/7.3.28
x-cache
Miss from cloudfront
mail-subject
Join_via_header
we-hiring
jobs@kompas.com
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://medan.tribunnews.com
cache-control
private, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
c2yAstU1g28miJbkKsZWdNxDXsrkZAN5tUsk6MLqN4HgWP52sYVJhg==
expires
-1
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7f15532e060290117ed55883af2d19ef56d2d5492462226e60d5f1269e261aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11168
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 8D3B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=medan.tribunnews.com
Requested by
Host: medan.tribunnews.com
URL: https://medan.tribunnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:30:34 GMT
server
Kestrel
server-processing-duration-in-ticks
812283
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=657538641912-e5c2itnmne4v4ple558a79fi6kkb3iau.apps.googleusercontent.com&as=8x1qygElP31sBJavmWAPNQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a2e8dae2878029dcb5f4fd4321a054752265a2a9d307c21fb866701fc7471bf0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-cIONRSMqe6kgVXWkWwPYdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-cIONRSMqe6kgVXWkWwPYdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame F818 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQZ016TJQM3CQAQ
age
3668
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
767320973a7d886d-LHR
expires
Thu, 10 Nov 2022 02:30:35 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame F818 		836 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQP2P0ZGAY0CMXJ
age
3371
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
767320973a80886d-LHR
expires
Thu, 10 Nov 2022 02:30:35 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEyNTMwOC8zYTI4Y2ZkZTI3N2M4N2UxY...
s-img.mgid.com/g/12350568/492x328/-/ Frame F818 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12350568/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEyNTMwOC8zYTI4Y2ZkZTI3N2M4N2UxYjgzYTEwZTFhYmFmZjY2Zi5wbmc.webp?v=1667961035-MTavxGI-oU4x53BfQrjP3TOy_jZ0KFZSHyVJqd_ouJk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd12cec30eae0522b933497982b5c6bd19a3943226f95cc052bc789c142717d0

Request headers

Referer
https://medan.tribunnews.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
cf-cache-status
HIT
last-modified
Wed, 09 Mar 2022 14:59:46 GMT
x-mg-request-uuid
5a611c2f-95ab-47f2-8238-fafd42ba4504
server
cloudflare
age
3412
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
767320978c417702-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17828
i.js
cm.mgid.com/ Frame F818 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=166796103539776147712
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
767320975c067457-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 02:30:35 GMT
i-noref.js
cm.mgid.com/ Frame DB1D 		0
101 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1667961035404915753317
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
767320975c057457-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
id5-api.js
eu-1-id5-sync.com/api/1.0/ Frame F818 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu-1-id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1210784.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb236fcc5543495fb7a2d1c52452d18ce7d6c4d066ea780ab4a238da5411093
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3425
x-amz-request-id
KV5DN5WRPRBCKGJ4
x-amz-server-side-encryption
AES256
x-amz-id-2
LABXru1MTwEiKKFSxsHUSLKRnijIA3ozgfebf3IZxhrWtem90qO0c0tMW6cSwJ1QGUj4Yxy/GM8=
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
etag
W/"68154020ef14b5881614607902c7c21b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pr7Zp2Oa2y%2Fn5GBx8lGyWWrjXvVBvWS2DNO3IWd%2BTMBKIGVnXuSPyV%2BfHPN5zxd1%2BZKr%2Fxz2rs8VD8irVEqmyOl5Ibftgwx%2FOkEp701ooDjmDNCbDsgyU8ScfR1H%2BRnfayhSV%2FnWFvYmbScXfm9F"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=14400
cf-ray
767320978d708ff4-FRA
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 3457 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQZ016TJQM3CQAQ
age
3668
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
767320976ab3886d-LHR
expires
Thu, 10 Nov 2022 02:30:35 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 3457 		836 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQP2P0ZGAY0CMXJ
age
3371
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
767320976ab6886d-LHR
expires
Thu, 10 Nov 2022 02:30:35 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zMDAseV8yODEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTEvM...
s-img.mgid.com/g/14509871/492x328/-/ Frame 3457 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14509871/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zMDAseV8yODEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTEvMjk1NTUzLzI4YWZhZGIwYTJiNzY5YzAzYTQ0YmNkMDUyNTU3NWJkLnBuZw.webp?v=1667961035-VD26j9HoSL12IKMDK2an0V5Q8BR4Xfmo-J5RYRv1KtI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf0ab4af85989d5c939df8969154526fac9311b4cfeb2a40f7fbd3df19255b1e

Request headers

Referer
https://medan.tribunnews.com/
Origin
https://medan.tribunnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 07:24:21 GMT
x-mg-request-uuid
124cd802-30f4-4dd1-8cdd-e6912492f34b
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
767320978c437702-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29110
i.js
cm.mgid.com/ Frame 3457 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1667961035415734763844
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
767320976c117457-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame 358D 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1667961035429501182394
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
767320977c187457-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
id5-api.js
eu-1-id5-sync.com/api/1.0/ Frame 3457 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu-1-id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribunnews.com.1181811.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb236fcc5543495fb7a2d1c52452d18ce7d6c4d066ea780ab4a238da5411093
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3425
x-amz-request-id
KV5DN5WRPRBCKGJ4
x-amz-server-side-encryption
AES256
x-amz-id-2
LABXru1MTwEiKKFSxsHUSLKRnijIA3ozgfebf3IZxhrWtem90qO0c0tMW6cSwJ1QGUj4Yxy/GM8=
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
etag
W/"68154020ef14b5881614607902c7c21b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUR7k99oWgJ4fetP5h6tg8ytWoWxLTpZ%2F0O0UaGZqIP%2BT3p2rg0iYuPaQ20JHbVOn62o5OJib3yvNM%2FYZxKHDdIwP%2B2ns66JZTNPt7uJBkSo9yrZeaUjpiZNm3Qg9e199BRg7XwdQjyhiKjxc9tk"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=14400
cf-ray
767320978d718ff4-FRA
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B249 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25007
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 19:33:48 GMT
expires
Wed, 08 Nov 2023 19:33:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B13C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9ea0039563b91741674f3c2fe04e78429644819c7620abf6daca7f912b7e2352
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7AtHC6D9EavpzLrQMEelEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medan.tribunnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-7AtHC6D9EavpzLrQMEelEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 02:30:35 GMT
expires
Wed, 09 Nov 2022 02:30:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sid
mug.criteo.com/ Frame 8D3B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=tribunnews.com&sn=ChromeSyncframe&so=0&topUrl=medan.tribunnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=ma6nHnxPTE1yMHVvZ1JmZFhpdkdhckhrcmhyMzhCTmExN3ZhaWp1MDgwb0F1N2pPWU5PR3ovQVEvMlcvc2hPcHRGekEvbE5lZS8wYXdKZTV2NktPMFVaQytYMnpwejF4WjhwOGs2VTJaZUFyaWZEY2lQWjM1L2FXOFlHdT...
428 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ma6nHnxPTE1yMHVvZ1JmZFhpdkdhckhrcmhyMzhCTmExN3ZhaWp1MDgwb0F1N2pPWU5PR3ovQVEvMlcvc2hPcHRGekEvbE5lZS8wYXdKZTV2NktPMFVaQytYMnpwejF4WjhwOGs2VTJaZUFyaWZEY2lQWjM1L2FXOFlHdTI1WmxDSFNvZVkxUmpBUjBzeUh4aWdXaDU5cEpVSDgzRGtKTVhHUU5ETEpDMUZubWEvUVN5akpmY1JFWlNKOVZ2Rm91UkE3NGNOUFFDbGpqeHNiQlhaSXNtMUJKZUlWYkFDUG13T2lpdWlsQ2xqN2RIVVp4a2xrMDJkNVNYeXMrOFZlcHdUYnZkVDNXa0UxWGV2MWpFVmRjRVBoeHd1Zz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8ba485cd5ade91d131f5bc6b41937375e8c7105fac0d8a8d8be365cc7e4a9176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2216544
expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=ma6nHnxPTE1yMHVvZ1JmZFhpdkdhckhrcmhyMzhCTmExN3ZhaWp1MDgwb0F1N2pPWU5PR3ovQVEvMlcvc2hPcHRGekEvbE5lZS8wYXdKZTV2NktPMFVaQytYMnpwejF4WjhwOGs2VTJaZUFyaWZEY2lQWjM1L2FXOFlHdTI1WmxDSFNvZVkxUmpBUjBzeUh4aWdXaDU5cEpVSDgzRGtKTVhHUU5ETEpDMUZubWEvUVN5akpmY1JFWlNKOVZ2Rm91UkE3NGNOUFFDbGpqeHNiQlhaSXNtMUJKZUlWYkFDUG13T2lpdWlsQ2xqN2RIVVp4a2xrMDJkNVNYeXMrOFZlcHdUYnZkVDNXa0UxWGV2MWpFVmRjRVBoeHd1Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
699396
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B13C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110301&jk=1683082886568733&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame B249 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 19:30:05 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame F818 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
c6b4a1908938a2275fd96f67585e925bd5dc372e910254eead0283ebece17b19
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 09 Nov 2022 02:30:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ Frame F818 		34 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
fb7cba05134b2a9be193832c1173da1ce579aeeee8265d33dbb8596e256d8eaf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 9 Nov 2022 02:30:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
34
vary
Origin
content-type
application/json
v1
lb.eu-1-id5-sync.com/lb/ Frame 3457 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
baca99faa72930ca2e335ba8b3d073d0f87e48d5e98e841ab02112261103a939
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 09 Nov 2022 02:30:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ Frame 3457 		34 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
4778250839f5f7c311698de67b8e44eb8f098b1e181f7dd6fad59c02cf4b5a47
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 9 Nov 2022 02:30:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
34
vary
Origin
content-type
application/json
rid
match.adsrvr.org/track/ 		63 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
6f92a1f9afc8c5c6acec86dfa0e74f4b4df9ca22ec26e06467e8c37fe7514663

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medan.tribunnews.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 09 Dec 2022 02:30:35 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F38C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueSLQ3iNwc-6Ipid99pl0G0lsSspARnxBgzt2noHBNxp3aCUXflHwAn-sftAlL5_TRIrA_mDlmTJkSZSsPhZMZwyyTE8utb5o_TC6IuS3Rk3YMpAJthDpoP6RbLeh-RKd1Z6tdgQ&sai=AMfl-YQP7gfA6SWnppmLG8Ze3MvWz3OCU1SDqPXCLSkGLPQKpwNT3AF5iuN6M72t5AIxc-KLNVId3tYCQ7Jx5TnPGzLkNy3eRhKtFTor9UtVFFVtApOhWXaCxDAwU60BIQ&sig=Cg0ArKJSzE-MIG6DOOROEAE&cid=CAQSOwDq26N9BfmP1ZkBad29MnXuRia0vH3wW1xhXXADt9A_jlirU0yF1N0BgJNrWVLLq_3pIqcFmaLtsu5YGAEgEw&id=lidar2&mcvt=1006&p=537,225,1137,385&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20221107&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1365649329&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667961034298&rpt=276&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C539 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoVxyiAiV_r19UpKqjaf_2y_PTCmcg6nYMKNIvat2CNs82orO23wgfqbCmUdTDACPoPREGvAMQjEcegbou-mdYbEfui2Un4SZHFDsfZyUWDQPN8JKnuOzcGTaBgOv7hzi8XAXW5w&sai=AMfl-YTraL5EGg0qmC0-w8WMr8SM7ejJcePMt7_5MHmvkxK0N8tYS61R1ckwMQLDCCGrbazXdxKLLUsiWwF8-69VU5bUcFNt40Pl39rTe4qNEOej55p-0Zskkat_vswRmw&sig=Cg0ArKJSzKbyG3XD4rpXEAE&cid=CAQSOwDq26N9BfmP1ZkBad29MnXuRia0vH3wW1xhXXADt9A_jlirU0yF1N0BgJNrWVLLq_3pIqcFmaLtsu5YGAEgEw&id=ampim&o=315,100&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=331&tls=1332&g=100&h=100&tt=1332&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame B249 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yhBHMw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
newidgen
traid.jixie.io/api/ 		115 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/api/newidgen
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
ce62b8154d9dc96f234279eee59c90d6143c3a51ea1a8cde4d85070394735a40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Wed, 09 Nov 2022 02:30:36 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
W/"73-r/rnXyEzmpPjTKrq+U3mOU8MmHs"
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
activeview
pagead2.googlesyndication.com/pcs/ Frame CD5C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ5iyNwrsBp63vDJAhJ-BIjCzYVyJR6cW1MYakZ1Rjmi-39CYgaNyJbkbE-bJwVdmjv_gGmakUPAmyhOYGUSUAf1cj2oMHRwe_NrHVFHwlXIcVwNjERJkiPZzGkFW_VZ9AcHMoPw&sai=AMfl-YR4EpyQkkgJcB7lUr7JwfA-O72izFqyblLDtCx1mcAAj1ghpKmaEL8WFQuZid1hNVBvePATC8S_a8C87vaLmKx7FOCiRwNPIPSJ5Wm6m7a2NiTfYAMmIDhPRX4pXA&sig=Cg0ArKJSzJ2y-eRG6qRUEAE&cid=CAQSOwDq26N9BfmP1ZkBad29MnXuRia0vH3wW1xhXXADt9A_jlirU0yF1N0BgJNrWVLLq_3pIqcFmaLtsu5YGAEgEw&id=lidar2&mcvt=1000&p=537,1075,1137,1375&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221107&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=645028135&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667961034311&rpt=414&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
231.json
id5-sync.com/g/v2/ Frame F818 		216 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
9acc0507c5d32ff926b0838bf4345599b8686ec3ca4b4dc0e75d766610404700
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 09 Nov 2022 02:30:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
231.json
id5-sync.com/g/v2/ Frame 3457 		216 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
aaa4e24f0c5c61766872dc86ce5d94977e7a13764d001633c60c9f8c8e907b66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://medan.tribunnews.com
date
Wed, 09 Nov 2022 02:30:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110301&jk=1683082886568733&bg=!o6CloOTNAAZPh4lnb4c7ACkAdvg8Wi49F3ZHyhEL5UBQOAPDUGMl6rgDdpx4_YYOiB7WiwjJIQ1jbQIAAABnUgAAAAJoAQeZApxfVQUTZl44xXaWOiOx35ChOSecmZj47NYtjEtHYo2OHZwIFlmdxDvjAR9imvxtzLON7txzJnsZaNJjDHW70kKZJ4k2ESuv-OMUxT7jSL_HiUkuJuTy3eZjSRo2MheSsBUGpnQ5fG9-14U14uIFIM6gVkGnxejwesn4fmD1IM9BIJEyqEiqILYcXFMyCblGrDp82tiuqBfypEVZ4EWzS8a4NUbrh0i0SuKNALa17yykmX8Pp_yajErXj5F1f7OV4ay5lp3vcPLhftcCClNfoSASgRosOFlSQKPYnVfih8kAooh_gKnrbVGHF7VmD9IPnUrf8fagj3XnXdWM0LXmlnST0IICbOGwRfkxGmU2lH0Yr606haXQB3ZMMuD6whZGY6LWHYT98hbUaTOnwkX2LP5LDy2NpGjDKMb3etgGwixsu3u1H5kRAa6FUAVp2VULo28GYy-CHrfjEvLOWGQxjN0qBqOqI_7LoAFcPWLAZ_fNh_2ml-A6Nh8w3tnki5MpxXNCIpv0n97pTmHPS1zkvJgzWdiLywJT51SGmzHLAxpt6_qdoVI2Useu1fna0sRpJ2t8EDaC09-j51TdKrsj-97TJmcjUkETE7ZkCp3Tfi7Zku1RNwC3x2FpAAtdn6ZhRWJYMJ3CQNSXNRP5eMe84agiZAuIfZHsZY4b5Y-CU0E1AK_GrEvzXFa0iijH5lAYg7Fw4GYqUYTD52wJ000pMsK8bPxHI19-PVhOdn9VKl8OGGivd7sPTlzQQ1ruKBSqosXaTGxI5mBCjXoJbaAfp3qEu51yVpKi3ZmqMLmeFlOhE6SvAIsD-q6GypXylkExilm3bGXtBq5_X0CwAepnjvyoAs8OKvdy6D_U9foln-B2kH0jLoRD8B67o8bCJw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
prod
traid.jixie.io/sync/ 		181 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
a6b13e62d2bae1d315d6bfd7d20c4354877e301a6a3c5d136e005feeb5b58f2e

Request headers

Referer
https://medan.tribunnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Wed, 09 Nov 2022 02:30:37 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
7c90d520-5fd6-11ed-b05e-1bed5ce4422c
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://medan.tribunnews.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
prod
traid.jixie.io/sync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://medan.tribunnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://medan.tribunnews.com
Connection
keep-alive
Content-Length
0
Date
Wed, 09 Nov 2022 02:30:37 GMT
Server
elb
Vary
Origin, Access-Control-Request-Headers
X-Powered-By
Express
pd
u.openx.net/w/1.0/ 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
eb2.3lift.com/ 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUJEREVDREYtOTgyRC00MjNFLUI2NjgtMDcxRTMyRUMzRDIw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELtaDH0fg_vCbnxdoXlLqtM&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 02:30:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 09 Nov 2022 02:30:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DFP7BBGFWN&gtm=2oeb70&_p=1600953303&cid=1069401286.1667961033&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667961033&sct=1&seg=0&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&dt=Tribun-medan.com%20-%20Berita%20Terkini%20Medan&en=UA%20pageviews&ep.domain=medan&ep.content_type=homepage&ep.agent=mobile&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DFP7BBGFWN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FYJCTGV1LV&gtm=2oeb70&_p=1600953303&cid=1069401286.1667961033&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667961033&sct=1&seg=0&dl=https%3A%2F%2Fmedan.tribunnews.com%2F&dt=Tribun-medan.com%20-%20Berita%20Terkini%20Medan&en=pageview&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYJCTGV1LV&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medan.tribunnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 02:30:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medan.tribunnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prg.smartadserver.com
URL
https://prg.smartadserver.com/prebid/v1

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| dataLayer object| AdTrack object| pbjs object| googletag function| myAdDoneFunction function| SpotXPrebidRegular function| getCookieUid string| uuid__ number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits function| sendAdserverRequest function| GLightbox function| getVignette object| d function| moveScroller_menu function| moveScroller_sec number| ia number| ibc function| loadmore object| ggeac object| google_tag_data object| google_js_reporting_queue function| moveScroller_boxright function| moveScroller_menu2 function| lozad object| _comscore object| core object| __core-js_shared__ object| firebase object| FB string| site object| uuid_c object| ukid string| id string| jixie_id string| city string| useragent string| uuid function| setCookie function| getCookie object| Base64 object| script string| curr_url string| full_domain string| domain_login string| domain_name string| service string| p_id object| pbjsChunk object| _pbjsGlobals object| _jxbidsq object| __gcse function| ajaxload function| ajaxload2 function| fbox function| fbox_close function| login function| register object| jQuery183022458705780634913 object| Criteo object| google_tag_manager undefined| google_measure_js_timing object| google_reactive_ads_global_state object| din object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal string| GoogleAnalyticsObject function| ga object| jixie_o object| COMSCORE function| udm_ object| ns_p object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_standalone_132 object| Criteo_standalone_132 object| __buffer object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_40709 object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| gaplugins function| onYouTubeIframeAPIReady object| gaData object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| Criteo_prebid_123 object| _mgPageViewEndPoint535833 object| _mgPageView535833 string| _mgPvid object| jxtrkr number| timeout string| actionjixie object| jixie_p object| GoogleGcLKhOms object| ls object| google_image_requests

60 Cookies

Domain/Path Name / Value
.tribunnews.com/ Name: 3bun_session
Value: 2jirnfqig8ei3mqhb0452vuepn7dm9rh
.tribunnews.com/ Name: vignette_cookies_tribun
Value: 1
medan.tribunnews.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.tribunnews.com/ Name: _ga_DFP7BBGFWN
Value: GS1.1.1667961033.1.0.1667961033.60.0.0
.rubiconproject.com/ Name: khaos
Value: LA90XLW3-T-IJR
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qo8DTEqfoLKn14C1LCtWBX9mfsNIvv6Qtp0kTU4st2MuQoPgfwZiL7uVkiLHYMiY0umbGBgRAsmA3KY++jymV4//OcAOQ2chXQTS1P2tDIGrA==
.tribunnews.com/ Name: _ga_FYJCTGV1LV
Value: GS1.1.1667961033.1.0.1667961033.60.0.0
.tribunnews.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.tribunnews.com/ Name: _ga
Value: GA1.2.1069401286.1667961033
.tribunnews.com/ Name: _gid
Value: GA1.2.212527766.1667961033
.tribunnews.com/ Name: _gat_UA-15224089-38
Value: 1
.tribunnews.com/ Name: __gpi
Value: UID=00000b7eb114b2f8:T=1667961032:RT=1667961032:S=ALNI_MZO9G0Znu8-CPvJujYXfL8qQB3YGg
.jixie.io/ Name: _jxx
Value: 7c90d520-5fd6-11ed-b05e-1bed5ce4422c
.jixie.io/ Name: _jxxs
Value: 1667961033-7c90d520-5fd6-11ed-b05e-1bed5ce4422c
.doubleclick.net/ Name: IDE
Value: AHWqTUm2SeLfwLY4vd2QP4F5s5Up9_eDVUqYkNuS8BGKRPlxfeULwnhmo-yo4OGoPSs
.tribunnews.com/ Name: __gads
Value: ID=0720cd58a0c8ce52:T=1667961032:S=ALNI_MYhE6p7ifeTipinRtYj1MZGS36qaA
.mgid.com/ Name: __cf_bm
Value: WJoY2rQYCM7i5bTQwzJSKHP5crbf2.qcvJV3e7p2Tdo-1667961034-0-Aep7NNZxRnmfqidnSa3Ny/zw3Jke006ZxPX/UAkvBh2wF/ETtY0Jxux/j2ffT3gv8zwGNUBDLHwN/VSdDcDswM0=
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: uuid2
Value: 3929538337350653239
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%ws?Z=M!]tbPl1M>e)ZlrFUfJ+tGXxpO<!qe'ZgeAE?OBG)GV(GOCG:VQQ<9-IGQ)sI3If)y3KL9D3I?+2YH?5[
.casalemedia.com/ Name: CMID
Value: Y2sQyhIH5wdtmTLMafV00gAA
.casalemedia.com/ Name: CMPS
Value: 2231
.casalemedia.com/ Name: CMPRO
Value: 2231
.casalemedia.com/ Name: CMTS
Value: 1140
.quantserve.com/ Name: d
Value: EHsBCQHEJ4EA
.quantserve.com/ Name: mc
Value: 636b10ca-a8fcc-ca278-2b850
.adfarm1.adition.com/ Name: UserID1
Value: 7163838092046366875
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1BDDECDF-982D-423E-B668-071E32EC3D20
.360yield.com/ Name: tuuid
Value: 0b094cfc-7763-42a0-9b47-0fb410913c58
.360yield.com/ Name: tuuid_lu
Value: 1667961034
.w55c.net/ Name: wfivefivec
Value: raAv8zTK1OSARk5
.simpli.fi/ Name: suid
Value: 95DCD8124FDA42FFABF253AB7EF435E1
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.adform.net/ Name: uid
Value: 5447743406860768298
.bidswitch.net/ Name: tuuid
Value: 86cc4591-60d6-4798-b972-f8943257c2c3
.bidswitch.net/ Name: c
Value: 1667961034
.bidswitch.net/ Name: tuuid_lu
Value: 1667961034
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=26952494_4307561_351023104_145353403_PO1204A20221103&ref=26952494_4307561_351023104_145353403_PO1204A20221103
.bidswitch.net/ Name: google_push
Value: ASkJ3FaGh6o_QAWKbeRAVGTzn5zyD8kxAI1ZZah391Go5lbDvdbzx7jFuhbvSYMKeV_juXLCxAKcAFuY8MCDINIBw7aJgwOO5o9v
.tribalfusion.com/ Name: ANON_ID
Value: aTntmINj6WkCyhURALhGQ6bfb3w1VTcgkIxDh7JU5kcunX1UBBjbn6xeJiK622AZcEZasWZc6PbMW1aOwPjmAQu0wCB
medan.tribunnews.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fmedan.tribunnews.com%2F%22%2C%22svsds%22%3A1%7D%2C%22C1181811%22%3A%7B%22page%22%3A1%2C%22time%22%3A1667961035411%7D%2C%22C1210784%22%3A%7B%22page%22%3A1%2C%22time%22%3A1667961035389%7D%7D
.criteo.com/ Name: uid
Value: 44c46103-0901-4ebf-ac8e-b48dcfadc533
.mathtag.com/ Name: mt_mop
Value: 4:1667961035
.tribunnews.com/ Name: cto_bundle
Value: d9bIKl9QdzZncXFXNEdta25DRnhPb2JWVHM0S0UlMkZxcDJvNGtqVGhGWllmVDMweVBtRzhtTnNGcUduMGZqTXpzaWIxc3JsZHU2QWI4MEdvUmdhMlJqSk1XYWY0JTJCeldoUU1WWWtwUUVoWnJQUzVOdEROTE9weWp4Z1o4RkIxcGlURGwlMkYyTDdiVDF5ZUslMkZYczhxSzBHdWxCR0liUSUzRCUzRA
.mathtag.com/ Name: uuid
Value: be8b636b-10cb-4000-8b37-6ac053c2f313
medan.tribunnews.com/ Name: _jxx
Value: 7c90d520-5fd6-11ed-b05e-1bed5ce4422c
.tribunnews.com/ Name: _jxx
Value: 7c90d520-5fd6-11ed-b05e-1bed5ce4422c
medan.tribunnews.com/ Name: _jxxs
Value: 1667961033-7c90d520-5fd6-11ed-b05e-1bed5ce4422c
.tribunnews.com/ Name: _jxxs
Value: 1667961033-7c90d520-5fd6-11ed-b05e-1bed5ce4422c
medan.tribunnews.com/ Name: _jx
Value: 7c90d520-5fd6-11ed-b05e-1bed5ce4422c
.tribunnews.com/ Name: _jx
Value: 7c90d520-5fd6-11ed-b05e-1bed5ce4422c
medan.tribunnews.com/ Name: _jxs
Value: 1667961033-7c90d520-5fd6-11ed-b05e-1bed5ce4422c
.tribunnews.com/ Name: _jxs
Value: 1667961033-7c90d520-5fd6-11ed-b05e-1bed5ce4422c
.pubmatic.com/ Name: pi
Value: 156479:3
.pubmatic.com/ Name: SyncRTB3
Value: 1669161600%3A220_21
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELtaDH0fg_vCbnxdoXlLqtM&KRTB&16514-CAESELtaDH0fg_vCbnxdoXlLqtM&KRTB&23025-CAESELtaDH0fg_vCbnxdoXlLqtM&KRTB&23386-CAESELtaDH0fg_vCbnxdoXlLqtM
.pubmatic.com/ Name: PugT
Value: 1667961036
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3

6 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
other warning URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://medan.tribunnews.com/
Message:
The resource https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://medan.tribunnews.com/
Message:
The resource https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.tstatic.net fonts.google.com adservice.google.co.id adservice.google.com *.gstatic.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google-analytics.com datastudio.google.com *.tribunjualbeli.com *.tribunnews.com *.bolasport.com *.grid.id *.gridoto.com *.motorplus-online.com *.kompas.com *.kompasgramedia.com www.kompasiana.com www.kontan.co.id *.ampproject.org *.dailymotion.com *.youtube.com *.ytimg.com *.tawk.io *.jixie.io *.criteo.com i.connectad.io *.mgid.com *.facebook.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.tribalfusion.com
accounts.google.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
apis.kompas.com
asset.kompas.com
bidder.criteo.com
c.mgid.com
c1.adform.net
cdn.ampproject.org
cdn.mgid.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
connect.facebook.net
cse.google.com
d20b0f4b991280a959501ea81806112b.safeframe.googlesyndication.com
dclk-match.dotomi.com
delivery.r2b2.io
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
etarget-emea.adnxs.com
eu-1-id5-sync.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.jixie.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jsc.mgid.com
kompascybermedia-d.openx.net
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
log.r2b2.io
match.360yield.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
medan.tribunnews.com
mug.criteo.com
p4-gsvltkuwlssbu-3pzhbhqmlybrbnrc-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
pm.w55c.net
portal.o2online.de
prebid-asia.creativecdn.com
prg.smartadserver.com
prg8.smartadserver.com
r2b2-emea.adnxs.com
region1.analytics.google.com
s-img.mgid.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.jixie.media
search.spotxchange.com
securepubads.g.doubleclick.net
servicer.mgid.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
sync.teads.tv
t-1.tstatic.net
t-2.tstatic.net
t-3.tstatic.net
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
traid.jixie.io
u.openx.net
um.simpli.fi
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
prg.smartadserver.com
103.132.192.30
103.229.205.243
104.18.18.126
110.238.107.108
114.119.175.30
13.32.121.37
141.95.33.111
141.95.98.65
142.250.181.226
142.250.186.67
162.19.138.117
172.217.18.2
178.250.0.157
18.185.208.235
18.65.39.49
18.66.147.43
18.66.97.75
185.59.208.177
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.79
185.80.39.216
185.86.137.32
185.86.139.58
185.89.210.244
185.94.180.124
2.18.232.7
2001:4860:4802:32::36
2001:4860:4802:38::178
213.19.147.42
23.35.237.56
2600:9000:223f:6400:1b:5138:8a40:93a1
2602:803:c003:200::21
2606:4700:1::6813:844e
2606:4700:20::681a:908
2606:4700::6812:19ad
2606:4700::6812:bcf
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:808::2006
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200d
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9c
2a02:2638:1::13
2a02:2638::24
2a02:2638::3
2a02:6ea0:c700::11
2a02:fa8:8806:20::2010
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.122.84.21
3.33.220.150
34.98.64.218
35.204.74.118
35.244.159.8
36.66.3.171
37.157.3.30
37.252.172.68
37.252.173.213
52.222.214.63
52.222.214.67
52.222.236.15
52.222.236.55
52.48.205.142
54.93.177.145
76.223.111.18
82.113.101.132
85.114.159.93
012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
044fc3eb59e779c96e8687063bc41697b7e19970fa22ee68f570c20edbbebb7f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
0728accf6e1f227a9b89845a044afef5dacdf8f451989ed974e9f6639fdcd937
0946b5e9ddf1d4e3f4d444aef5dbe44b9c1b1ff20004de6eef4d51a6fcbf7d1f
0ab88ceba97e0038e73d25ed8cbc7d377a81dca0327a569d61346d1083984b39
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
10d841ccb81fcf74b2a4c67a2141c49c3f24eb6cfe8e3cf5d6c13ed44213f87d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130368e1880972a560164d6a42407eb853179a8eb98aa11b3ec7605296dfe775
14746c7d21c1aaca46dc0748d8b1dae8a03cf514f5abec0e0b9ff442f58ac851
1605916fcbb5139605bc161e79a01aa9471dadecdbb966e909bc04e2973b4277
161ce96a5de56dbaf405e3fd21d573aae290132e09ae4091061b2085d91d1425
16f267feb8c71c81acd023acc9652fdde0822a14ff9bea3fc182f4b36aff0d1b
17b764c5a6b9947db3e0efa8f93f8091d99d9b381da5bce2710513ddcacdedb0
18758e6a857a7990a37307e29c9d28d80db9d084da60a5e27cfbf066acfe9e1a
1b6a43a7f24c942e8f1ed28c87453afdd7f05a75dc8fdc74a98b857e0732866c
1be0a087633370ec5db2e1dedd7220fbae2d881bf53e27d1c6c947332a2f2651
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e31148c17fa0b3ce48d6eb14c71982b66696b821553db0a7fab95e54f7b27bd
1e5b68d7ccd08ea80ad68cce44ecd39fe69c8f3801baf4bc7bf02c2c63984ca5
1f0d86889701e9c0505b7df581b33b35db59057f2fc368cedb5dc71b27c18bef
1f2636910ed5d720a958d71951e547a8879f2cac5bc78148be1995820f3be25d
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
26611e4f579c7c6d9bd06c96e10d7780c5da29037b9ac1571a4b953f27b5fd31
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
29f725282aeef31b01557ecc7e4ef5e58444ff76f859afcbb012cae123d9a06d
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2f6e7ca45ab674c3e4d5bb40c3b98e19d97834222f470fb71090a81b51daed8f
2f9b99e20e9b72a3542f99d5c55f8d46c18b520e1c17d637ff5d23526a73b54b
2f9ecb8e1c41aeeb8983591498e78e82342ca1fd4be35250764c5494f4ccd05a
2ffff28793023f4cc6d6c930d743a009b4752e9a4bb0a4535fdb6e393158e458
3020314cc1b798e383d8895c4a5a4eedf44a84c2177f7dc5d44d4b55211158f0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
347ea568fa76cd677b93d8751795bdaa2dea47b046e6f81144315799e01acbcd
349544eac2a5e347ebc6e23a6ca44ab6531e59c40f5d337ddddf1270608ce257
378b3aac9f23f23a601eeb907c602a5d021fde41ea7ba208980f68fd52c783ac
395427f376c7c80bf11e9738a4eeb56cb1c845268c9bab441a5ff057081673ca
3992e0ea0ae3f6c1dd0003d5d1623b6b96948c79b7ab6f5085e0eeffaff2de0b
3b9583c278b3639d94454b73a381bfbdbf3f4a849a04a352174cc9c27348c544
3d0c8cd7ea2de197ffeaa20a3108ad38ed3565614f435b111cfbcc5ff6857390
3d365251d0034548751123752d1b00b716d2ef730e67f57f689438cf8a2d9e85
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
3e9bcb9fb091ac3fba889e2203f4145c496a2e1a97ed53c92831a29b23e92400
42a6562cb56831b97e3a808dbe75c1aaec8fd338b332b1aa4dd34440342e0a44
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
44237d6f7b954abc0c4e4ecb391c1166c989132a853dcec3b0bc63bb0b1f8a43
466f49c59589dd9698eb16da5c91c72cbcf6972531e6c2444556fbb98005f9bd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4730daad5fb2bac2d6868018aa47a1366d69e0c46cd432a98fab2dced26d61ee
4778250839f5f7c311698de67b8e44eb8f098b1e181f7dd6fad59c02cf4b5a47
489a65094cfcb77885a7064e62f1094ed98da4d3d2e0a1e749a524649197150d
4a8cdf7c03a39d4aa2f2830f3f05f3a54bb441b6991f91afd2aaa9f7165f26c8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb236fcc5543495fb7a2d1c52452d18ce7d6c4d066ea780ab4a238da5411093
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1583da6c38683eb7abba2c9b2cad109040a6cffa4cabc09bf37735f10c5f8b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dc685ed4935640fc69a56126575082ea8379cf3e588d9f1d7c1c6a1aff762ae
5ebd2e1b961bbef77f1bf08b08af4dad8e349dfdf2bfcf7272d314c49cf23276
5f9790594ea01903178ad509cddbb3d58b5ff680804be1c0fdbb09ff81f72237
6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
647dcbc3049856019f815bdcddba2b5561d3f87ac2c5e98ff1f09f38edfd8e5f
64950a5f556c43b7b58b6a8a57e248f6b3243681a41631408c4e98da4c582284
67a09458aa2b97d54491755dcf3d3d00298de54799b49fded2de6db24e103a94
67c7014fe6c8c1d643dea740c99a9eb314d864535a87098425342a8c8c64553c
67d5278637eb4214fdd4070adc81381785376c917d4d345d2405d195c3cca93a
68a13e98d8f55b2ce26fffc080450dfb62b62f2f4d2b2abbcb5d547582577c82
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a7e260959c0dd98e9b2d17fee09954ba0c5faa81bffad13b1c7a8074ff1d57b
6adf8bdbabb55f51df938ee7384454e81471bf5c5857f072853edbe316f2b880
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f061b380e02f436858e76db0520500568d2fd4555863a2bb9b4ea3e617891c0
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
6f92a1f9afc8c5c6acec86dfa0e74f4b4df9ca22ec26e06467e8c37fe7514663
7013a0133669ab97049ad316e354d064d0fb31bd0efcf5e9b10d9608c3f5bce7
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71c76c3f935b2f4ecc938ee8ca8cc7824ebcbb6dcce65b2f3c904317745a0781
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
726e0b8a396348134d195d62a53eb3506586bf6058d4ec99c4f3762a46d75478
73019fe1876fde1efc56d2756019c67d038af0cd37e9b231556146712fa64842
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79aa57c367c93a86fbf20383e55c0d23134f8b2184d78fcd0661296c3550cce9
7ee392dca9cf6955b327a13a4212fc607bd8b6e01f53237ff2146526d84e0150
7f0229ab7b7b060ff56be2899983c7d6a4b9ba036e992690f40a9a4d875ef984
7ff9d4ae2b3407b031e3359007ff4d7ac9e0b342f25ce44c77d3cb7f14f65043
817c3c0e8004e8edb21061dee878f7d8fa85cea76eae2f3db6b9403d6310161b
82d50266429d4d44805d84a951eeae98de6d4a5f7c6883e4fa829bf5eed4a499
83ff9988e815c6492c161c43ca007675ec54d7c7f221093325e5b0271b89aa8c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88ce10d2ea3123dea6c6fcc1a368e19229ca7bde9b1e11d79f5963fec5a64080
8956083570df6561abc6a57805765bd7c6ad54dd4ccde6750c84597289be1759
8b1da86ba80d89b454c1440a20a65340a9a6d9cb2570bb71a0b26a885bb1f596
8ba485cd5ade91d131f5bc6b41937375e8c7105fac0d8a8d8be365cc7e4a9176
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8eba4a64a6d2b6f3f46dab750b3d0f9532a6c15cda37b33f20e4822468bff052
91969c1090d53c593d7010c2588d2c720982abcbf50eceb9850326dc48aeaf6c
921fc4cc7b41074468b141c5a1696301a04fc8f1d87e438cc6cc1568b3fe8cff
92d6b966c3b2fb58c469e35de5c5cdf8cdaa30ea9bb7a3e15e1b86765f892452
9428a0815b121f5d67fedd4c6f41cd7daf59d6cb101acc96bd3172ce85c3681d
95437285dd43d3658b5a5cbdb2d6ede2f9c11d8b172ecd7c8795145b6aed748e
958a9dfac97be53f97adbff36738769aacae18cb0b2a24bdd7d5744ea2b2bd65
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99dd300f70b33cff7246c8e19268061eefb84cab54398ed804ff215f8db32c77
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9acc0507c5d32ff926b0838bf4345599b8686ec3ca4b4dc0e75d766610404700
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
9cc9f0006799bb4c218d1dc006f0decbe23fddb45381084d29f3750094e2e33e
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
9e350edd1687a60bae4925956fd7242db352c1f11b56015cb4ed0c49644b88d7
9ea0039563b91741674f3c2fe04e78429644819c7620abf6daca7f912b7e2352
9f03c6e02aa965f94f17f3063279a345c0ffb41648202a229f9bd3702f4c2341
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a08e8904caf4e897743cd9db1ce5ae34a1a82aef1e8de3799e8f4124100c0f62
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2e8dae2878029dcb5f4fd4321a054752265a2a9d307c21fb866701fc7471bf0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6b13e62d2bae1d315d6bfd7d20c4354877e301a6a3c5d136e005feeb5b58f2e
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa49f4e0fd7bef2bc8da656e6df44e8fdaf266c8294d42e9b0420b166eeb98d2
aaa4e24f0c5c61766872dc86ce5d94977e7a13764d001633c60c9f8c8e907b66
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac55e1bb592dafcd166e05eb2ff3c87dd283e6cdadce14da6b4e2d97a5354224
ad0acd285b83c1b339779ac56cb9f0a7e3d1c14cbad5495d47472db229efa37a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae27903ac0710c9faf2f50a91764597a8e22e8047b4289d71588c118ed776800
ae2b09edcf7adea52bb3eafb3d085fccf11cfc19c5cc94c9464af1877984aa39
b05e6218d62af483d488d439a06d95da34ff26df8854d47be13c2693f37e2d3f
b0929c6e38b78521316107239c8415db5243274f97e678f69001af4ad3dd98f7
b095db73501882c8569a7857c6511c4dfb3be5dbd4d0a60c9969d919cd0b0d98
b0aafc2781e31e57eb88405c671a2acc5c5540ecaee9b048d590a59a1f6a8f5d
b0fccf88d0ee7903a0708933b870de0a072ec9cfda9b2b8db5f37c7c8651ef46
b13f5abe11e2778cabe8761f98b0b11bec36dfb2bf9941b46de730bb5970c547
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b3ded5c01c45225d1a3f62c728cec913e6c61a7e3871e9f3c6d032cec7170343
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b440cba76f5c8acde8c793b700e82a14c3ece95fa6eead917ae24cb2fe24697f
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
ba9f40d1854c8a80885f6911ccd5b407ceaabb6a310bd9e3436ebb29e66e47b5
baca99faa72930ca2e335ba8b3d073d0f87e48d5e98e841ab02112261103a939
badec949b73175097cbe5d6bacad2b8bb327c4d0939eace1a2975418940782f6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
c021eaddeeff71e75d0674f05e7d086de1d251206265115337c3ca002f9d7885
c09c8b2f95ad16b29b17235f385c632537d407d8ac2a82a23228683d83094479
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c19776aca75a2e7367c8467ec84a922e4d9397734b257bc0bdc7f911d235721c
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c384e161dd9d69bfc6e872774aadc81b3bd7534a97c5541d20a83c120704dbec
c3f7de2b1acc27ddba8c5d25191e851c3ff865014cf2ca108610d5d6cad90334
c4cc3c4828ca3466dd9ae6fc32714aa6dc832c16205e709d78ff886275c39329
c58c91baaa2e7d9a6a8149ed2dbeee454d3a1dff8e71fd4c9ddcf194fd039fcb
c61c9120f5ceaae5b2a05ff1354f51543cbf5aff1491ea216084870920980e86
c6971a482a0e6293ad1dd5a5b2070d855403a2ab517919050dce98d5868e3eaa
c6b4a1908938a2275fd96f67585e925bd5dc372e910254eead0283ebece17b19
c7f15532e060290117ed55883af2d19ef56d2d5492462226e60d5f1269e261aa
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc453b09b4ab460df1b7c7e88e33b13f12a73f355ff0f3b4b934e929867baa3e
ce2cbae3b2d451fe41c153367c507aa2cd58a6f339432eb78a0bf73af1e25f17
ce62b8154d9dc96f234279eee59c90d6143c3a51ea1a8cde4d85070394735a40
cf0ab4af85989d5c939df8969154526fac9311b4cfeb2a40f7fbd3df19255b1e
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d37b031c1861e84a0b9d3e6d6298a38bf77364dda544e5faa50c00711882e3ce
d4c3bf8e509cec6531052bab0daf4f3024e8d04a501eaaa965a54de057580127
d5b37b13050bf9a04dc066869f5c37be231c4b34c824676e4a652c625845b164
d798f58d064f654a56ef08cb2fa155290862cb2b7609624473df1e847626c9fb
d83f151c7f401a8a986e57dc81e6507fc728cdd09f55c65497d81cb88b83cf0e
d846e60a3a68a7746fe49c990877c745feab405a4e1fc9b1760929222d791051
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd12cec30eae0522b933497982b5c6bd19a3943226f95cc052bc789c142717d0
dd7f5a77400f9a7234a7759574f3cdf0a900eee47c871e0c7e8f7b484fc0c3f7
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df4f9c3d7d11a4ba21b585bfdaff006aa925b32c3ec626969a38a5036a5aa03e
dfb821a412dd39129f52a774d8c9abb96a149f202bbaec1121a2c760b1cd54a1
e169cf4f2fde53ff50ff2ecb38b0df2cbc613aaf3b93b2e52202cad8ce93a8bd
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f673d4b83bdd24e439cc6e83418df02e1b8df4b4b7ff24aabaa5adf10f46c3
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce
e8cc93e23c71ea3160a9570789f455f58d497d7c5f86a702992aec2bfc11b38b
e9f38a034a7e5f0ebf6fa2c3b0ba3160034db7045d540d792e84808406e863cf
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e43194d6e5732bbe8ee1401fa1503cbf2b14811d498150583fde029b929ee4
f35bb4bcaf2396e85660c9e3d973f2096814c4953cabf71cd308611ed932d8af
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
f487063d07e520ce44cc9b4ba266fa8df7559d824a2b45ced0cb0a74726e3f8f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f57691f6fa510a20ee12a857ca7996567a4a8fd8b09dbdb5de6113c4f93df2da
f77866ff60225d671556ef89598c6d1e99b81643bedbc95d7f7ec0816cd1659f
f7b087c59e41f61baab97ccc71a85e0ff3647f3ad45fb9f505a942906d819a31
f98455e68cacdf4a309c68b07a5fe4db993695ee437996d4b9b3343f449d9f50
fb7cba05134b2a9be193832c1173da1ce579aeeee8265d33dbb8596e256d8eaf
fde204adfdfd52c090e6b6fa15216dbd479c8b60f1a8ff2361fa5e2d076db267
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76